【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
推荐试题
【单选题】
JSBXC-850型继电器的前圈电阻是_______。[321010103]___
A. 370Ω
B. 425Ω
C. 850Ω
D. 925Ω
【单选题】
JSBXC-850型时间继电器连接端子51-52时,动作时间为_______。[331010103]___
A. 180s±27s
B. 180s±9s
C. 180s±18s
D. 180s±10s
【单选题】
向继电器线圈供以规定的电压或电流后,切断电源,从断开电源时起至全部动接点离开前接点的时间为_______。[331010103]___
A. 吸起时间
B. 缓放时间
C. 缓吸时间
D. 缓动时间
【单选题】
JSBXC-850型时间继电器在单结晶体管和电容已固定的情况下,不同的时间是靠调整_______的阻值确定缓吸时间。[321030101]___
A. R6-R13
B. R6-R11
C. R6-R7
D. R6-R9
【单选题】
_______为半波整流型继电器。[321010103]___
A. JZXC-0.14
B. JZXC-480
C. JZXC-H18
D. JZXC-20000
【单选题】
整流式继电器当一个整流元件开路时,其工作值_______。[321010103]___
A. 不变
B. 降低一倍
C. 增加一倍
D. 增加二倍
【单选题】
JZXC-480型继电器中的桥式整流器有一个整流元件短路,全波整流变成半波整流、整流效率降低一半,故继电器工作值_______。[321010103]___
A. 不变
B. 高出一倍
C. 减小
D. 为零
【单选题】
继电器的同种类接点应同时接触或同时断开,普通接点与普通接点之间误差不大于_______。[321010103]___
A. 0.05mm
B. 0.1mm
C. 0.2mm
D. 0.3mm
【单选题】
闭路式道口控制器中的轨道继电器采用_______型安全型继电器。[331010103]___
A. JWXC-1700
B. JZXC2-480
C. JWXC-2.3
D. JPXC1-H270
【单选题】
偏极继电器加反向_______电压时,衔铁不应吸起,以保证其工作的可靠性。[331010102]___
A. 100V
B. 200V
C. 220V
D. 300V
【单选题】
JWXC-H340型继电器的额定值为直流_______。[311010102]___
A. 12V
B. 24V
C. 50V
D. 220V
【单选题】
有两轨道电路区段:1Ω电阻使其中一个区段轨道继电器落下的轨道电路比0.1Ω电阻使轨道另一区段轨道继电器落下的轨道电路灵敏度_______。[331010103]___
【单选题】
在轨道电路限流电阻作用之一是:当轨道电路送电端轨面_______时保护送电电源不会被烧坏。[323010204]___
【单选题】
单独使用氧化锌电阻器和硒片时,其电压额定值在直流回路中应不低于工作电压的_______。[311010103]___
A. 1.5倍
B. 2倍
C. 2.2倍
D. 2.5倍
【单选题】
轨道电路区段无车占用,轨道继电器落下(开路式)或吸起(闭路式),轨道电路这种状态就是_______状态。[313010204]___
【单选题】
能够使轨道继电器释放的_______值称为该轨道电路的分路灵敏度。[322010204]___
A. 最小分路电阻
B. 最大分路电阻
C. 最小分路电流
D. 最大分路电流
【单选题】
JZXC-480型轨道电路:在轨道电路分路不利处所的轨面上,用0.06Ω标准分路电阻线分路时,轨道继电器的交流端电压不大于2.7V,继电器应_______。[323010204]___
A. 可靠吸起
B. 可靠落下
C. 保持吸起
D. 保持落下
【单选题】
JZXC-480型轨道电路测试盘上的表头发生短路故障时,_______发生烧保险故障。[322010204]___
A. 会
B. 可能
C. 不会
D. 有车占用时会
【单选题】
JZXC-480型轨道测试盘上同时只能测试一个轨道电路区段的_______。[311010204]___
A. 交流电压
B. 直流电压
C. 交直流电流
D. 交直流电压
【单选题】
CTCS-2列控系统应答器设置在_______。[312030204]___
A. 闭塞分区入口处
B. 闭塞分区出口处
C. 闭塞分区中间
D. 闭塞分区任意位置
【单选题】
自动闭塞区间通过色灯信号机编号为888的是指_______。[322000000]___
A. 第88架信号机
B. 第888km处的信号机
C. 上行88km,700~900m处的信号机
D. 下行88km,700~900m处的信号机
【单选题】
TYJL-Ⅱ型计算机联锁系统在驱动单元的驱动信号端和驱动回线(高电位)端测量驱动电源的电压时,应为_______的脉动电压。[321010102]___
A. 1V~2V
B. 2V~3V
C. 3V~4V
D. 4V~7V
【单选题】
胶接式绝缘接头、粘接式绝缘轨距杆的绝缘电阻值应大于_______。[323010103]___
A. 0.5MΩ
B. 1MΩ
C. 1.5MΩ
D. 2MΩ
【单选题】
单相整流电路按其电路结构特点来分,有半波、全波、_______三种整流电路。[323010102]___
【单选题】
滤波电容器的数值一般在几微法到几百微法,其耐压应大于负载的输出电压_______。[222000000]___
A. 平均值
B. 有效值
C. 最大值
D. 最小值
【单选题】
微分电路RC时间常数τ_______输入波形周期。[332010102]___
【单选题】
为提高电容器的容量和减小体积,两电极之间介质采用电解质,这种电容器称为_______,使用时应注意电容器正、负的极性。[232000000]___
A. 纸介电容器
B. 云母电容器
C. 电解电容器
D. 涤纶电容器
【单选题】
_______的测量,多数是测量峰—峰值或是峰到波谷之间的数值。[332010102]___
A. 交流
B. 交流分量
C. 直流
D. 脉冲电压
【单选题】
放大器中的电流负反馈电路,主要起稳定工作点和_______的作用。[322010102]___
A. 抗干扰
B. 直接耦合
C. 输入阻抗高
D. 限流
【单选题】
在输入电源、旁路或电池供电之间任意切换,UPS的转换时间均应小于_______。[321010102]___
A. 4ms
B. 6ms
C. 8ms
D. 10ms
【单选题】
UPS的最小容量应能满足计算机信息记录、储存、退出系统等有关运行所需的时间,应不少于_______。[321010102]___
A. 3min
B. 5min
C. 8min
D. 10min
【单选题】
CTCS-2中,下列_______为紧急制动模式。[321010104]___
A. EB
B. NB
C. W.REL
D. SW
【单选题】
当用针式打印机打印时,发现打印出的文字变淡,应_______。[321000000]___
A. 更换打印机
B. 更换打印头
C. 更换打印共享器
D. 更换色带
【单选题】
“中国列车运行控制系统”的英文缩写是_______。[321000000]___
A. CTC5
B. TDCS
C. CTC
D. CTCS
【单选题】
CTCS2-200H型车载列控系统“车载安全计算机”的英文缩写是_______。[321000000]___
A. VC
B. BTM
C. TIU
D. DRU
【单选题】
CTCS2-200H型车载列控系统“应答器信息接收单元”的英文缩写是_______。[321000000]___
A. VC
B. BTM
C. TIU
D. DRU
【单选题】
CTCS2-200H型列控系统“记录单元”的英文缩写是_______。[321000000]___
A. VC
B. BTM
C. TIU
D. DRU
【单选题】
CTCS2-200H型列控系统“制动接口单元”的英文缩写是_______。[321000000]___
A. VC
B. BTM
C. TIU
D. DRU
【单选题】
列控车载设备“车载安全计算机”的英文缩写是_______。[321030101]___
A. VC
B. STM
C. BTM
D. DRV
【单选题】
_______的既有提速线路,客运专线,宜采用CTCS-2级列控系统。[322000000]___
A. 100km/h~160km/h
B. 160km/h~200km/h
C. 200km/h~250km/h
D. 250km/h~300km/h
