【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
推荐试题
【单选题】
为提高字符和图形显示的清晰度,应选择___的显示器。(易)(基础知识)
A. 分辩率较高
B. 对比度较好
C. 高度较大
D. 屏幕尺寸较大
【单选题】
计算机发生死机, 且已不能接收键盘信息时, 应采用___方法重新启动机器。(难)(基础知识)
A. 热启动
B. 按CTRL+ALT+DEL
C. 复位启动
D. 过一段时间再热启动
【单选题】
计算机指令的集合称为___。(难)(基础知识)
A. 机器语言
B. 高级语言
C. 程序
D. 计算机语言
【单选题】
我们经常说的E-mail是___的简写。(易)(基础知识)
A. 电子商务
B. 电子邮件
C. 特快邮件
D. 网上聊天
【单选题】
最早面世的一台计算机是在美国设计并制造的,它的名字叫做___。(易)(基础知识)
A. ENIC
B. LYRIC
C. ENIAC
D. ENYA
【单选题】
操作系统的作用是___的接口(中)(基础知识)
A. 主机和外设
B. 用户和计算机
C. 系统软件和应用软件
D. 高级语言和机器语言
【单选题】
微机中最常用的输入设备之一是___。(易)(基础知识)
【单选题】
微型计算机最常用的输入设备和输出设备是___。(易)(基础知识)
A. 显示器和打印机
B. 键盘和鼠标
C. 打印机和鼠标
D. 键盘和显示器
【单选题】
操作系统是一种___。(易)(基础知识)
A. 便于计算机操作的硬件
B. 便与计算机操作的规范
C. 管理计算机系统资源的软件
D. 计算机系统
【单选题】
DOS命令实质上就是一段___。(易)(基础知识)
A. 数据
B. 可执行程序
C. 数据库
D. 计算机语言
【单选题】
IP地址是一个___位的二进制地址 。(中)(基础知识)
【单选题】
下列设备中属于输入设备的是___。(易)(基础知识)
A. 显示器
B. 打印机
C. 鼠标
D. 绘图仪
【单选题】
一般情况下,鼠标的左键用于___。(易)(基础知识)
【单选题】
在微型计算机中的存储介质中,访问速度最快的是___。(中)(基础知识)
A. 硬盘
B. 光盘
C. 软盘
D. ROM(只读存储器)
【单选题】
关机后,计算机内存(RAM)中的信息___。(中)(基础知识)
A. 不会丢失
B. 部分丢失
C. 全部丢失
D. 都不是
【单选题】
微型计算机中,用来执行程序指令,完成各种运算和控制功能的部件是___。(难)(基础知识)
A. 内存
B. 外存
C. 控制器
D. 中央控制单元
【单选题】
由CPU为主要芯片构成的计算机叫___。(中)(基础知识)
A. 微型计算机
B. 小型计算机
C. 大型计算机
D. 巨型计算机
【单选题】
下列关于硬盘驱动器,最合适的说法是___。(中)(基础知识)
A. 不用时应套入纸套,防止灰尘进入
B. 耐震性差,搬运时要注意保护
C. 没有易碎件,在搬运时不象显示器那样要注意保护
D. 全封闭,容量大,速度快
【单选题】
"办公自动化"的英文缩写是___。(易)(基础知识)
A. CAD
B. AI
C. MIS
D. OA
【单选题】
ENTER 键是___。(易)(基础知识)
A. 输入键
B. 回车换行键
C. 空格键
D. 换档键
【单选题】
有一种打印机具有打印精度非常高,打印速度快,无噪声,但格较高,这种打印机是___。(易)(基础知识)
A. 激光打印机
B. 喷墨打印机
C. 针式打印机
D. 热敏打印机
【单选题】
计算机网络最突出的优点是___。(易)(基础知识)
A. 共享资源
B. 精度高
C. 运算速度快
D. 内存容量大
【单选题】
通常人们所说的一个完整的计算机系统包括? ___。(易)(基础知识)
A. 主机,键盘,显示器
B. 计算机和它的外围设备
C. 系统软件和应用软件
D. 计算机的硬件系统和软件系统
【单选题】
灾害事故现场350MHz消防无线通信网应按照___的形式组织。(易)(应急通信)
A. 一级组网
B. 二级组网
C. 三级组网
D. 四级组网
【单选题】
消防___网,又称灭火救援战斗网(易)(应急通信)
【单选题】
火警受理系统___进行一次数据整理和备份(易)(消防业务信息系统)
A. 每半月
B. 每月
C. 每半年
D. 每季度
【单选题】
目前通信供电系统中广泛应用的直流供电方式是:___。(中)(基础知识)
A. 集中供电
B. 并联浮充供电
C. 分散供电
D. 串联浮充供电
【单选题】
UPS蓄电池环境温度应保持在___内。(易)(基础知识)
A. 25±2℃
B. 25±3℃
C. 20±2℃
D. 20±3℃
【单选题】
电缆可以按照其物理结构类型来分类,目前计算机网络使用最普遍的电缆类型有___、双绞线和光纤。(中)(基础知识)
A. 电话线
B. 同轴电缆
C. 光纤
D. 天线
【单选题】
对于重要的计算机系统,更换操作人员时,应当___系统的口令密码。(易)(基础知识)
A. 立即改变
B. 一周内改变
C. 一个月内改变
D. 3天内改变
【单选题】
在局域网中运行网络操作系统的设备是___。(中)(基础知识)
A. 网络工作站
B. 网络服务器
C. 网卡
D. 网桥
【单选题】
下列叙述中,___是正确的。 (中)(基础知识)
A. 反病毒软件总是超前于病毒的出现,它可以查、杀任何种类的病毒
B. 任何一种反病毒软件总是滞后于计算机新病毒的出现
C. 感染过计算机病毒的计算机具有对该病毒的免疫性
D. 计算机病毒会危害计算机用户的健康
【单选题】
计算机病毒最重要的特点是___。(易)(基础知识)
A. 可执行
B. 可传染
C. 可保存
D. 可拷贝
【单选题】
计算机感染病毒的可能途径之一是___。 (易)(基础知识)
A. 从键盘上输入数据
B. 随意运行外来的、未经消病毒软件严格审查的软盘上的软件
C. 所使用的软盘表面不清洁
D. 电源不稳定
【单选题】
计算机病毒除通过有病毒的软盘传染外,另一条可能途径是通过___进行传染。 (易)(基础知识)
A. 网络
B. 电源电缆
C. 键盘
D. 输入不正确的程序
【单选题】
在一般情况下,外存中存放的数据,在断电后___丢失。(易)(基础知识)
【单选题】
下面的叙述只有___是正确的。(中)(基础知识)
A. 计算机指令是指挥CPU进行输出的设备
B. 显示器既是输入设备又是操作设备
C. 微型计算机就是体积很小的计算机
D. 软盘驱动器属于主机,软盘属于外设
【单选题】
TCP/IP协议在Internet中的作用是___ (易)(基础知识)
A. 定义一套网间互连的通信规则或标准
B. 定义采用哪一种操作系统
C. 定义采用哪一种电缆互连
D. 定义采用哪一种程序设计语言
【单选题】
在下面的描述中,正确的是___。(中)(基础知识)
A. 外存的信息可直接被CPU处理
B. 键盘是输入设备,显示器是输出设备
C. 操作系统是一种很重要的应用软件
D. 计算机中使用的汉字编码和ASCII码是一样的
【单选题】
控制面板的作用是___。(易)(基础知识)
A. 控制所有程序执行
B. 对系统进行有关设置
C. 设置开始菜单
D. 设置硬件接口