【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
推荐试题
【单选题】
2Cr13钢是___型不锈钢
A. 马氏体
B. 铁素体
C. 奥氏体
D. 奥氏体-铁素体
【单选题】
奥氏体不锈钢的电阻率___
A. 比碳钢低
B. 比碳钢高
C. 与碳钢一样
D. 略低于碳钢
【单选题】
加热温度 ___℃是不锈钢晶间腐蚀的危险温度区,或称敏化温度区
A. 150-450℃
B. 450-850℃
C. 850-950℃
D. 950-1050℃
【单选题】
超低碳奥氏体不锈钢碳的质量分数为≤___
A. 0.14%
B. 0.08%
C. 0.06%
D. 0.03%
【单选题】
___不是奥氏体不锈钢焊接时为减小焊接残余应力采取的工艺措
A. 采用小线能量
B. 焊前预热
C. 采用短焊道焊
D. 适当的焊后锤击施
【单选题】
___不是奥氏体不锈钢焊接时防止热裂纹的措施
A. 严格限制焊缝中硫、磷等杂质的质量分数
B. 选用双相组织的焊条
C. 采用小线能量,多层多道焊
D. 选用酸性焊条
【单选题】
___不是奥氏体不锈钢的焊接工艺特点
A. 不能进行预热和后热工艺
B. 采用小线能量,小电流快速焊
C. 要快速冷却
D. 焊前预热
【单选题】
___不是奥氏体不锈钢焊条电弧焊工艺操作必须遵循的原则
A. 选用碱性焊条,采用直流反接
B. 采用多层多道焊
C. 采用焊条不摆动的窄道焊
D. 控制焊道间温度,冷却到60℃左右再焊下一道
【单选题】
焊接热裂纹可看成是拉应力和___两者联合作用而形成的
A. 低熔点共晶
B. 氢
C. 淬硬组织
D. 氮化物
【单选题】
___不是促成冷裂纹的主要因素
A. 钢种淬硬倾向大,产生淬硬组织
B. 接头受到的拘束应力大
C. 较多扩散氢的存在和聚集
D. 较多氧的存在和聚集
【单选题】
按规定参数烘干焊条、焊剂是防止 ___的措施之一
A. 夹渣
B. 气孔
C. 热裂纹
D. 未焊透
【单选题】
工件表面锈皮未清除干净会引起___
A. 气孔
B. 再热裂纹
C. 咬边
D. 弧坑
【单选题】
___不是产生夹渣的原因
A. 焊层、焊道之间清渣不干净
B. 焊接电流太小
C. 焊接速度太快
D. 未按规定参数烘干焊条、焊剂
【单选题】
___不是产生未焊透的原因
A. 坡口钝边过大,间隙太小
B. 焊接电流过小,焊接速度过快
C. 短弧焊接
D. 焊接时电弧磁偏吹
【单选题】
钨极直径太小、焊接电流太大是产生 ___的原因之一
A. 夹钨
B. 热裂纹
C. 再热裂纹
D. 未焊透
【单选题】
下列缺陷一般除___外,均需进行返修
A. 焊缝表面有裂纹
B. 焊缝内部有超过图样和标准规定的缺陷
C. 焊缝表面有气孔、夹渣
D. 深度不大于0.5mm、连续长度不大于100mm的咬边
【单选题】
___不是焊接检验的目的
A. 发现焊接缺陷
B. 检验焊接接头的性能
C. 确保产品的焊接质量
D. 测定焊接残余应力
【单选题】
___不是非破坏性检验
A. 致密性试验
B. 水压试验
C. 着色检验
D. 金相检验
【单选题】
___不属于破坏性检验
A. 水压试验
B. 弯曲试验
C. 冲击试验
D. 耐腐蚀试验
【单选题】
在射线探伤胶片上呈圆形、椭圆形黑点,其黑度一般是中心处较大并均匀地向四周边缘减小的缺陷是___
【单选题】
在射线探伤胶片上呈单独黑点,外形不太规则,带有棱角,黑度较均匀的缺陷是___
A. 点状夹渣
B. 条状夹渣
C. 气孔
D. 未熔合
【单选题】
我国射线探伤标准规定,焊缝质量分为四个等级, ___是1级焊缝内允许存在缺陷
A. 气孔
B. 未熔合
C. 未焊透
D. 条状夹渣
【单选题】
我国射线探伤标准规定,焊缝质量分为四个等级,___是2级焊缝内允许存在的缺陷
【单选题】
单相桥式可控整流电路电感性负载时,控制角α的移相范围是___。
A. 0~90°
B. 0~360°
C. 0~180°
D. 0~270°
【单选题】
单相桥式可控整流电路电阻性负载,晶闸管中的电流平均值是负载的___倍。
【单选题】
晶闸管两端并联压敏电阻的目的是实现___。
A. 过压保护
B. 过流保护
C. 防止冲击电流
D. 防止冲击电压
【单选题】
断路器中过电流脱扣器的额定电流应该大于等于线路的___。
A. 最大过载电流
B. 最大短路电流的
C. 最大允许电流
D. 最大负载电流
【单选题】
接触器的额定电压应不小于主电路的___。
A. 短路电压
B. 工作电压
C. 最大电压
D. 峰值电压
【单选题】
对于工作环境恶劣、启动频繁的异步电动机,所用热继电器热元件的额定电流可选为电动机额定电流的___倍。
A. 0.95~1.05
B. 1.05~1.15
C. 1.15~1.50
D. 0.85~0.95
【单选题】
中间继电器的选用依据是控制电路的___、电流类型、所需触点的数量和容量等。
A. 电压等级
B. 阻抗大小
C. 短路电流
D. 绝缘等级
【单选题】
根据机械与行程开关传力和位移关系选择合适的___。
A. 电流类型
B. 电压等级
C. 接线型式
D. 头部型式
【单选题】
用于指示电动机正处在旋转状态的指示灯颜色应选用___。
【单选题】
BK系列控制变压器适用于机械设备中一般电器的___、局部照明及指示电源。
A. 控制电源
B. 电动机
C. 油泵
D. 压缩机
【单选题】
对于环境温度变化大的场合,不宜选用___时间继电器。
A. 手动式
B. 液压式
C. 晶体管式
D. 电动式
【单选题】
压力继电器选用时首先要考虑所测对象的压力范围,还要符合电路中的额定电压,所测管路___。
A. 绝缘等级
B. 电阻率
C. 接口管径的大小
D. 材料
【单选题】
直流电动机___、价格贵、制造麻烦、维护困难,但是启动性能好、调速范围大。
A. 结构小巧
B. 结构庞大
C. 结构简单
D. 结构复杂
【单选题】
直流电动机的转子由电枢铁心、___、换向器、转轴等组成。
A. 机座
B. 主磁极
C. 电枢绕组
D. 换向极
【单选题】
直流电动机按照励磁方式可分他励、并励、___和复励四类。
