【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
推荐试题
【单选题】
双推一支承方式:丝杠一端固定,另一端支承,固定端轴承同时 轴向力和径向力 ___
【单选题】
电动机与丝杠联轴器产生松动造成滚珠丝杠副运转 ___
【单选题】
首先检查 Y 轴有关位置参数,发现 间隙、夹紧允差等均在要求范围内,可排除参数设置不当引起故障的因素 ___
【单选题】
脱开主传动的动作是接到数控装置发出的换刀指令后,液压缸 压,弹簧推动齿轮与主轴上的齿轮脱开 ___
【单选题】
刀库电机转动故障容易引起刀库 不到位 ___
【单选题】
编码器与丝杠连接的螺钉 致使伺服报警 ___
【单选题】
日常维护中要特别关注数控机床电器控制部分容易受污染的器件,如 ___
【单选题】
C.存储器电池 D.含有弹簧的元器件 13265.定位数控系统硬件故障部位的常用方法是外观检测法、系统分析法、静态测量法和 ___
【单选题】
C.功能测试法 D.参数分析法 13266. 不可能造成数控系统的软件故障 ___
A. 输入输出电缆线被压扁
B. 操作者的误操作
C. 程序语法错误
D. 数控系统后备电池失效 13267.某数控铣床,开机时驱动器出现“编码器的电压太低,编码器反馈监控失效”报警内容,
【单选题】
处理这种故障的办法是 ___
A. 重新连接伺服电动机编码器反馈线,进行正确的接地连接
B. 重新编写 PLC 程序
C. 坐标轴重新回零
D. 重新输入系统参数
【单选题】
放置了好长时间的数控车床,再次开机时,发现系统无显示,故障原因可能是 ___
A. 显示电缆被老鼠咬断
B. 数控系统存储器出错
【单选题】
C.数控系统零部件损坏 D.数控系统参数错误 13269.数控系统中对各电路板供电的系统电源大多数采用 电源 ___
A. 开关型稳压
B. 交流 380V
C. 交流 220V
D. 桥式整流
【单选题】
通常情况下,三相混合式步进电机驱动器的 RDY 指示灯亮时表示 ___
A. 驱动器准备好
B. 开机初始状态
C. 脉冲输入状态
D. 驱动器报警
【单选题】
数控机床直流伺服电机常用的调速方法是 ___
A. 改变电枢电压
B. 改变换向片方向
C. 减小磁通量
D. 改变磁极方向
【单选题】
对于数控系统的外接存储器,当里面的文件正在读取时, 外接存储器 ___
A. 不能插拔
B. 可以插拔
C. 不能运行
D. 不能编辑
【单选题】
如果某数控车床,当系统电源接通后,显示器出现系统报警,同时显示页面不能正常转换 ___排除这种故障通常采用的方法是 (A)
A. 对系统进行初始化
B. 屏蔽车床的急停按扭
C. 对车床进行回零操作
D. 修改 PLC 程序
【单选题】
数控机床操作面板主要由 开关、主轴转速倍率调整旋钮、进给倍率调节旋钮、各 种辅助功能选择开关、手轮、各种指示灯等组成 ___
A. 操作模式
B. 显示器
C. 翻页键
D. 地址键
【单选题】
数控机床操作按 为 的操作按钮 ___
A. 自动方式(MEM)
B. 录入方式(MDI)
【单选题】
C.编辑方式(Edit) D.回零方式(REF) 13276.当机床三色灯的红色灯亮时,表示 ___
A. 机床有故障
B. 机床处于准备状态
C. 机床处于非加工状态
D. 机床正在进行自动加工 13277.若把工件原点的坐标值通过键盘输入偏量寄存器 PS01,程序调用工件原点时采用的指令
【单选题】
是 ___
A. G54
B. G55
C. G57
D. G59
【单选题】
MDI 运转可以 ___
A. 通过操作面板输入一段指令并执行该程序段
B. 完整的执行当前程序号和程序段
C. 按手动键操作机床
D. 可以解决 CNC 存储容量不足的问题
【单选题】
数控机床的自动运行指的是机床在 控制之下加工零件 ___
【单选题】
数控机床操作面板上 按键为 ON 时,M、S、T 代码指令不执行 ___
【单选题】
C.全轴机床锁住 D.跳过任选程序段运行 13281.数控机床的全轴锁住开关为 ON 时 ___
A. 机床不移动,但刀具图形轨迹能显示
B. 机床不移动,刀具图形轨迹也不能显示
C. 机床可以移动,刀具图形轨迹也能显示
D. 机床可以移动,但刀具图形轨迹不能显示
【单选题】
在 中,用主轴电机控制攻丝过程,主轴电机的工作和伺服电机一样 ___
A. 刚性攻丝方式
B. 换刀方式
C. 录入方式
D. 钻孔方式
【单选题】
数控系统用来匹配机床及数控功能的一系列 ,叫做数控系统的参数 ___
【单选题】
不属于数控系统 RS232 接口特性定义的是 ___
A. 数据起始位
B. 奇偶校验
C. 数据停止位
D. 数据位
【单选题】
宏程序中 的用途在数控系统中是固定的 ___
A. 系统变量
B. 局部变量
C. 全局变量
D. 程序变量
【单选题】
按数控机床检测元件检测原点信号方式的不同,返回机床参考点的方法可分为 ___
【单选题】
激光干涉仪的测量基准点为数控机床的 ___
A. 零点
B. 中间点
C. 任意点
D. 基准点
【单选题】
数控系统的刀具补偿参数一般包括刀具长度补偿和 参数 ___
【单选题】
C.刀具序号补偿 D.刀具金属性能补偿 13290.通过数控机床电子齿轮比参数的设定,可以使编程的数值与实际运动的距离 ___
A. 一致
B. 成反比
C. 成正比
D. 相反
【单选题】
数控铣床 X 坐标方向移动时工作台面的平行度检测时主轴 处固定指示器,使其测头触及中央 T 形槽的检验面 ___
【单选题】
测量时工作台位于 向行程的中间位置,在主轴锥孔中插入检验棒 ___
【单选题】
固定指示器时,使其 触及角尺的检验面 ___
A. 测头
B. 表架
C. 固定螺母
D. 底座
【单选题】
三坐标测量仪的测量功能应包括 等 ___
【单选题】
C.几何精度及轮廓精度 D.尺寸精度 13296.下图属于检测 ___
A. 主轴旋转轴线对工作台面的垂直度
B. 主轴旋转轴线对工作台面的同轴度
C. 主轴旋转轴线对工作台面的平面度
D. 主轴旋转轴线对工作台面的平行度
【单选题】
三坐标测量仪驱动系统采用直流 电机 ___