【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
推荐试题
【单选题】
在地表的风向稍微不同于地表之上几千英尺高度的风向的原因是:___
A. 当地地形影响气压
B. 地面有较强的地转偏向力
C. 风和地面之间的磨擦作用
【单选题】
使原来静止的空气产生垂直运动的作用力,称为:___
A. 对流冲击力
B. 气动作用力
C. 热力作用力
【单选题】
白天,在太阳辐射作用下,山岩地、沙地、城市地区比水面、草地、林区、农村升温快,其上空气受热后温度高于周围空气,因而体积膨胀,密度减小,使浮力大于重力而产生上升运动。这种现象会引起:___
A. 压差作用力
B. 温差作用力
C. 热力对流冲击力
【单选题】
下列哪种属于动力对流冲击力:___
A. 山坡迎风面对空气的抬升
B. 气流辐合辐散时造成的空气水平运动
C. 气温变化造成的空气抬升或下降
【单选题】
在温暖的天气飞行在较低高度,有时会遇上湍流空气,以下描述正确的是:___
A. 很可能在在路面和荒地上空发生上升气流
B. 在类似成片树林的广阔植被区域发生上升气流
C. 在大片水体区域发生上升气流
【单选题】
接近地面的对流气流会影响驾驶员操控的能力,下列说法哪种正确:___
A. 在最后进近时,来自全无植被的地形的下降气流有时会产生下沉效应,导致飞过预期的着陆点
B. 在一大片水体或者稠密植被的区域之上进近会趋于产生一个下沉效应,导致着陆在不到预期的着陆点。
C. 在一大片水体或者稠密植被的区域之上进近会趋于会产生漂浮效应,导致飞过预期的着陆点
【单选题】
下列说法正确的是:___
A. 因为空气总是寻找低压区域,所以气流会从高压区域向低压的区域流动
B. 因为空气总是寻找高压区域,所以气流会从低压区域向高压的区域流动
C. 是风产生了压力,所以风的尽头压力高
【单选题】
地面风具有明显日变化的主要原因是:___
A. 气压的变化
B. 摩擦力的变化
C. 乱流强度的变化
【单选题】
形成海陆风的对流性环流的原因是因为:___
A. 从水面吹向陆地的空气较暖,密度小,导致空气上升
B. 陆地吸收和散发热量比水面快
C. 从水面吹向陆地的空气冷,密度大,使空气上升
【单选题】
地面的地形和大的建筑物会:___
A. 汇聚风的流向
B. 产生会快速改变方向和速度的阵风
C. 产生稳定方向和速度的阵风
【单选题】
和地面建筑物有关的湍流强度依赖于障碍物的大小和风的基本速度,在山地区域时这种情况甚至更加明显。风越过山脊时:___
A. 风沿着迎风侧平稳地向上流动
B. 风沿着迎风侧湍流逐渐增加
C. 风沿着背风侧平稳地向下流动
【单选题】
风吹来时,那种局地风向不断改变,风速一阵大一阵小的现象称为:___
【单选题】
大气稳定度指整层空气的稳定程度,有时也称大气垂直稳定度。以哪种运动来判定:___
A. 以大气的气温垂直加速度运动来判定
B. 以大气的气温垂直速度运动来判定
C. 以大气的气压垂直速度运动来判定
【单选题】
大气中某一高度的一团空气,如受到某种外力的作用后,产生向上或向下运动时,称为稳定状态的是:___
A. 移动后,加速向上或向下运动
B. 移动后逐渐减速,并有返回原来高度的趋势
C. 外力作用消失后,以匀速持续运动
【单选题】
气温高低,如何影响飞机滑跑距离:___
A. 气温高时,空气密度小,飞机增速慢,飞机的离地速度增大,起飞滑跑距离要长
B. 气温低时,空气密度小,飞机增速快,飞机升力减小,起飞滑跑距离要长
C. 气温高时,空气密度大,飞机增速快,飞机升力增大,起飞滑跑距离要短
【单选题】
气温对飞机最大平飞速度的影响为___
A. 气温低时,空气密度大,飞机发动机的推力增大,最大平飞速度增加
B. 气温低时,空气密度大,空气的阻力增加,最大平飞速度减小
C. 气温高时,空气密度小,空气的阻力增减小,最大平飞速度增加
【单选题】
夜间温度降低,低层常常出现逆温,会使得:___
A. 早晨天气晴朗
B. 早晨有雾和烟幕
C. 早晨有大风
【单选题】
相对湿度,是指:___
A. 空气中水汽含量与饱和水汽含量的百分比
B. 空气中水汽压与饱和水汽压的百分比
C. 空气中水分占空气总量的百分比
【单选题】
露点温度指空气在水汽含量和气压都不改变的条件下,冷却到饱和时的温度。形象地说,就是空气中的水蒸气变为露珠时候的温度叫露点温度。下述哪个正确:___
A. 当空气中水汽已达到饱和时,气温与露点温度相同
B. 当水汽未达到饱和时,气温一定低于露点温度
C. 在100%的相对湿度时,周围环境的温度高于露点温度
【单选题】
空气中容纳水汽的数量随气温变化,气温越高,则:___
A. 可以容纳的水汽就越少
B. 可以容纳的水汽就越多
C. 当空气不能再容纳更多的水汽时,温度就会变化
【单选题】
飞机外表面的冰霜雪等:___
A. 会引起飞机操纵效能增加
B. 会出现指令仰角变化和滚转
C. 会使外表面变的粗糙,增加阻力,减少升力
【单选题】
雾通常发生在接近地面的空气温度冷却到空气的露点时,是从地表开始:___
A. 50英尺内的云
B. 80英尺内的云
C. 100英尺内的云
【单选题】
根据国际民航组织的规定,云满天时的云量为:___
【单选题】
机场上空高度较低的云会直接影响飞机的起降。其中,危害最大的云是:___
【单选题】
一般而言,气团的垂直高度可达几公里到十几公里,常常从地面伸展到对流层顶。水平范围为:___
A. 几十公里到几千公里
B. 几十公里到几百公里
C. 几公里到几百公里
【单选题】
气团的分类方法正确的是:___
A. 冷气团和干气团
B. 暖气团和湿气团
C. 北冰洋气团、极地气团,热带气团、赤道气团
【单选题】
下面关于气团的叙述哪一个正确:___
A. 我国地域广大,能形成各种气团
B. 气团离开源地,其性质将会发生变化
C. 气团只形成于极地和大洋地区
【单选题】
离开源地移至与源地性质不同的下垫面时,气团的物理属性逐渐发生变化,这个过程称为气团的变性。一般说来:___
A. 冷气团移到暖的地区变性快,而暖的气团移到冷的地区变性慢
B. 冷气团移到暖的地区变性慢,而暖的气团移到冷的地区变性快
C. 暖气团移到暖的地区,冷气团移到冷的地区不变性
【单选题】
关于锋面,下列哪种描述正确:___
A. 锋面就是不同方向的风交汇的界面
B. 锋面就是温度、湿度等物理性质不同的两种气团的交界面
C. 锋面就是风场与地面的交线,也简称为锋
【单选题】
在锋面经过机场时,要特别注意的是:___
A. 可能出现高度极低的风切变
B. 可能出现风沙天气
C. 雨层云中的连续性小雨
【单选题】
暖锋是指:___
A. 锋面在移动过程中,暖空气推动锋面向冷气团一侧移动的锋
B. 一侧气团温度明显高于另一侧气团温度的锋
C. 温度较高与温度较低的两个气团交汇时,温度高的一侧
【单选题】
冷锋是指:___
A. 冷气团主动向暖气团移动形成的锋称为冷锋
B. 一侧气团温度明显低于另一侧气团温度的锋
C. 温度较高与温度较低的两个气团交汇时,温度低的一侧
【单选题】
快速移动的冷锋受实际锋面后远处的强烈压力系统推动,在快速移动的冷锋之后:___
A. 可能出现乌云密布的天空和下雨
B. 天空通常很快放晴
C. 阵风减缓和温度升高
【单选题】
暖锋和冷锋在特性上是非常不同的:___
A. 冷锋以10~25英里每小时速度移动
B. 暖锋以20~35英里每小时速度移动
C. 暖锋产生差的能见度和下雨,冷锋产生突发的阵风,紊流
【单选题】
当来自北方的冷气团和来自南方的暖气团,两者势均力敌、强度相当时,它们的交锋区很少移动,这种锋面称为:___
【单选题】
形成雷暴的基本条件是:___
A. 充足的水汽和上升运动
B. 充足的水汽、不稳定的大气和上升运动
C. 浓积云,充足的水汽和锋区
【单选题】
雷暴处于发展阶段时:___
A. 地面气压持续下降
B. 地面气压持续上升
C. 地面气压保持不变
【单选题】
雷暴到达成熟阶段以后,随着积雨云中迅速下沉的冷空气到达地面后,风向突转,风力迅速增大,阵风风速常在:___
A. 10m/s
B. 20m/s
C. 30m/s
【单选题】
一般雷暴单体的生命史根据垂直气流状况可分为三个阶段:___
A. 积云阶段、成熟阶段、消散阶段
B. 积云阶段、成风阶段、雷雨阶段
C. 温升阶段、降雨阶段、消散阶段
【单选题】
在雷暴的生存周期中,哪一阶段的特征使云中充满下降气流:___
