【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
推荐试题
【单选题】
紧缩通货的需求管理政策会___
A. 实现较低的通货膨胀率而不会出现产量的下降
B. 降低产量,但开始时对于通货膨胀没有什么影响
C. 要求政府的支出增加
D. 要求降低名义货币增长率
【单选题】
现代货币学派认为,经济不稳定的主要原因是___
A. 中央银行对货币供给的管理不当
B. 国外经济活动的波动
C. 政府赤字的不断膨胀
D. 无效的财政政策
【单选题】
财政和货币政策的有效性在很大程度上取决于___
A. 决策人的意愿
B. IS和LM曲线的交点
C. IS 和LM 曲线的斜率
D. 货币供应量
【单选题】
当经济出现过热情况时,采用紧缩的货币政策。下面属于紧缩性货币政策的是___
A. 提高贴现率
B. 增加货币供给量
C. 降低法定准备金率
D. 中央银行买入政府债券
【单选题】
扩张性财政政策对经济的影响是___
A. 加剧了通货膨胀但减轻了政府债务
B. 缓和了经济萧条但增加了政府债务
C. 缓和了通货膨胀但增加了政府债务
D. 缓和了萧条也减轻了政府债务
【单选题】
在政府的财政政策中,属于内在自动稳定器的是___
A. 政府公共工程支出
B. 货币供给
C. 税收
D. 政府购买
【单选题】
在现代金融体制中的中央银行有以下几种基本的职能,下面哪项不是中央银行的职能___
A. 银行的银行
B. 发行的银行
C. 居民储蓄的银行
D. 国家的银行
【单选题】
中央银行提高贴现率会导致___
A. 货币供给量的增加和利率的提高
B. 货币供给量的减少和利率的提高
C. 货币供给量的增加和利率的降低
D. 货币供给量的减少和利率的降低
【单选题】
国际收支平衡表中属于经常账户的是___
A. 服务
B. 证券投资
C. 资本性转移
D. 间接投资
【填空题】
2、口腔颌面部易浸润包膜和周围组织的良性肿瘤是___牙源性角化囊性瘤___牙本质生成性影细胞瘤。
【填空题】
3、我们所学过的具有淋巴上皮组织学特点的病变有___舍格伦综合征和()腮裂囊肿。
【填空题】
4、颌周间隙的感染常常引起严重的张口受限,这些间隙有___翼下颌间隙,___颞下间隙。
【填空题】
5、上颌骨骨折进行切开复位内固定术最常用的切口为___上颌前庭沟切口。
【填空题】
6、造釉细胞瘤好发部位___ 下颌角部。
【填空题】
8、颞下颌关节紊乱病是具有共同发病因素和临床主要症状的一组疾病的总称,其三大主要症状指___ 疼痛;___ 、杂音。
【填空题】
9、生态学的核心问题是___ 生态失调。
【填空题】
10、与破坏性牙周病相关的病原菌是___ 福赛坦氏菌,___ 齿垢密螺旋体。
【填空题】
16、一个9岁儿童右下颌6龄牙近中邻面深龋,治疗时意外穿髓角,其最好的治疗方法是:牙髓摘除术___。
【填空题】
1、急性牙髓炎的疼痛性质中,最具有诊断特点的是___。
【填空题】
2、用电诊法检测牙髓活力,其目的是在于___。
【填空题】
3、目前国际上公认的牙周活动破坏的指标是___。
【填空题】
5、对成人来说,判断是否需要口腔治疗有用的统计是___
【填空题】
6、对已放射治疗范围内的牙齿,拔出时间应是___。
【填空题】
7、下列颌面部间隙中最容易并发骨髓炎的是___
【填空题】
8、颊面近中缘长且直,远中缘特短且突的乳牙是___。
【填空题】
10、面神经出茎乳孔的体表位置在___。
【填空题】
11、上颌前牙的腭侧牙龈及粘骨膜由___支配。
【填空题】
12、当研磨食物的中期阶段,咀嚼运动的生物力学杠杆是___。
【填空题】
13、全口义齿排牙是否排为正常合,其主要依据是___。
【填空题】
14、患者XXX,女,58岁,36-38、45-48牙缺失,下前牙舌侧龈缘至口底距离为4mm,舌侧无软组织倒凹,设计大连接体最好选择___
【填空题】
15、选择和修整基牙固位形时,一般要求基牙的___
【填空题】
16、一女性无牙合患者,78岁,上下颌剩余牙槽嵴重度吸收,全口义齿蜡型在合架上咬合关系正常,试戴牙时发现下牙弓明显后退,咬合紊乱,最可能的原因是___
【简答题】
四、简答题
1、常见的牙源性上皮源性良性肿瘤有哪些?请比较其中三种肿瘤在组织学特点、生物学行为和预后的异同。
【简答题】
简述龋病病因的四联因素理论,并结合该理论提出龋病防治的新方法。
【简答题】
可摘局部义齿修复前应进行哪些修复前准备?修复时口腔预备包括哪些内容?
【简答题】
下颌牙列正常排列时牙倾斜的规律是什么?
【单选题】
下列关于“四个全面”战略布局的说法不正确的是___。
A. 党的十七大最早提出全面建设惠及十几亿人的更高水平的小康社会
B. 党的十八大提出全面建成小康社会和全面深化改革的目标
C. 党的十八届四中全会提出全面推进依法治国
D. 党的群众路线教育实践活动总结大会宣示全面从严治党
