【单选题】
When an administrator initiates a device wipe command from the ISE, what is the immediate effect?___
A. It requests the administrator to choose between erasing all device data or only managed corporate data.
B. It requests the administrator to enter the device pin or password before proceeding with the operation
C. It notifies the device user and proceeds with the erase operation
D. It immediately erases all data on the device
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is a valid implicit permit rule for traffic that is traversing the ASa firewall?___
A. ARPs in both directions are permitted in transparent mode only
B. Unicast IPv4 traffic from a higher security interface to a lower security interface is permittee in routed mode only.
C. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only.
D. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in transparent mode.
E. Only BPDUs from a higher security interface to a lower secur ity interface are permitted in routed mode
【单选题】
A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URl and becoming infected with malware ?___
A. Enable URL filtering on the perimeter router and add the URls you want to block to the router's local URL list
B. Enable URL filtering on the perimeter firewall and add the URls you want to allow to the router's local URL list.
C. Enable URL filtering on the perimeter router and add the URls you want to allow to the firewall's local URL list
D. Create a blacklist that contains the URl you want to block and activate the blacklist on the perimeter rout
E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router.
【单选题】
How does PEAP protect the EAP exchange ?___
A. It encrypts the exchange using the server certificate
B. It encrypts the exchange using the client certificate
C. It validates the server-supplied certificate,and then encrypts the exchange using the client certificate
D. It validates the client-supplied certificate,and then encrypts the excha nge using the server certificate
【单选题】
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks?___
A. contextual analysis
B. holistic understanding of threats
C. graymail management and filtering
D. signature-based IPS
【单选题】
Refer to the exhibit【nat (inside,outside)dunamic interface】 Which translation technique does this configuration result in?___
A. DynamIc PAT
B. Dynamic NAT
C. Twice NAT
D. Static NAT
【单选题】
Refer to the exhibit which are repre sents the data center?___
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
推荐试题
【多选题】
下列关于消费价格指数的说法正确的有 ___
A. 通货膨胀率一般以居民消费价格指数来表示
B. 居民消费价格指数上涨,货币购买力下降
C. 居民消费价格指数下降,货币购买力下降
D. 消费价格指数的提高意味着实际工资的减少
【多选题】
以下关于汇率理论的正确看法有。___
A. 购买力平价理论把汇率的变化归结于购买力的变化
B. 利率平价理论侧重研究因利率差异引起的资本流动与汇率决定之间的关系
C. 国际收支说是从国际收支角度分析汇率决定的理论
D. 在资产市场说中,汇率超调被认为是由商品市场价格粘性引起的
【多选题】
以下观点错误的有。___
A. 风险中性定价理论是指现实世界中投资者的风险态度是中性的
B. 利率期限结构反映了特定时刻市场上不同到期时间的零息票债券到期收益率
C. 弱式效率市场假说意味着股票未来价格与股票的历史价格无关,技术分析无效
D. 我国公司的融资偏好与公司财务理论中的融资偏好次序理论是相一致的
【多选题】
以下对自然失业率描述不当的有。___
A. 恒为零
B. 依赖于价格水平
C. 是经济处于潜在产出水平时的失业
D. 是没有摩擦性失业时的失业率
【多选题】
下列哪些活动不会导致基础货币增加?。___
A. 降低再贴现率
B. 提高存款准备金率
C. 政府增税
D. 央行在公开市场进行正回购
【多选题】
总需求扩张在哪些情况下是有效的(对增加产量和就业有效)?___
A. 总供给曲线水平
B. 总供给曲线有正斜率
C. 总供给曲线垂直
D. 总供给曲线有负斜率
【多选题】
下列有关“流动性陷阱”的说法正确的是___
A. “流动性陷阱”是凯恩斯提出的一种假说。
B. LM曲线是水平的,财政政策完全无效
C. LM曲线是垂直的,财政政策完全有效
D. LM曲线是水平的,财政政策完全有效
【多选题】
财政部向发行国债,不会增加基础货币___
A. 公众
B. 企业
C. 商业银行
D. 中央银行
【多选题】
关于期权和到期日,下列表述不正确的是___
A. 对于到期日确定的期权来说,在其他条件不变时,随着时间的流逝,其时间价值的减少是递增的
B. 对于到期日确定的期权来说,在其他条件不变时,随着时间的流逝,其时间价值的减少是递减的
C. 对于到期日确定的期权来说,在其他条件不变时,随着时间的流逝,其时间价值的减少是不变的
D. 当时间流逝同样的长度,在其他条件不变时,期限长的期权时间价值的减少幅度将大于期限短的期权时间价值的减小幅度
【多选题】
下列属于商业银行资产管理理论的是___
A. 商业性贷款理论
B. 资产可转换性理论
C. 预期收入理论
D. 资产组合理论
【多选题】
下列不属于蒙代尔最优货币区理论主张用以确定最适货币区标准的是。___
A. 物价充分稳定
B. 生产要素的高度流动
C. 充分就业
D. 经济的高度开放性
【多选题】
下列不属于信用创造工具的是___
A. 货币互换交易
B. 大额可转让定期存单
C. 票据发行便利
D. 可转债
【多选题】
不属于选择性货币政策工具的是___
A. 法定存款准备金政策
B. 再贴现政策
C. 公开市场业务
D. 证券市场信用控制
【多选题】
下列对均衡价格表述不正确的有___
A. 供给和需求相等时的价格
B. 不会变动的价格
C. 供给量和需求量相等时的价格
D. 成交价格
【多选题】
假定其他条件不变,需求弹性(绝对值)越大,则___
A. 消费者负担的税收越少
B. 生产者负担的税收越多
C. 生产者收益越大
D. 税收负担可能增加也可能减少,要看对谁课税
【多选题】
今年美国在华公司的销售收入增加,那么以下情形成立的是___
A. 美国的GDP增加
B. 中国的GDP减少
C. 美国的GNP增加
D. 美国的消费增加
【多选题】
在固定汇率制度下,下列表述正确的有___
A. 利率上升会引起国外资本流入
B. 货币政策未必有效
C. 财政政策未必有效
D. 利率与国际收支无关
【多选题】
下列说法哪些是正确的?___
A. 风险厌恶投资者拒绝公平游戏的投资
B. 风险中性的投资者只通过预期收益来评价风险资产
C. 风险厌恶的投资者只通过风险来评价风险资产
D. 风险喜好者不参与公平游戏
【多选题】
银行通过下列哪种活动不会创造货币?___
A. 减少超额准备
B. 从央行购买政府债券
C. 从贷款中获得收益
D. 为客户提供转帐服务
【多选题】
下列各项会计业务处理要求中,符合谨慎性原则的有__________
A. 不导致夸大资产
B. 不虚增账面利润
C. 扩大所有者权益
D. 不扩大所有者权益
【多选题】
下列机构中属于世界银行集团的是___
A. 国际复兴开发银行
B. 国际开发协会
C. 国际金融公司
D. 国际清算银行
【多选题】
消费者只购买面包和黄油,如果面包价格下降,那么___
A. 收入效应引起黄油消费的上升
B. 收入效应与替代效应都引起黄油消费的下降
C. 替代效应引起黄油消费的上升
D. 收入效应和替代效应相互抵消,从而商品需求保持不变
【多选题】
消费者选择提前消费或延迟消费,与有关系.___
A. 消费者偏好
B. 消费者剩余
C. 消费者对未来的预期收入
D. 市场利率状况
【多选题】
下列因素中将影响可贷资金的供给。___
A. 政府财政赤字
B. 家庭储蓄
C. 中央银行的货币供给
D. 利用外资
【多选题】
下列对流通中的现钞表述错误的有___
A. 商业银行的资产
B. 商业银行的负债
C. 中央银行的资产
D. 中央银行的负债
【多选题】
中央银行直接信用指导的方法有___
A. 信用配额
B. 存贷款最高利率限制
C. 窗口指导
D. 直接干预
【多选题】
下列各项中是金融压抑的表现。___
A. 利率自由化
B. 信贷配额
C. 金融监管
D. 金融资产单调
【多选题】
中央银行的职能有___
A. 集中存款准备金
B. 发行货币
C. 代理国库
D. 最后贷款人
【多选题】
在一个资本可以自由流通的开放经济中,当其他条件不变时,紧缩性的货币政策将导致。___
A. 产出下降
B. 本国货币升值
C. 产出上升和本国货币升值
D. 产出下降和本国货币贬值
【多选题】
下列对可转换证券表述错误的有___
A. 长期看涨期权
B. 长期看跌期权
C. 短期看涨期权
D. 短期看跌期权
【多选题】
风险转移的方法有。___
A. 保险
B. 套期保值
C. 分散投资
D. 互换
【多选题】
股票价格已经反映了所有的历史信息,如价格的变化状况、交易量变化状况等,因此技术分析手段对了解股票价格未来变化没有帮助。对这一市场表述错误的有___
A. 强有效市场
B. 次强有效市场
C. 弱有效市场
D. 无效市场
【多选题】
根据李嘉图等价定理,政府发行公债不会___
A. 引起通货膨胀
B. 引起经常账户赤字
C. 对私人投资产生挤出效应
D. 使利率升高
【多选题】
在治理通货膨胀对策中,通过公开市场业务出售政府债券不属于___
A. 控制需求政策
B. 改善供给政策
C. 收入指数化政策
D. 紧缩的财政政策
【多选题】
为了鼓励消费,宜采用下列消费信用形式中的___
A. 分期付款
B. 信用卡业务
C. 发放消费信贷
D. 预付
【多选题】
下面关于本币贬值的说法中正确的是___
A. 有利于改善一国的旅游和其他服务收入
B. 有利于减少单方面转移的收入
C. 可能引发国内通货膨胀
D. 在进口商品需求弹性充分的条件下阻碍进口增长
【多选题】
下面交易中不要承担汇率风险的是___
A. 套汇
B. 掉期
C. 抵补套利
D. 非抵补套利
【多选题】
作为一种汇率制度,货币局制下可以实现的经济目标是___
A. 经济稳定发展
B. 抑制通货膨胀
C. 促进国际贸易
D. 货币坚挺
【多选题】
公司偿债能力指标包括。___
A. 现金比率
B. 负债比率
C. 速动比率
D. 流动比率
【多选题】
关于债券久期,以下说法不正确的是___
A. 修正久期是价格变化的绝对数
B. 债券组合的久期可通过其所含债券的久期的加权平均来计算
C. 有效久期与修正久期的值是一样的
D. 若修正久期为x,收益率变化1个基本点将使债券价格变化x%
