【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
推荐试题
【判断题】
460根据《刑法》修正案,依法负有信息披露义务的公司、企业向股东和社会公众提供虚假的或者隐瞒重要事实的财务会计报告,或者对依法应当披露的其他重要信息不按照规定披露,严重损害股东或者其他人利益,或者有其他严重情节的,对其直接负责的主管人员和其他直接责任人员,处三年以下有期徒刑或者拘役,并处或者单处十万元以上五十万元以下罚金
【判断题】
461根据《上市公司信息披露管理办法》,发行人编制招股说明书应当符合中国证监会的相关规定。凡是对投资者作出投资决策有重大影响的信息,均应当在招股说明书中披露,公开发行证券的申请经中国证监会核准后,发行人应当在证券发行前公告招股说明书
【判断题】
462根据《上市公司信息披露管理办法》,上市公司董事、监事、高级管理人员应当对公司信息披露的真实性、准确性、完整性、及时性、公平性负责,但有充分证据表明其已经履行勤勉尽责义务的除外。上市公司董事长、经理、董事会秘书,应当对公司临时报告信息披露的真实性、准确性、完整性、及时性、公平性承担主要责任。上市公司董事长、经理、财务负责人应对公司财务报告的真实性、准确性、完整性、及时性、公平性承担主要责任
【判断题】
463根据《首次公开发行股票并在创业板上市管理办法》,中国证监会自申请文件受理之日起六个月内,依法对发行人的发行申请作出予以核准、中止审核、终止审核、不予核准的决定,并出具相关文件,发行人根据要求补充、修改发行申请文件的时间不计算在内
【判断题】
464根据《关于在上市公司建立独立董事制度的指导意见》,独立董事可以在股东大会召开前公开向股东征集投票权
【判断题】
465根据《上市公司章程指引》,监事会有权提议召开临时股东大会
【判断题】
466根据《上市公司章程指引》,董事会决议内容违反公司章程的,股东有权自决议作出之日起30日内,请求人民法院撤销
【判断题】
467根据《上市公司章程指引》,对股东大会作出的公司合并、分立决议持异议的股东,有权要求公司收购其股份
【判断题】
468根据《上市公司章程指引》,持有公司6%有表决权股份的股东,将股份进行质押,应在质押完成后的2日内向公司作出书面报告
【判断题】
469根据《上市公司章程指引》,公司股东应按照持有股份的比例行使表决权,但公司章程另有规定的除外
【判断题】
470根据《上市公司治理准则》,董事会秘书由公司总经理兼任,不违反相关规定
【判断题】
471根据《上市公司治理准则》,董事会可聘请董事会成员之外的专业人士担任专门委员会成员
【判断题】
472李某为甲公司高级管理人员,根据《上市公司章程指引》,经过股东大会同意,李某可以与公司订立合同或进行交易
【判断题】
473根据《公司法》,股份公司董事长由董事会以全体董事超过2/3选举产生
【判断题】
474根据《公司法》,股份公司监事会成员中应当有职工代表
【判断题】
475根据《公司法》,监事的任期为每届不超过3年,任期届满,连选可以连任
【判断题】
476根据《证券法》,持有公司5%以上股份的股东的高级管理人员,不属于证券交易的内幕信息知情人员
【判断题】
477根据《上市公司股东大会规则》,单独或合计持有公司3%以上股份的股东,可以在股东大会召开10日前提出临时提案并书面提交召集人
【判断题】
478根据《上市公司章程指引》,上市公司监事会有权对董事会编制的公司定期报告进行审核并提出书面审核意见
【判断题】
479根据《首次公开发行股票并上市管理办法》,发行人的总经理在其实际控制人处兼任董事,但不领取薪酬,对上市构成实质性障碍
【判断题】
480根据《首次公开发行股票并上市管理办法》,发行人在发行后股本总额不少于人民币3000万元,符合发行条件
【判断题】
481甲公司拟于2015年6月在主板上市,2013年4月更换了监事,根据《首次公开发行股票并上市管理办法 》,对上市不构成实质性障碍
【判断题】
482甲公司拟在中小板上市,乙公司为其控股股东,丙公司为乙公司全资子公司。李某是甲公司董事长兼总裁,根据《深圳证券交易所中小企业板上市公司规范运作指引》,李某可以兼任乙公司和丙公司的董事
【判断题】
483甲公司拟在中小板上市,乙公司为其控股股东。李某是甲公司董事长兼总裁,根据《深圳证券交易所中小企业板上市公司规范运作指引》,李某可以兼任乙公司的监事会主席
【判断题】
484根据《首次公开发行股票并上市管理办法》,拟在主板市场首次公开发行股票并上市的发行人,发行前股本总额不少于人民币3000万元
【判断题】
485根据《首次公开发行股票并上市管理办法》,保荐出具的发行保荐书、证券服务机构出具的有关文件应当作为招股说明书的备查文件,在中国证监会指定的网站上披露,并置备于拟上市证券交易所,以备公众查阅
【判断题】
486根据《首次公开发行股票并上市管理办法》,发行人董事会应依法就首次公开发行股票并上市的具体方案作出决议
【判断题】
487根据《首次公开发行股票并在创业板上市管理办法》,全体董事、监事和高级管理人员应在招股说明书上签字,声明对招股说明书的真实性、准确性、完整性和及时性承担个别和连带的法律责任
【判断题】
488根据《首次公开发行股票并上市管理办法》,招股说明书的有效期为6个月,自公开发行前招股书最后一次签署之日起计算
【判断题】
489根据《首次公开发行股票并在创业板上市管理办法》,发行人应当将招股说明书披露于公司网站,时间 不得早于在中国证监会指定网站刊登全文的时间
【判断题】
490根据《首次公开发行股票并上市管理办法》,招股说明书全文、有关备査文件不得刊登于商业性网站
【判断题】
491根据《首次公开发行股票并上市管理办法》,发行人应当在发行前将招股说明书摘要刊登于至少2种中国证监会指定的报刊
【判断题】
492根据《首次公开发行股票并上市管理办法》,证券发行申请经中国证监会核准后至发行结束前,发生重要事项的,发行人应当向中国证监会书面说明,并经中国证监会同意后,修改招股说明书或者作相应补充
【判断题】
493根据《首次公开发行股票并上市管理办法》,发行人应在招股说明书及其摘要披露后5日内,将正式印刷的招股说明书全文文本一式五份,分别报送中国证监会及其在发行人注册地的派出机构
【判断题】
494根据《深圳证券交易所股票上市规则》,创业板上市公司拟在下半年实行公积金转增股本的,需要对半 年度报告进行审计
【判断题】
495根据《上市公司信息披露管理办法》,监事会就相关重大事件形成决议时,上市公司应及时披露
【判断题】
496根据《上市公司信息披露管理办法》,公司某一监事知道重大事项时,上市公司应及时披露
【判断题】
497根据《深圳证券交易所创业板股票上市规则》,创业板上市公司预计全年度、半年度、前三季度出现净利润与上一期相比上升或下降50%以上时,应当及时进行业绩预告
【判断题】
498根据《深圳证券交易所股票上市规则》,中小板企业预计全年度、半年度、前三季度出现期末净资产为负时,应当应当及时进行业绩预告
【判断题】
499根据《深圳证券交易所股票上市规则》,上市公司最近2年连续亏损(净利润以扣除非经常性损益前后低者为根据),证券交易所对其股票交易实行退市风险警示