【单选题】
Refer to the exhibit【nat (inside,outside)dunamic interface】 Which translation technique does this configuration result in?___
A. DynamIc PAT
B. Dynamic NAT
C. Twice NAT
D. Static NAT
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Refer to the exhibit which are repre sents the data center?___
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
推荐试题
【单选题】
推动人生自觉活动的力量可能来源人自身内部或外部的许多方面,但其中最根本最持久的是___。
A. 人的素质和品德
B. 人生的修养和境界
C. 人生理想和信念
D. 人生的情感和态度
【单选题】
实现理想的思想基础是___
A. 解放思想
B. 正确认识理想与现实的关系
C. 创新思维
D. 阶级分析方法
【单选题】
东欧剧变、苏联解体后,中国人民坚定不移的走社会主义道路,中国特色社会主义的成功实践,使社会主义运动又展现了光明的前景。这说明理想的实现是___。
A. 不可预测的
B. 靠运气
C. 艰难曲折的,但要经过坚持不懈的奋斗
D. 非常少的
【单选题】
实现理想会出现逆境,逆境___。
A. 降低了实现理想目标的可能性
B. 不会消解实现理想目标的可能性
C. 提高了实现理想目标的可能性
D. 消解了实现理想目标的可能性
【单选题】
树立中国特色社会主义共同理想的信念,必须坚定对中国共产党的信任、坚定走中国特色社会主义道路的信念、___。
A. 坚定“缩小贫富差距”的信念
B. 坚定实现中华民族伟大复兴的信心
C. 坚定战胜国际金融危机的信念
D. 坚定中国改革成功的信念
【单选题】
理想是人们的世界观、人生观、价值观在奋斗目标上的___。
A. 本质体现
B. 集中体现
C. 统一体现
D. 必然体现
【单选题】
区别高尚充实的人生与庸俗空虚的人生的是___。
A. 有无崇高的道德修养
B. 有无丰富的科学文化知识
C. 有无科学而崇高的理想信念
D. 有无积极向上的精神追求
【单选题】
对个人理想的性质、内容以及实现有决定性影响的是___。
A. 生活理想
B. 职业理想
C. 道德理想
D. 社会理想
【单选题】
确立理想信念最集中和突出的时期是___。
A. 少年时期
B. 青年时期
C. 中年时期
D. 幼儿时期
【单选题】
理想与现实是对立统一的关系。其中统一性体现在___。
A. 理想是“应然”的,现实是“实然”的
B. 理想是观念的,现实是客观的
C. 理想是完美的,现实是有缺陷的
D. 理想来源于现实,在将来又会变成新的现实
【单选题】
一般而言,理想越高远,实现过程就越___。
A. 容易和顺利
B. 复杂和长期
C. 简单和短暂
D. 不需要意志和信心
【单选题】
孔子说“三军可夺帅也,匹夫不可夺志也”;墨子说“志不强者智不达”;诸葛亮说“志当存高远”。这里的“志”是指___。
A. 志趣
B. 志气
C. 理想信念
D. 意志
【单选题】
孙中山曾激励广大青年:“要立志做大事,不要立志做大官。”就是希望青年人要___。
A. 个人奋斗
B. 不做大官
C. 做对自己一生发展有影响的大事
D. 以国家民族的命运为己任,不以个人的荣华富贵为人生理想
【单选题】
信念具有层次性,在下列信念中,较高层次的信念是___。
A. 追求爱情的信念
B. 成为作家的信念
C. 中国特色社会主义的信念
D. 对金钱的崇拜和信仰
【单选题】
一个人“内心空虚、成天无所事事、做一天和尚撞一天钟”,其深层次原因是___。
A. 没有事情可做
B. 缺乏激情
C. 缺乏理想
D. 贪图享受
【单选题】
空想和理想都是人们对未来的一种想象,但空想与理想的根本区别在于:空想___。
A. 最大的发挥了人的主观能动性,实现了人的主体性
B. 是脱离实际的主观臆想,没有实现的可能性
C. 超越了现实,实现了人的自由
D. 是人脑的机能,实现了人对动物的超越
【单选题】
由于生产力发展水平不同,社会性质和人们所处经济政治文化地位不同,所处的阶级关系与阶级地位不同,对社会发展规律认识和把握的深度与广度不同,所以形成的理想也必然不同,这说明理想具有___。
A. 社会性和变化性
B. 民族性与多样性
C. 时代性和阶级性
D. 随意性与不确定性
【单选题】
马克思主义诞生于___。
A. 17世纪
B. 18世纪
C. 19世纪
D. 20世纪
【单选题】
人和动物的区别是人有精神生活,而理想信念是人精神生活的___。
A. 一部分
B. 核心
C. 次要部分
D. 大部分
【单选题】
科学、崇高的理想信念对大学生成长成才具有重要意义,主要表现在:指导大学生做什么人、激励大学生为什么学和___。
A. 指引大学生学什么
B. 指引大学生做什么职业
C. 指引大学生走什么路
D. 指引大学生做什么事
【单选题】
理想从对象上划分为___。
A. 个人理想与社会理想
B. 未成年人理想与成年人理想
C. 工人的理想和农民的理想
D. 职业理想和道德理想
【单选题】
理想按性质划分为___。
A. 空想与幻想
B. 科学理想与非科学理想
C. 长远理想与近期理想
D. 崇高理想与低层次理想
【单选题】
理想具有实现的___。
A. 必然性
B. 偶然性
C. 可能性
D. 随意性
【单选题】
在人的生命历程中,理想和信念是如影随形,相互依存,表现在___。
A. 理想是实现信念的重要保障
B. 信念是理想的根据和前提
C. 理想是信念的根据和前提,信念是实现理想的重要保障
D. 信念产生理想,理想包含在信念中
【单选题】
《共产党宣言》问世于___。
A. 1842年
B. 1748年
C. 1848年
D. 1742年
【单选题】
大学生要树立马克思主义的信仰,因为马克思主义体现了科学性和革命性的统一、马克思主义具有持久的生命力、___。
A. 马克思主义具有鲜明的实践品格
B. 马克思主义是理论
C. 马克思主义学术价值高
D. 马克思主义是伟人马克思、恩格斯创立的
【单选题】
理想从内容上划分为___。
A. 个人理想、社会理想
B. 科学理想、非科学理想
C. 长远理想、近期理想
D. 政治理想、道德理想、生活理想和职业理想
【单选题】
高尔基曾经说过:“一个人追求的目标越高,他的才能就会发展得越快,对社会就越有利益。”说明___。
A. 理想等同于现实
B. 理想是人生前进的动力
C. 理想是人们的主观意志的体现
D. 理想是人们的一种真诚信服与坚决执行的态度
【单选题】
下列有关信念的说法,正确的是___。
A. 所有人的信念应该是一致的
B. 社会成员各自的信念没有相同之处
C. 个人的不同信念之间没有内在联系
D. 高层次的信念代表了一个人的基本信仰
【单选题】
下列关于艰苦奋斗的说法正确的是___。
A. 它要求不讲物质利益,因而只是权宜之计
B. 其主旨在于奋斗,其价值在于奉献
C. 随着物质生活条件的改善,这个要求将逐步过时
D. 没有艰苦奋斗的精神,理想也能转化为现实
【单选题】
“制造永动机”只能是空想而非理想,这一判断可依据理想___特征而得出。
A. 时代性
B. 现实可能性
C. 阶级性
D. 超越性
【单选题】
___是民族精神和时代精神的统一。
A. 中华精神
B. 延安精神
C. 中国精神
D. 长征精神
【单选题】
一个民族赖以生存和发展的精神支柱是___。
A. 民族节气
B. 共同信仰
C. 民族精神
D. 共同的心理素质
【单选题】
___是民族精神的核心。
A. 团结统一
B. 爱好和平
C. 爱国主义
D. 勤劳勇敢
【单选题】
作为一个民族群体意识的载体,___常常被称为国家和民族的“胎记”,是一个国家民族得以延续的“精神基因”。
A. 大好河山
B. 文化传统
C. 骨肉同胞
D. 道德渊源
【单选题】
爱国主义体现了人们对自己祖国的深厚感情,揭示了个人对祖国的依存关系,是人们对自己的家园以及民族和文化的___、认同感、尊严感与荣誉感的统一。
A. 归属感
B. 自豪感
C. 责任感
D. 荣辱感
【单选题】
“一方水土养一方人”、“禾苗离土即死,国家无土难存”。每一个爱国者都会把“保我国土”、“爱我家乡”、维护祖国领土的完整和统一,作为自己的神圣使命和义不容辞的责任。这体现爱国主义的基本要求为___。
A. 爱祖国的大好河山
B. 爱自己的骨肉同胞
C. 爱祖国的灿烂文化
D. 爱自己的国家
【单选题】
___是时代精神的核心。
A. 实事求是
B. 解放思想
C. 艰苦奋斗
D. 改革创新
