【单选题】
Refer to the exhibit which are repre sents the data center?___
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
推荐试题
【单选题】
新形势下加强和规范党内政治生活,重点是______,关键是高级干部特别是中央委员会、中央政治局、中央政治局常务委员会的组成人员。___
A. 党的各级代表大会代表
B. 各级领导干部
C. 各级领导机关和领导干部
D. 各级领导机关
【单选题】
全党必须聚精会神抓好发展这个党执政兴国的第一要务,坚持以______为中心的发展思想,统筹推进“五位一体”总体布局和协调推进“四个全面”战略布局。___
A. 经济建设
B. 人民
C. 改革
D. 创新
【单选题】
坚决维护______、保证全党令行禁止,是党和国家前途命运所系,是全国各族人民根本利益所在。___
A. 党的基本路线
B. 党的领导
C. 党规党纪
D. 党中央权威
【单选题】
______是党最根本、最重要的纪律,遵守党的______是遵守党的全部纪律的基础。___
A. 工作纪律
B. 政治纪律
C. 组织纪律
D. 群众纪律
【单选题】
______是党的生命,是党内政治生活积极健康的重要基础。___
A. 党内教育
B. 党内自由
C. 党内团结
D. 党内民主
【单选题】
党要管党、从严治党必须从______管起、严起。 ___
A. 党内政治生活
B. 党的民主生活
C. 党的组织生活
D. 党的基层工作
【单选题】
《关于新形势下党内政治生活的若干准则》明确规定,必须把______作为开展党内政治生活的首要任务。 ___
A. 坚定理想信念
B. 严明党的纪律
C. 加强党内民主
D. 坚持民主集中制
【单选题】
______是党内政治生活正常开展的重要制度保障。 ___
A. 纪律严明
B. 组织生活制
C. 民主集中制
D. 批评与自我批评
【单选题】
加强和规范党内政治生活,必须以______为根本遵循。___
A. 党章
B. 法律
C. 党内监督条例
D. 宪法
【单选题】
加强和规范党内政治生活,关键是______。___
A. 各级领导机关和领导干部
B. 高级干部
C. 基层干部
D. 全体干部
【单选题】
中国共产党人的精神支柱和政治灵魂是______。___
A. 马列主义
B. 共产主义理想
C. 中国特色社会主义共同理想
D. 共产主义远大理想和中国特色社会主义共同理想
【单选题】
党内政治生活正常开展的根本保证是______。___
A. 党在社会主义初级阶段的基本路线
B. 坚定理想信念
C. 纪律严明
D. 坚决维护党中央权威
【单选题】
加强和规范党内政治生活的重要目的是______。___
A. 坚决维护党中央权威、保证全党令行禁止
B. 实现共产主义和中国特色社会主义
C. 建设党内民主
D. 为全党统一意志、统一行动提供保障
【单选题】
加强和规范党内政治生活的根本要求是______。___
A. 坚决维护党中央权威、保证全党令行禁止
B. 为全党统一意志、统一行动提供保障
C. 坚定理想信念
D. 坚持全心全意为人民服务的根本宗旨、保持党同人民群众的血肉联系
【单选题】
加强和规范党内政治生活的重要举措是______。___
A. 自律
B. 批评和自我批评
C. 监督
D. 举报
【单选题】
加强和规范党内政治生活的重要任务是______。___
A. 为全党统一意志、统一行动提供保障
B. 全心全意为人民服务
C. 建设廉洁政治,坚决反对腐败
D. 为全党统一意志、统一行动提供保障
【单选题】
考察识别干部特别是高级干部必须首先看______。___
A. 是否坚定不移贯彻党的基本路线
B. 是否坚持实事求是
C. 是否坚持群众路线
D. 是否坚持理论联系实际
【单选题】
______是全党统一意志、统一行动、步调一致前进的重要保障,是党内政治生活的重要内容。___
A. 实事求是
B. 从严治党
C. 向党中央看齐
D. 纪律严明
【单选题】
加强和规范党内______是全党的共同任务,必须全党一起动手。 ___
A. 政治生活
B. 党纪严明
C. 问责机制
D. 民主法治
【单选题】
开展严肃认真的党内______,是我们党的优良传统和政治优势。___
A. 民主生活
B. 组织生活
C. 政治生活
D. 制度生活
【单选题】
一九八O年,党的______深刻总结历史经验特别是“文化大革命”的教训。___
A. 十一届三中全会
B. 十二届三中全会
C. 十一届五中全会
D. 十二届五中全会
【单选题】
新形势下加强和规范党内政治生活,坚持党的______。___
A. 政治路线、思想路线、组织路线、群众路线
B. 政治路线、核心路线、组织路线、群众路线
C. 政治路线、大局路线、组织路线、群众路线
D. 政治路线、思想路线、纪律路线、群众路线
【单选题】
加强和规范党内政治生活,要着力提高党的领导水平和______、增强拒腐防变和抵御风险能力。___
A. 立法水平
B. 执纪标准
C. 执法水平
D. 执政水平
【单选题】
高级干部特别是中央领导层组成人员必须以身作则,模范遵守党章党规,严守______。___
A. 党的组织纪律和组织规矩
B. 党的政治纪律和政治规矩
C. 党的政治纪律和组织纪律
D. 党的政治纪律和政治生活准则
【单选题】
______动摇是最危险的动摇,______滑坡是最危险的滑坡。___
A. 政治信仰
B. 政治信念
C. 革命理想
D. 理想信念
【单选题】
在改造客观世界的同时不断改造主观世界,解决好______这个“总开关”问题。___
A. 世界观、人生观、价值观
B. 世界观、人生观、名利观
C. 世界观、人生观、大局观
D. 世界观、人生观
【单选题】
______上的坚定清醒是政治上坚定的前提。___
A. 理想信念
B. 思想理论
C. 思想觉悟
D. 政治理论
【单选题】
必须全面贯彻执行党的基本路线,把以______为中心同坚持四项基本原则、坚持改革开放这两个基本点统一于中国特色社会主义伟大实践。___
A. 党的建设
B. 人才建设
C. 经济建设
D. 政治建设
【单选题】
坚持正确选人用人导向,是严肃党内政治生活的______。___
A. 政治保证
B. 基本保证
C. 纪律保证
D. 组织保证
【单选题】
党员受到警告处分______内不得在党内提升职务。___
【单选题】
受到留党察看处分的党员,在恢复党员权利后______内,不得在党内担任和向党外组织推荐担任与其原任职务相当或者高于其原任职务的职务。___
【单选题】
在干部选拔任用工作中,违反干部选拔任用规定,对直接责任者和领导责任者,情节严重的,给予______处分。___
A. 严重警告
B. 撤销党内职务
C. 留党察看
D. 开除党籍
【单选题】
在考试、录取工作中,有泄露试题、考场舞弊、涂改考卷、违规录取等违反有关规定行为的,给予警告或者严重警告处分;情节较重的,______;情节严重的,给予开除党籍处分。___
A. 给予警告或者严重警告处分
B. 给予撤销党内职务或者留党察看处分
C. 给予留党察看或者开除党籍处分
D. 不追究其责任
【单选题】
临时出国(境)团(组)或者人员中的党员,擅自延长在国(境)外期限,或者擅自变更路线的,对直接责任者和领导责任者,给予______。___
A. 警告或者严重警告处分
B. 行政处分
C. 撤销党内职务或留党察看
D. 开除党籍
【单选题】
在民主推荐、民主测评、组织考察和党内选举中搞拉票、助选等非组织活动的,给予______。___
A. 通报批评
B. 警告或者严重警告
C. 撤销党内职务或者留党察看
D. 开除党籍
【单选题】
在特殊时期或者紧急状况下,拒不执行党组织决定的,给予______。___
A. 通报批评
B. 警告或者严重警告
C. 撤销党内职务或者留党察看
D. 留党察看或者开除党籍
【单选题】
违反公务接待管理规定,超标准、超范围接待或者借机大吃大喝,对直接责任者和领导责任者,情节较重的,给予警告或者严重警告处分;情节严重的,给予______处分。___
A. 撤销党内职务
B. 留党察看
C. 撤销党内职务
D. 留党察看或者开除党籍
【单选题】
收受可能影响公正执行公务的礼品、礼金、消费卡等,情节较重的,给予______处分。___
A. 严重警告
B. 留党察看
C. 开除党籍
D. 撤销党内职务或者留党察看
【单选题】
党的各级代表大会的代表受到______以上(含留党察看)处分的,党组织应当终止其代表资格。___
A. 警告
B. 严重警告
C. 撤销党内职务
D. 留党察看
【单选题】
生活奢靡、贪图享乐、追求低级趣味,造成不良影响的,给予警告或者严重警告处分;情节严重的,给予______处分。___
A. 开除党籍
B. 留党察看
C. 撤销党内职务
D. 留党察看或开除党籍
