【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
推荐试题
【单选题】
下列不属于故障处理反馈工单时的必须填写的内容的是( )___
A. 故障恢复时间
B. 故障原因分析
C. 故障处理过程
D. 故障级别
E.
F.
【单选题】
下列不属于光纤通信系统的主要优点的是___
A. 线路损耗低,传输距离远
B. B、抗干扰能力强,应用范围广
C. C、线径细,重量轻
D. D、光缆的弯曲半径不能过小
E.
F.
【单选题】
下列不属于华为厂家GPON信号丢失告警的含义的是( )___
A. 光纤断裂
B. 光通路质量恶化
C. ONT硬件故障
D. ONT供电异常ONT供电异常
E.
F.
【单选题】
下列不属于局域网协议层次的是()___
A. 物理层
B. 数据链路层
C. 传输层
D. 网络层
E.
F.
【单选题】
下列传输介质中,误码率最低的是___
A. 同轴电缆
B. 光缆
C. 微波
D. 双绞线
E.
F.
【单选题】
题目:IEEE 802.2 标准在以太网技术中代表什么? ___
A. MAC 子层
B. 物理层
C. 逻辑链路控制子层
D. 网络层
E.
F.
【单选题】
下列单板型号中属于光口板的为( )___
A. OI2D
B. SP2D
C. PL1S
D. SP1D
E.
F.
【单选题】
下列告警是线路时钟源倒换条件的是( )___
A. MS_AIS
B. 线路收无光
C. B2误码过量
D. B3误码过量
E.
F.
【单选题】
下列关于ONU远程管理地址的配置的说法正确的是( )___
A. IP地址可以和网关不在一个网段
B. 网段地址和掩码可以填写全0
C. 管理VLAN可以和业务VLAN相同
D. 同一个单板下的ONU最好使用相同的网关
E.
F.
【单选题】
下列关于VLAN的描述中,错误选项为( )___
A. 一个VLAN形成一个小的广播域,同一个VLAN成员都在由所属VLAN确定的广播域内
B. VLAN技术被引入到网络解决方案中来,用于解决大型的二层网络面临的问题
C. VLAN的划分必须基于用户的地理位置,受物理设备的限制
D. VLAN在网络中的应用增强了通讯的安全性
E.
F.
【单选题】
标准接口中通过哪个日志可以判断我司接口告警是否实时上报( )___
A. WRI_1error.file.txt
B. WRI_1evert.file.txt
C. WRI_1Message.file.txt
D. Alarmlog.txt
E.
F.
【单选题】
下列关于制表符的描述中,错误的说法是( )___
A. 按TAB键,光标移动到下一个制表位
B. 制表位符号出现在状态栏上
C. 单击标尺左端的制表符按钮可以改变其类型
D. 在Word 中有五种制表位
E.
F.
【单选题】
下列接地中,用于保护人身和设备安全的是。()___
A. 防雷地
B. 工作地
C. 保护地
D. 都是
E.
F.
【单选题】
下列描述中,属于Excel核心功能的是 ( ) ___
A. 在文稿中制作出来表格
B. 以表格的形式进行计算处理
C. 有很强的表格修饰能力
D. 有很强的表格打印能力
E.
F.
【单选题】
下列哪个不属于传统的数据设备( )___
A. A协议转换器
B. B、光收发器
C. C、
D. DH/PDH D、交换机
E.
F.
【单选题】
通常SDH设备的定时单元的缺省操作模式为 ()___
A. 锁定模式
B. 保持模式
C. 自由振荡模式
D. 正常工作模式
E.
F.
【单选题】
下列哪项不属于集团业务( )___
A. 互联网专线
B. 集团彩铃
C. 集团短信
D. 电路出租
E.
F.
【单选题】
下列哪项不属于巡检报告/记录必须包含的内容.( )___
A. 现场环境、设备运行状况
B. 客户信息
C. 线缆走线和破损情况
D. 标识标签张贴情况
E.
F.
【单选题】
下列哪项是专项工作处理流程的质量控制点.( )___
A. 任务完成质量
B. 数据准确性
C. 响应时间
D. 现场到达时间
E.
F.
【单选题】
下列哪项硬件操作会影响业务( )___
A. 拔插光分波板ODU
B. 拔插光合波板OMU
C. 拔插光分插复用板OAD
D. 拔插光放大板OLA
E.
F.
【单选题】
下列哪种环的保护通道不是空闲的(不传额外业务)()___
A. 两纤单向通道环
B. 两纤双向复用段环
C. 四纤双向复用段环
D. 两纤单向复用段环
E.
F.
【单选题】
波分系统中,下面哪些原因不会导致业务出现误码__。( )___
A. 色散补偿不合理,欠补或过补
B. 入线路纤的光功率过高或过低
C. 发端OTU单板的发送激光器性能劣化
D. 光监控通道光功率过低,光监控通道有误码
E.
F.
【单选题】
下列那一个不是SDH网的特点( )。___
A. 具有全世界统一的接口标准
B. 大量运用软件进行系统配置的管理
C. 复用映射结构灵活
D. 指针调整技术降低了设备复杂性
E.
F.
【单选题】
下列设备中哪个不是传输接入类设备()___
A. PDH
B. V.35/G.703协议转换器
C. PBX
D. 光MODEM
E.
F.
【单选题】
下列说法正确的是( )___
A. 对于单向通道环上的站点,所有不在本地上下的业务均需在本站单向穿通
B. 单向通道环的上下业务为西收/西发业务;
C. 对于链上的站点,业务穿通和上下业务需配置为单向;
D. 通道环保护的关键是交叉板的倒换,复用段环倒换的关键是支路板的双发选收
E.
F.
【单选题】
下列说法正确的有( )___
A. 在进行性能监视设置时,性能监视起始时间设为与网元当前时间一致。
B. B. OptiX设备单板支持带电拔插,当判断出某单板故障须更换时,可直接手握单板将其拔出更换。
C. C. SCC板上的ALC开关的作用是永久关闭蜂鸣告警声。 D.
D. 当拨打公务电话选呼不通时,可先群呼一遍,再选呼可能可通。
E.
F.
【单选题】
正确的Internet地址是( )___
A. 202.0.40.570
B. 192.112.36.25
C. 128.174.5.6.15
D. 32.230.100
E.
F.
【单选题】
下列说法中不属于限制光纤带宽主要因素的是___
A. 模式色散
B. 材料色散
C. 波导色散
D. 瑞利散射
E.
F.
【单选题】
下列四项中,能够作为单元格名称的是( )___
A. GT54
B. R4C18
C. FENSHU24
D. 8CLASS
E.
F.
【单选题】
下列所述的网络设备具有连接不同子网功能的是___
A. 网桥
B. 二层交换机
C. 集线器
D. 路由器
E.
F.
【单选题】
下列通道级告警中曾经做为PQ1板TPS倒换条件的是( )___
A. TU_AIS
B. TU_LOP
C. E1_LOC;
D. E1_AIS
E.
F.
【单选题】
下列项目中,哪个不是时钟的参数()___
A. 频偏
B. 失步范围
C. MTIE
D. 消光比
E.
F.
【单选题】
下列字节不是MSOH的是 ___
A. S1
B. E1
C. M1
D. D12
E.
F.
【单选题】
不是路由器的作用的是()___
A. 子网协议转换
B. 隔离网络,防止网络风暴,指定访问规则(防火墙)
C. 子网间的速率适配
D. 异种网络互连
E.
F.
【单选题】
下面( )表示业务受到影响 ___
A. TU_AIS
B. MS_RDI
C. R_LOS
D. ETH_LOS
E.
F.
【单选题】
下面( )种NTIO不支持语音模块:___
A. MANC-A
B. MANC-B
C. MANC-C
D. MANC-D
E.
F.
【单选题】
下面()命令用于测试网络是否连通。___
A. netstart
B. nslookup
C. ping
D. ftp
E.
F.
【单选题】
通道组信息里的(100/*)*号是代表什么( )___
A. 通道组数目
B. 电路数目
C. 网元数目
D. 网块数目
E.
F.
【单选题】
下面不是UPS电池日常维护工作的是( )___
A. 电池端电压检查
B. 电池端子连接检查
C. 电池外观检查
D. 电池容量与温度测试
E.
F.
【单选题】
下面不是UPS输出特性的是( )___
A. 输出电压稳定度
B. 旁路电压范围
C. 过载能力
D. 整机效率
E.
F.
