【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
推荐试题
【单选题】
(32946)对柴油机的节温器,其正确的描述是( )。(1.0分)___
A. 节温器是换热装置
B. 节温器是自动调节水温的阀,既能保证柴油机可靠地冷却,又不致因水温过低,影响柴油机正常运行
C. 节温器使用电控制阀门
D. 节温器能对冷却水起过滤作用
【单选题】
(32947)柴油机的电启动装置中,对其组成部分,描述正确的是( )。(1.0分)___
A. 蓄电池、电压表、发电机及调节器、启动电机、照明设备
B. 蓄电池、电流表、启动电机、照明设备
C. 蓄电池、温度表、启动电机、照明设备
D. 蓄电池、转速表、启动电机、照明设备
【单选题】
(32948)柴油机功率一般在( )kW以下,采用人力启动。(1.0分)___
【单选题】
(32949)当柴油机达到( )r/mim以上时,硅整流充电发电机与发电机调节器配合工作,开始向蓄电池充电。(1.0分)___
A. 800
B. 1000
C. 1200
D. 1500
【单选题】
(32950)柴油机中下列润滑油的路线正确的是( )。(1.0分)___
A. 油底壳→机油粗滤网→机油泵→机油滤清器→机油冷却器
B. 油底壳→机油粗滤网→机油滤清器→机油冷却器→机油泵
C. 油底壳→机油粗滤网→机油泵→机油冷却器→机油滤清器
D. 油底壳→机油粗滤网→机油滤清器→机油泵→机油冷却器
【单选题】
(32951)柴油机中,下列部件润滑方式正确的是( )。(1.0分)___
A. 连杆轴承采用飞溅润滑
B. 主轴承采用压力润滑
C. 气缸壁采用压力润滑
D. 配气机构采用人工润滑
【单选题】
(32952)对于柴油机的润滑,不正确的说法是( )。(1.0分)___
A. 不仅机油能起到润滑作用,燃油也可起到润滑作用
B. 润滑可以减少摩擦力
C. 润滑可以降低摩擦面温度
D. 润滑可以减轻穴蚀
【单选题】
(32953)对于电机,下列正确的说法是( )。(1.0分)___
A. 电机以磁场作为中间媒介的双向能量的转换装置
B. 电机转换的一定是电能
C. 电机转换的一定是机械能
D. 电机转换的一定是化学能
【单选题】
(32954)下列都属于电机的一类机器是( )。(1.0分)___
A. 发电机、电动机、柴油机、控制电机
B. 发电机、电动机、汽油机、控制电机
C. 发电机、电动机、蒸汽机、控制电机
D. 发电机、电动机、变压器、控制电机
【单选题】
(32955)当导体在磁力线中运动时,下列说法正确的是( )。(1.0分)___
A. 只要导体在磁力线中运动时,就会产生感生电动势
B. 只要导体在磁力线中运动时,就会产生感生电动流
C. 只要导体切割磁力线,就会产生感生电动势
D. 只要导体在磁力线中运动时,就会受到电磁力的阻力
【单选题】
(32956)当导线切割磁力线运动时,导体中产生感生电动势,对感生电动势的大小正确的描述是( )。(1.0分)___
A. 与磁感应强度成反比
B. 与导线的长度成反比
C. 与导线的移动速度成正比
D. 与导线的运动方向成正比
【单选题】
(32957)对于电机的能量转换,正确的说法是( )。(1.0分)___
A. 电机正常工作,必定会有电能转换
B. 电机正常工作,必定会有机械能转换
C. 电机正常工作,必定会有化学能转换
D. 电机正常工作,不管转换什么能量,都一定会遵守能量守恒定律
【单选题】
(32958)马拉松电机采用进口的NSK双列调心滚子轴承,其润滑脂采用SRI-2油脂,温度范围是( )℃。(1.0分)___
A. -20~150
B. -20~170
C. -30~170
D. -40~150
【单选题】
(32959)发电车上的马拉松电机与柴油机连接时,为了对准联轴器片与柴油机飞轮中的螺孔,正确的操作方式是( )。(1.0分)___
A. 通过发电机风扇拨动转子
B. 同时拨动发电机风扇与柴油机飞轮
C. 只拨动柴油机的飞轮
D. 交替拨动发电机风扇与柴油机飞轮
【单选题】
(32960)发电车用马拉松电机联轴器片的力矩是( )N·m。(1.0分)___
A. 259
B. 359
C. 459
D. 559
【单选题】
(32961)发电车的充电柜输入的AC380三相交流电经三相桥式整流之后,给24V蓄电池充电时,其输出的直流电电压范围在( )V。(1.0分)___
A. 24~26
B. 26~28
C. 27~30
D. 28~32
【单选题】
(32962)发电车的充电柜输入的AC380三相交流电经三相桥式整流之后,给48V蓄电池充电时,其输出的直流电电压范围在( )V。(1.0分)___
A. 50~56
B. 55~58
C. 58~60
D. 56~60
【单选题】
(32963)康明斯发电车启动电源柜内三台启动电机主回路中的保险容量是( )A。(1.0分)___
A. 200
B. 300
C. 400
D. 500
【单选题】
(32964)发电车24V蓄电池与48V蓄电池的用法,正确的说法是( )。(1.0分)___
A. 24V蓄电池既用作启机用,又用作照明用
B. 48V蓄电池在应急情况下,可通过改变接线方式用作启机
C. 当24V蓄电池电量亏损时,可用48V蓄电池给24V蓄电池充电
D. 当24V与48V电池都出现亏损时,可将两组蓄电池串起来启动柴油机组
【单选题】
(32965)发电车的辅助供油装置中,燃油流动路线方向正确的是( )。(1.0分)___
A. 下油箱→燃油泵→燃油粗滤器→上油箱→磁性滤清器→机组→下油箱
B. 下油箱→燃油粗滤器→燃油泵→上油箱→磁性滤清器→机组→下油箱
C. 下油箱→燃油粗滤器→燃油泵→磁性滤清器→上油箱→机组→下油箱
D. 下油箱→燃油粗滤器→燃油泵→上油箱→机组→磁性滤清器→下油箱
【单选题】
(32966)发电车下油箱里隔板的作用,其说法正确的是( )。(1.0分)___
A. 防止燃油发生爆炸
B. 防止燃油因冬季低温时结蜡
C. 防止油箱发生泄漏
D. 加强油箱强度并缓冲列车运行时,燃油因惯性对油箱的冲动
【单选题】
(32967)发电车辅助供油装置中,有关油阀的“开”和“关”的位置,正确的说法是( )。(1.0分)___
A. 应急情况下,使用手摇泵泵油时,与交流燃油泵直接相连的油阀均需打开
B. 机组停机后需关闭该机与上油箱连通的油阀
C. 上油箱放油阀在运行中必须打开
D. 下油箱的连通管油阀在正常情况下,必须关闭
【单选题】
(32968)发电车的燃油粗滤器和磁性滤清器,在( )级保养时必须拆开清洗。(1.0分)___
【单选题】
(32969)发电车装在侧墙上的旋风式过滤器,对其作用不正确的说法是( )。(1.0分)___
A. 进气通道的首端
B. 过滤进气中的大颗粒杂质
C. 过滤进气中的水滴
D. 增加进气中的含氧量
【单选题】
(32970)对发电车的柴油机排烟口的防雨帽,要经常检查,一旦出现( )情况时,要立即检修。(1.0分)___
A. 打开时能自动落下
B. 打开时不能自动落下
C. 转动很灵活
D. 密封严实
【单选题】
(32971)发电车的柴油机进气装置中,空气流动方向正确的是( )。(1.0分)___
A. 进气风道→旋风式过滤器→空气滤清器→增压器→中间冷却器
B. 旋风式过滤器→进气风道→增压器→空气滤清器→中间冷却器
C. 旋风式过滤器→进气风道→空气滤清器→中间冷却器→增压器
D. 旋风式过滤器→进气风道→空气滤清器→增压器→中间冷却器
【单选题】
(32972)发电车的备用机油箱的容量是( )L。(1.0分)___
A. 80
B. 90
C. 100
D. 110
【单选题】
(32973)发电车机油供装置中,通常装有( )。(1.0分)___
A. 一台机油泵
B. 二台机油泵
C. 一台手摇机油泵
D. 没有机油泵,用人工领来机油倒入机油箱中
【单选题】
(32974)发电车的机油供给装置的作用是( )。(1.0分)___
A. 贮存机油备用
B. 贮存废机油
C. 为了“B”级保养时排机油方便
D. 为了在“B”级保养中,自动换机油
【单选题】
(32975)发电车机房内,烟火报警传感器不能探测到的火灾隐患因素的是( )。(1.0分)___
A. 烟雾
B. 高温
C. 火焰
D. 适量一氧化碳
【单选题】
(32976)发电车的烟火报警器具有下列正确的功能的是( )。(1.0分)___
A. 能检测到烟雾、高温、火焰气体
B. 报警时,有时间记忆
C. 可以进行手动报警
D. 一旦有少量火灾隐患时,可自动喷撒灭火剂
【单选题】
(32977)发电车的烟火报警器正常工作时的电源供给,正确的是( )。(1.0分)___
A. 烟火报警器主机自带电源
B. 发电车提供的交流380V电源
C. 发电车提供的交流220V,或直流48V电源
D. 发电车提供的直流24V电源
【单选题】
(32978)发电车烟火报警器下列正确的工作原理图是( )。(1.0分)___
A. 火患源→烟火报警器探头→输入回路→声光报警器→输出回路→消防联动灭火设备或报警、记录广播单元
B. 烟火报警器探头→火患源→输入回路→声光报警器→输出回路→消防联动灭火设备或报警、记录广播单元
C. 火患源→烟火报警器探头→声光报警器→输入回路→输出回路→消防联动灭火设备或报警、记录广播单元
D. 火患源→烟火报警器探头→声光报警器→输入回路→输出回路→消防联动灭火设备或报警、记录广播单元
【单选题】
(32979)TCDS不能监控的下列因素的是( )。(1.0分)___
A. 空调故障
B. 基础制动系统故障
C. 发电车燃油不足
D. 客车事故
【单选题】
(32980)TCDS实现远程监控报警时,下列( )不是必备的环节。(1.0分)___
A. 无线通讯装置
B. 地面数据管理专家
C. 车辆乘务员
D. 局域网
【单选题】
(32981)TCDS对主要行车故障进行实时监控时,下列( )不是其中的功能之一。(1.0分)___
A. 实时监测诊断
B. 记录和存储
C. 集中显示和报警
D. 进行故障消除
【单选题】
(32982)TCDS实时监控数据不包括的是( )。(1.0分)___
A. 客车状态数据
B. 故障特征参数
C. 分析数据
D. 发电车柴油机运行数据
【单选题】
(32983)TCDS的主要功能中,不能通过GPRS发送的是( )。(1.0分)___
A. 车辆故障和报警事件
B. 报警和故障的定时通报
C. 列车的GPS定位信息
D. 车辆乘务员当班饮酒
【单选题】
(32984)TCDS实时数据传输流程正确的是( )。(1.0分)___
A. GPRS实时数据→移动公网→铁路局网络安全传输平台→铁路局5T双机服务器→车辆段双机服务器
B. GPRS实时数据→铁路局网络安全传输平台→移动公网→铁路局5T双机服务器→车辆段双机服务器
C. GPRS实时数据→铁路局网络安全传输平台→铁路局5T双机服务器→移动公网→车辆段双机服务器
D. GPRS实时数据→移动公网→车辆段双机服务器→铁路局网络安全传输平台→铁路局5T双机服务器
【单选题】
(32985)在接触器的电磁机构中,下列( )不是其组件之一。(1.0分)___
A. 电磁线圈
B. 铁芯
C. 衔铁
D. 触头
