【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
推荐试题
【单选题】
16G平法中当有悬挑梁且根部和端部的高度不同时,表示为()___
A. b*h1/h2
B. b*h1\h2
C. b*h1-h2
D. b*h1(h2)
【单选题】
16G平法图集梁构件里不包含( )___
A. 非框架梁
B. 非抗震框架梁
C. 悬挑梁
D. 井字梁
【单选题】
13Ф10@150/200(4)表示为___
A. 箍筋为HPB300钢筋,直径为10;梁的两段各有13个四肢箍,间距分别为150和200
B. 箍筋为HPB300钢筋,直径为10;梁的两段各有13个四肢箍,间距为150,梁跨中部分间距为200,四肢箍。
C. 箍筋为HPB300钢筋,直径为10;梁的两段各有13个四肢箍,间距为200,梁跨中部分间距为150,四肢箍。
D. 箍筋为HPB300钢筋,直径为10;梁总共有13个四肢箍,间距为150,梁跨中部分间距为200
【单选题】
梁当同排纵筋中既有通长筋又有架立筋时,表示方式为___
A. 2Ф22/(4Ф12)
B. 2Ф22+(4Ф12)
C. 2Ф22+4Ф12
D. 2Ф22(4Ф12)
【单选题】
当梁腹板高度满足()需配置纵向构造钢筋___
A. hw≥400mm
B. hw>400mm
C. hw≥450mm
D. hw>450mm
【单选题】
梁箍筋加密区与非加密区的间距不同时,表示正确的是()___
A. Ф10@100/200(4)
B. Ф8@100(4)/200(2)
C. 13Ф10@100/200(4)
D. 18Ф10@100(4)/200(2)
【单选题】
中的10c25(4)代表什么意思?___"
A. 下部通长筋为10C25,有四根纵向受力钢筋未穿过柱截面,在柱子两侧通过
B. 下部通长筋为10C25,四根是附加钢筋
C. 下部通长筋为10C25,四根是支座筋
D. 下部通长筋为10C25,,分两层,四根是上层的
【单选题】
当梁配置侧面构造钢筋时,其搭接与锚固长度可取值为___
A. 15d
B. 12d
C. 10d
D. 6d
【单选题】
梁的平面注写包括集中标注和原位标注,集中标注有五项必注值,其中不包含哪一项?( )___
A. 截面尺寸
B. 箍筋
C. 梁侧面纵向钢筋
D. 梁顶面标高高差
【单选题】
梁下部纵筋 6c25 2(-2)/4 表示正确的是 ()___
A. 上排纵筋为 4 根 C25 且有两根不伸入支座,下排钢筋为 4 根 C 25 全部伸入支座
B. 上排纵筋为 2 根
C. 25 且伸入支座,下排钢筋为 4 根 C 25 全部伸入支座 C.上排纵筋为2根 C25 且不伸入支座,下排钢筋为 4 根C25全部伸入支座
D. 上排纵筋为 4 根 C25 且有两根伸入支座,下排钢筋为 4 根 C 25 全部伸入支座
【单选题】
当梁顶比板顶低的时候,在标注注写( )___
A. 负标高高差
B. 正标高高差
C. 不标注
D. 绝对标高
【单选题】
框架扁梁注写规则,上下部纵筋需注明未穿过柱截面的纵向受力钢筋根数,原位标注以下输入格式中正确的是()___
A. 10C25(4)
B. 10C25 -4
C. 10C25 4/6
D. 10C25(-4)
【单选题】
关于扁梁节点核心区的说法错误的是()___
A. 框架扁梁节点核心区代号为 KBH
B. 框架扁梁节点核心区包括柱内核心区和柱外核心区及端部核心区。
C. 框架扁梁节点核心区钢筋注写包括柱外核心区竖向拉筋及节点核心区附加纵向钢筋
D. 框架扁梁端节点核心区还需要注写附加 U 型箍筋
【单选题】
框架扁梁核心区的代号为()___
A. KBL
B. KLX
C. KHX
D. KBH
【单选题】
井字梁通常由()构成,并以框架梁为支座___
A. 框架梁
B. 非框架梁
C. 框架扁梁
D. 连梁
【单选题】
当图纸标有:JZL1(2A)表示? ()___
A. 1 号井字梁,两跨一端带悬挑
B. 1 号井字梁,两跨两端带悬挑
C. 1 号剪支梁,两跨一端带悬挑
D. 1 号剪支梁,两跨两端带悬挑
【单选题】
悬挑板板厚注写为 h=120/80,表示()___
A. 表示该板的板根厚度为 120mm,板前端厚度为 80mm
B. 表示该板的板前端厚度为 120mm,板根部厚度为 80mm
C. 表示该板的板厚度为 120mm,板前端厚度为 80mm
D. 表示该板的板厚度为 120mm,板根部厚度为 80mm
【单选题】
板带中用b表示___
A. 板带厚
B. 板带宽
C. 板带长
D. 板带高
【单选题】
混凝土保护层厚度指()外边缘至混凝土表面的距离___
A. 最外层钢筋
B. 纵筋
C. 主筋
D. 拉筋
【单选题】
纵向受拉钢筋非抗震锚固长度任何情况下不得小于多少()___
A. 250mm
B. 350mm
C. 400mm
D. 200mm
【单选题】
不影响钢筋锚固长度 Lae 大小选择的因素有()___
A. 抗震等级
B. 混凝土强度
C. 钢筋种类及直径
D. 保护层厚度
【单选题】
以下16G系列图集对于锚固搭接的说明中,那一条是错误的?___
A. 给出了具体的锚固、搭接值表格
B. 给出了基本锚固值的表格
C. 明确了部分情况下不适用钢筋直径、种类的要求
D. 需要根据公式计算具体锚固值
【单选题】
当纵向受拉钢筋在施工中易受扰动时,锚固长度查表数据应乘以系数 ()___
A. 1.1
B. 1.2
C. 1.3
D. 1.4
【单选题】
平法规定,受拉钢筋的锚固长度la、lae计算值不应小于()___
A. 300
B. 250
C. 200
D. 150
【单选题】
平法规定,受拉钢筋的搭接长度在任何情况下不应小于()___
A. 300
B. 250
C. 200
D. 150
【单选题】
当为环氧树脂涂层带肋钢筋时,锚固长度查表数据应乘以系数 ()___
A. 1.1
B. 1.2
C. 1.25
D. 1.3
【单选题】
用于剪力墙分布钢筋的拉结筋构造中弯钩平直段的长度为()___
A. 1.5d
B. 5d
C. 11.9d
D. max(10d,75)
【单选题】
所在楼层 Hn 的取值下面说法正确的是 (___
A. Hn 为所在楼层的柱净高
B. Hn 为所在楼层的高度
C. Hn 为嵌固部位至首层节点底
D. 无地下室时 Hn 为基础顶面至首层节点底
【单选题】
柱在楼面处节点上下非连接区的判断条件不包含?( )___
A. 500
B. 1/6Hn
C. Hc(柱截面长边尺寸)
D. 1/3Hn
【单选题】
___"
A. 到节点底向上伸入一个锚固长度
B. 伸至节点顶弯折15d
C. 到节点底向上伸入一个1.2lae
D. 到节点底向上伸入一个1.5Lae长度
【单选题】
___"
A. 1.2lae
B. 1.5lae
C. max(Hn/6,hc,500)
D. Hn/3
【单选题】
柱纵筋在嵌固部位的露出长度为___
A. Hn/3
B. Hn/6
C. max(Hn/6,hc,500)
D. max(Hn/3,hc,500)
【单选题】
柱纵筋采用机械连接时,图集中纵筋错开距离为()___
A. 35d
B. 37d
C. max(35d,500)
D. max(37d,500)
【单选题】
柱纵筋采用焊接时,图集中纵筋错开距离为 ()___
A. 35d
B. 37d
C. max(35d,500)
D. max(37d,500)
【单选题】
梁上起柱时,在梁内设至少几道箍筋()___
【单选题】
梁上起柱时,在梁内设至少几道箍筋()___
【单选题】
抗震框架柱中间层柱根箍筋加密区范围是()___
A. 500
B. 700
C. Hn/3
D. max(Hn/6,hc,500
【单选题】
16G 中梁上柱 LZ 纵筋构造,柱纵筋伸入梁底弯折,弯折长度为()___
A. 12*d
B. 15*d
C. 150
D. 6*d
【单选题】
柱箍筋加密范围不包括 ()___
A. 节点范围
B. 底层刚性地面上下 500mm
C. 基础顶面嵌固部位向上1/6Hn
D. 搭接范围
【单选题】
柱净高与柱截面长边尺寸的比值Hn/hc≤4时,柱箍筋的加密范围为()___
A. 底层刚性地面上下 500mm
B. 基础顶面嵌固部位向上1/6Hn
C. 全高加密
D. 搭接范围
