【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
推荐试题
【单选题】
过渡期总路线的主体是___
A. 国家的社会主义工业化
B. 私营经济的国有化
C. 个体农业的集体化
D. 对个体农业、手工业和资本主义工商业的改造
【单选题】
新民主主义社会,我国社会的主要矛盾是___
A. 地主阶级和农民阶级的矛盾
B. 工人阶级和资产阶级的矛盾
C. 封建主义和人民大众的矛盾
D. 帝国主义和中华民族的矛盾
【单选题】
党在过度时期的总路线和总任务概括的说就是___
A. 三改两化
B. 一化三改
C. 三化一
D. 一化两改
【单选题】
我国对资本主义工商业改造创造了国家资本主义的各种形式,其高级形式是___
A. 统购包销
B. 委托加工,计划订货
C. 经销、代销
D. 公私合营
【单选题】
中国在对资产阶级工商业实行社会主义改造的过程中,在利润分配上采取的政策是___
A. 统筹兼顾
B. 劳资两利
C. 公私兼顾
D. 四马分肥
【单选题】
剥削阶级在我国被消灭的标志是___
A. 中华人民共和国建立
B. 全国大陆的解放与统一
C. 农业、手工业和资本主义工商业的社会主义改造的基本完成
D. 土地改革的完成
【单选题】
1956年,社会主义改造基完成以后,我国社会的主要矛盾是 ___
A. 工人阶级和资产阶级的矛盾
B. 社会主义道路和资本主义道路之间的矛盾
C. 人民日益增长的物质文化生活需要同落后的社会生产之间的矛盾
D. 坚持四项基本原则和资产阶级自由化之间的矛盾
【单选题】
我国对个体手工业进行社会主义改造的主要方式是___
A. 赎买
B. 统购统销
C. 公私合营
D. 合作化
【单选题】
我国在资本主义工商业进行社会主义改造实践中一个创新性办法是对民族资产阶级___
A. 和平赎买
B. 剥夺生产资料
C. 公私合营
D. 生活上给出路
【单选题】
1956年“八大”提出的建国目标或奋斗目标是 ___
A. 团结一切可能团结的力量
B. 为建设一个伟大目标而奋斗
C. 为建设一个伟大的社会主义国家而奋斗
D. 团结一切可能团结的力量,为建设一个伟大的社会主义国家而奋斗
【单选题】
毛泽东在《论十大关系》中提出我国社会主义建设必须围绕的一个基本方针是 ___
A. 发展生产力,把我国尽快地从落后的农业国变为先进的工业国
B. 正确处理无产阶级和资产阶级的矛盾
C. 调动一切积极因素,为社会主义事业服务
D. 彻底消灭剥削制度,继续肃清反革命残余势力
【单选题】
毛泽东在《关于正确处理人民内部矛盾的问题》中指出,社会主义社会的基本矛盾是___
A. 生产关系和生产力之间的矛盾
B. 人民内部矛盾
C. 工人阶级内部的矛盾
D. 工人阶级同民族资产阶级的矛盾
【单选题】
邓小平理论形成的时代背景是___什么成为时代主题
A. 和平与发展
B. 战争与革命
C. 合作与竞争
D. 和平与战争
【单选题】
邓小平理论形成的现实依据是___
A. 新民主主义革命
B. 社会主义革命
C. 社会主义改造
D. 社会主义改革开放
【单选题】
中国社会主义改革开放的总设计师是___
A. 毛泽东
B. 邓小平
C. 周恩来
D. 习近平
【单选题】
真理标准的大讨论,矛头直指___
A. 实事求是
B. 两个凡是
C. 解放思想
D. 社会实践
【单选题】
重新确立我党实事求是思想路线的会议是___
A. 十届三中全会
B. 十一届三中全会
C. 十二大
D. 十三大
【单选题】
“什么是社会主义,怎样建设社会主义”的基本问题提出者是___
A. 毛泽东
B. 江泽民
C. 邓小平
D. 习近平
【单选题】
第一次系统论述社会主义初级阶段理论的我党会议是___
A. 十二大
B. 十三大
C. 十四大
D. 十五大
【单选题】
我国的立国之本是___
A. 精神文明
B. 改革开放
C. 四项基本原则
D. 五位一体总体布局
【单选题】
党在社会主义初级阶段的基本路线要求以什么为中心工作___
A. 阶级斗争
B. 经济建设
C. 改革开放
D. 党的建设
【单选题】
邓小平理论要回答的基本问题是___
A. 怎样进行新民主主义革命
B. 怎样进行社会主义改造
C. 怎样建设社会主义
D. 怎样构建和谐社会
【单选题】
我国发展生产力的目的是___
A. 解放生产力
B. 改革开放
C. 同步富裕
D. 共同富裕
【单选题】
中国特色社会主义理论体系的开篇之作是___
A. 毛泽东思想
B. 邓小平理论
C. 三个代表重要思想
D. 科学发展观
【单选题】
建设中国特色社会主义的总依据___
A. 毛泽东思想
B. 邓小平理论
C. 社会主义本质
D. 社会主义初级阶段
【单选题】
2000年2月,江泽民在___党建工作座谈会上完整地提出了“三个代表”重要思想。
【单选题】
科学发展观的基本要求是___。
A. 发展
B. 以人为本
C. 统筹兼顾
D. 全面协调可持续
【单选题】
必须认识到,我国社会主要矛盾的变化,没有改变我们对我国社会主义所处历史阶段的判断,我国仍处于并将长期处于___的基本国情没有变,我国是世界最大发展中国家的国际地位没有变。
A. 社会主义阶段
B. 社会主义初级阶段
C. 社会主义中级阶段
D. 社会主义高级阶段
【单选题】
新时代中国特色社会主义思想,明确坚持和发展中国特色社会主义,总任务是实现社会主义现代化和中华民族伟大复兴,在全面建成小康社会的基础上,分___在本世纪中叶建成富强民主文明和谐美丽的社会主义现代化强国。
A. 两步走
B. 三步走
C. 四步走
D. 五步走
【单选题】
___是一个国家、一个民族发展中更基本、更深沉、更持久的力量。
A. 文化自信
B. 理论自信
C. 道路自信
D. 制度自信
【单选题】
坚持全面从严治党,把党的___摆在首位。
A. 思想建设
B. 政治建设
C. 作风建设
D. 组织建设
【单选题】
综合分析国际国内形势和我国发展条件,从二〇二〇年到本世纪中叶可以分两个阶段来安排。第一个阶段,从___,在全面建成小康社会的基础上,再奋斗十五年,基本实现社会主义现代化。
A. 二〇二〇年到二〇三五年
B. 二〇二五年到二〇四〇年
C. 二〇三〇年到二〇四五年
D. 二〇三五年到本世纪中叶
【单选题】
从全面建成小康社会到基本实现现代化,再到全面建成___,是新时代中国特色社会主义发展的战略安排。
A. 创新型国家
B. 社会主义现代化强国
C. 社会主义现代化大国
D. 世界一流强国
【单选题】
从中华民族整体利益把握两岸关系大局,最根本的、最核心的是___。
A. 在坚持“九二共识”的前提下实现台湾高度自治
B. 聚焦两岸经济发展这个第一要务
C. 维护国家领土和主权完整
D. 坚决维护台海和平稳定
【单选题】
我国经济已由______阶段转向______阶段,正处在转变发展方式、优化经济结构、转换增长动力的攻关期,建设现代化经济体系是跨越关口的迫切要求和我国发展的战略目标___
A. 高速增长 高水平发展
B. 高速发展 高水平发展
C. 高速增长 高质量发展
D. 高速发展 高质量发展
【单选题】
贯彻新发展理念,建设现代化经济体系,必须坚持质量第一、效益优先,以_____为主线。
A. 转变发展方式
B. 优化经济结构
C. 深化供给侧结构性改革
D. 转换增长动力
【单选题】
建设现代化经济体系,必须把发展经济的着力点放在______上,大力发展______,是一国经济的立身之本;把提高供给体系质量作为主攻方向,显著增强我国经济质量优势。___
A. 实体经济
B. 虚拟经济
C. 共享经济
D. 国有经济
【单选题】
______是引领发展的第一动力,是建设现代化经济体系的战略支撑。___
【单选题】
坚持党的领导、人民当家作主、依法治国有机统一。____是社会主义民主政治的本质特征。
A. 党的领导
B. 人民当家作主
C. 依法治国
D. 政治体制改革
【单选题】
加强人民当家作主制度保障___是坚持党的领导、人民当家作主、依法治国有机统一的根本政治制度安排。
A. 人民代表大会制度
B. 多党合作和政治协商制度
C. 民族区域自治制度
D. 基层群众自治制度