【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
推荐试题
【单选题】
一个公共卫生项目, 建立了一个公开的电子网页, 用来向广大市民发布项目进展情况。 这是属于 ( )。
A. 交互式沟通
B. 非正式沟通
C. 推式沟通
D. 拉式沟通
【单选题】
监督沟通过程会导致的项目文件更新, 通常包括对问题日志和经验教训的更新。 以下所有都应该记录在经验教训登记册中, 除了 ( )
A. 问题的起因
B. 所采取的纠正措施
C. 采取该纠正措施的理由
D. 变更请求状态更新
【单选题】
在规划沟通管理时, 需要根据下列哪个因素来确定沟通需求? ( )
A. 项目团队成员是集中办公还是分散办公
B. 收集和发布信息的方法
C. 需要收集的信息种类
D. 发布信息的频率高低
【单选题】
项目经理与高级管理层的沟通, 是哪种类型的沟通?( )
A. 层级沟通
B. 向上沟通
C. 向下沟通
D. 横向沟通
【单选题】
项目经理发现一个团队成员的工作表现不隹。 他处理这个问题的最好沟通方法是( )
A. 正式书面沟通
B. 正式口头沟通
C. 非正式书面沟通
D. 非正式口头沟通
【单选题】
项目经理最好通过以下哪个去发现团队内的问题、 团队成员之间的冲突或团队成员的个人绩效问题? ( )
A. 相关方参与度评估矩阵
B. 项目管理信息系统
C. 观察和交谈
D. 会议
【单选题】
在监督沟通过程中需要依据以下文件,除了 ( )
A. 工作绩效报告
B. 项目沟通记录
C. 问题日志
D. 工作绩效数据
【单选题】
项目执行过程中, 项目经理发现大部分团队成员不参考每周发布的项目文件更新。项目经理应该怎么做?( )
A. 制定签名日志, 显示团队成员何时阅读了更新的内容
B. 调整沟通管理计划, 考虑团队成员的需求
C. 调整每周更新内容的排版
D. 惩罚没有阅读的成员
【单选题】
在口头沟通时, 非口头语言能表达多少信息? { )
A. 45%
B. 7%
C. 55%
D. 38%
【单选题】
每季度的检查中, 一位关键相关方表示对项目进展情况很不满意, 要求项目经理马上采取赶工措施。 项目经理知道此次进度延误是由于突发天气情况造成的, 而且现在的天气状况暂时不适宜赶工, 项目经理最好应该怎么做? ( )
A. 按该相关方的要求赶工, 并要求该相关方承担相应责任
B. 先与该关键相关方沟通
C. 向公司领导层求助
D. 提出项目延期申请
【单选题】
会议按时开始和结束,并且紧密围绕会议主题开展讨论 一切井然有序。 然而会议最终并没有取得预期效果, 可能的原因是 ( )。
A. 没有专业的主持人
B. 会议规定的时间太死
C. 会议中冲突太多
D. 没有邀请适当的人参会
【单选题】
沟通模型中, 哪个要素表示接收方已经收到信息, 但是不一定赞同信息的内容?( )
A. 解码
B. 编码
C. 反馈
D. 确认已收到
【单选题】
项目经理需要一名团队成员专门与女性高端客户打交道, 并且有能力获取她们的信任, 建立有效关系。 这名团队成员必须具备 ( )。
A. 沟通能力
B. 沟通胜任力
C. 沟通模型
D. 情商
【单选题】
考虑讲话的内容、 语音语调、 声音大小, 以及肢体动作对沟通的影响, 可以把沟通分为 ( )。
A. 口头语言沟通与非口头语言沟通
B. 口头沟通与书面沟通
C. 纵向沟通与横向沟通
D. 内部沟通与外部沟通
【单选题】
项目会议结束后, 一位老工程师对你说: “这些 90 后员工真没规矩, 没等领导讲完, 就抢着发表意见。” 这属于沟通中的哪种障碍? ( )
A. 代际
B. 专业学科
C. 国家
D. 工作方法
【单选题】
为确保每次会议都能高效解决问题, 会议管理中的最后一个关键步骤是 ( )
A. 让会议按时结束
B. 定义要解决的问题
C. 形成会议纪要并指定行动责任人
D. 制定有关决策
【单选题】
为了降低沟通中的信息损耗, 提高沟通的效果, 应该重点管理好 ( )
【单选题】
项目团队正在评估相关方参与度评估矩阵, 发现调整了沟通方法和报告发送频率后, 几名相关方的参与程度都有所提升。 目前正在开展以下哪个管理过程?( )
A. 管理相关方参与
B. 规划沟通管理
C. 管理沟通
D. 监督沟通
【单选题】
项目经理每周都通过视频会议与外地团队成员讨论项目进展、 解决问题, 这是以下哪种沟通方法的例子?( )
A. 交互式沟通
B. 推式沟通
C. 拉式沟通
D. 虚拟沟通
【单选题】
哪种沟通方式所传达的信息最能反映某个组织的真实意思? ( )
A. 书面沟通
B. 垂直沟通
C. 内部沟通
D. 官方沟通
【单选题】
谁有权发布项目中的机密信息? ( )
A. 沟通管理计划中指定的人员
B. 高级管理者
C. 项目发起人
D. 项目经理
【单选题】
你正在编写下周的工作计划, 并打算把它发送给项目其他成员, 你现在正在进行( )。
A. 解码
B. 编码
C. 反馈
D. 传递信息
【单选题】
项目文档因为语句不通顺, 错别字多被相关方退回, 这是因为没有遵守书面沟通5C 原则中的哪一条?( )
A. 目的明确
B. 表达正确
C. 表达简洁
D. 逻辑连贯
【单选题】
你收到某专家发来的电子邮件, 但是信息太过复杂, 此刻你还不能完全理解邮件的内容, 你应该 ( )。
A. 向对方发送反馈
B. 暂时不做任何回应
C. 告知对方已收到邮件
D. 告诉对方邮件内容太过复杂
【单选题】
监督沟通可采用各种方式方法, 除了 ( )。
A. 开展客户满意度调查和整理经验教训
B. 开展团队观察和审査问题日志
C. 评估相关方参与度评估矩阵中的变化
D. 限定团队与相关方的沟通渠道
【单选题】
按沟通管理计划收集和发布信息是以下哪个过程的工作? ( )
A. 执行沟通
B. 管理相关方参与
C. 管理沟通
D. 监督沟通
【单选题】
项目必须要购买行业通用的项目管理软件, 以便及时收集并发布信息, 实现有效沟通。 这个要求及相关预算, 应该被写入以下哪个文件中? ( )
A. 项目沟通记录
B. 沟通管理计划
C. 成本管理计划
D. 沟通需求分析
【单选题】
关于风险应对措施, 以下哪个说法是正确的? ( )
A. 对每个风险都要采取最严厉的应对措施
B. 对重要风险要指定不止一名风险责任人
C. 风险应对措施需要全体相关方的同意
D. 在规划风险管理过程中制定风险应对措施
【单选题】
按照风险来源进行分类, 以下哪种是管理风险? ( )
A. 需求定义模糊
B. 合同责任界定不清
C. 市场汇率波动
D. 资源调配的不确定性
【单选题】
风险数据质量评估是哪个过程的工具与技术? ( )
A. 实施定性风险分析
B. 实施定量风险分析
C. 规划风险应对
D. 监督风险
【单选题】
识别风险过程会得到 ( )
A. 风险分解结构
B. 风险清单及风险描述
C. 风险责任人
D. 风险应对措施
【单选题】
项 目 风 险 管 理 旨 在 ( )
A. 管理单个项目风险
B. 管理整体项目风险
C. 管理严重的威胁
D. 管理未被其他项目管理过程所管理的风险
【单选题】
关于单个项目风险和整体项目风险, 以下说法正确的是 ( )。
A. 一旦发生会对一个项目目标产生影响的不确定事件就是单个风险
B. 单个风险管理旨在削弱项目目标负向变异的驱动因素, 加强正向变异的驱动因素
C. 其他不确定性来源是整体项目风险的一部分
D. 单个项目风险之和就是整体项目风险
【单选题】
以下哪个措施对于处理 “未知. 未知” 风险没有效果? ( )
A. 在预算中预留充足的应急储备
B. 经常留意早期预警信号
C. 采取能够灵活变通的项目管理过程
D. 在项目范围内留出应变的余地
【单选题】
用来评估风险管理过程的有效性的工具是 ( )
A. 储备分析
B. 审计
C. 风险审查会
D. 技术绩效分析
【单选题】
以下哪项不属于识别风险过程的数据分析技术? ( )
A. 根本原因分析
B. 假设条件和制约因素分析
C. SWOT 分析
D. 敏感性分析
【单选题】
某个新产品研发项目, 预计投资 200 万美元。 该产品未来市场前景很好的概率为50%, 可获利 1000 万美元; 市场前景一般的概率为 30%, 可获利 500 万美元; 其余情况下则不亏不赚。 该项目的预期货币价值是 ( )。
A. 450 万美元
B. 650 万美元
C. 500 万美元
D. 不知道其余情况的概率,故无法计算
【单选题】
哪种策略可用于低优先级威胁, 或是那些无法用其他方式更经济有效地应对的威胁? ( )
【单选题】
给项目分配最有能力的资源, 以确保抓住某个机会, 这是属于 ( )。
A. 风险接受
B. 风险提高
C. 风险开拓
D. 风险分享
【单选题】
在项目执行过程中未按时实现某个中期里程碑, 就是项目不能按期完工的 ( )
A. 风险概率
B. 风险起因
C. 风险后果
D. 风险触发条件
