【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
推荐试题
【判断题】
《公务员法》规定了我国公务员的管理原则之一是:国家对公务员实行科学管理,提高管理效能和科学化水平。
【判断题】
我国《公务员法》第一条明确了该法的立法目的和依据,即为了规范公务员的管理,保障公务员的合法权益,加强对公务员的监督,建设高素质的公务员队伍,促进勤政廉政,提高工作效能,根据宪法,制定该法。
【判断题】
公务员管理依照政府的权限、条件、标准和程序进行,也就是坚持依法行政原则,它是公务员制度的一个基本特征,也是人事管理制度法制化、科学化的一个重要标志。
【判断题】
公务员的义务,是指法律关于公务员在行使国家行政权力,执行国家公务活动中必须作出一定行为或不得作出一定行为的约束和限制。其涵义之一是公务员的义务是以其身份为前提,只有公务员才能享有,非公务员身份的其他社会群体成员不得享有。
【判断题】
职位分类是以“人”为中心的一种管理制度。它以公务员的职位为对象,按职位的工作性质、难易程度、责任轻重及所需资格条件,把职位划分为不同的类别和等级,作为人事管理基础的一种分类方法。
【判断题】
公务员辞退,应当向任免机关提出书面申请,任免机关应当在1个月内予以审批。
【判断题】
公务员申诉,是指公务员对机关作出的涉及本人权益的人事处理决定不服,依法向有关机关提出意见并要求复核和重新处理的行为。
【判断题】
辞职是公务员的一项基本权利,公务员一旦提出辞职申请便可离职,行政机关不能强制留下。
【判断题】
公务员的交流,是指机关根据工作需要或公务员个人意愿,通过法定形式,在机关内部调整公务员的工作职位,或者把公务员调出机关任职,或者将机关以外的工作人员调入机关担任公务员职务的管理活动。公务员交流的原则包括依法进行、个人需求第一、适才适用和合理原则。
【判断题】
品位分类侧重于职位的工作性质、难易程度、职位的职责和职权。
【判断题】
公务员考核的方法有领导考核与群众考核相结合、定性考核与定量考核相结合、个人自评与组织考评相结合等。
【判断题】
公务员因公致残并被确认为丧失工作能力的,应退休。
【判断题】
公务员撤职处分一般在三年后由原处理机关核消。
【判断题】
我国的公务员制度是新的管理制度,它也有政务官和事务官的区别,并进行分类管理。
【判断题】
委任制是由任免机关在其任免权限范围内,直接委派特定工作人员担任一定职务的任用方式。
【判断题】
公务员回避制度是公务员制度的重要组成部分,通过对公务员所任职务、执行公务和任职地区等方面作出限制性规定,减少因亲属关系等人为因素对工作的干扰。
【判断题】
公务员所在机关根据法律规定的条件、程序,在法定的管理权限内解除公务员职务关系的行政行为包括辞职、辞退、退休、开除。
【判断题】
公务员转任是指把国有企业事业单位、人民团体和群众团体中从事公务的人员调入机关担任领导职务或者副调研员以上及其他相当职务层次的非领导职务。
【判断题】
公务员保险,是劳动保险制度的一种,是指国家通过立法程序建立的,对暂时或永久丧失劳动能力的公务员给予物质帮助的制度。
【判断题】
国家行政机关中从事党群工作的专职人员不列入实施公务员制度的范围。
【判断题】
保守国家秘密和工作秘密是公务员义务,但公务员关系解除以后就不再承担此项义务。
【判断题】
通过调任手续调出国家行政机关任职的公务员,仍可保留国家公务员的身份。
【判断题】
公务员对涉及其本人的人事处理不服的,可以在任何时候向有关部门提出申诉。
【判断题】
各级政府机构的决策等权限的调整由同级地方党委决定。
【判断题】
公共行政学的决策概念,主要是指社会组织为实现一定目标,制定若干行动方案并加以优化抉择的行为过程。
【判断题】
政府应当依据国家的法律、法规、政策来拟定和选择行动方案,法无明文规定即禁止。
【判断题】
决策是决定机关管理是否具有生机和活力的关键。
【判断题】
政府政策目标按照行政领导意图通过议题筛选程序来确立。
【判断题】
机关工作计划是紧接着行政执行之后的一种行政行为,是实施决策的第一步。
【判断题】
行政决策的制定、执行和修改是一个很长的动态过程。
【判断题】
所谓“问题”就是事物的现实状态与人们的期望状态之间的差距。
【判断题】
行政决策的主体只能是各级行政机关及公务员。
【判断题】
各级政府是以国家的名义,从政府职能部门角度出发来进行决策的。
