【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
推荐试题
【判断题】
对违反网络安全管理规定,造成损失和不良影响的,应追究相关责任人的责任。涉嫌犯罪的,移交司法机关进行处理
【判断题】
灭火器设置在一、二位端各2具;后厨没有直通餐厅门的餐车,可以在后厨内安设2具。
【判断题】
客运乘务人员要按规定操作列车电气设备,监视报警设施,发现行车故障和设备报警时,要立即采取应急处理措施并通知列车长。
【判断题】
不履行消防安全管理职责,存在重大火灾隐患限期不整改或发生火灾险情的单位,减免绩效工资5000—30000元。
【单选题】
南昌起义标志着人民军队的诞生,它发生在哪一天。___
A. 1921.7.1
B. 1921.8.1
C. 1927.7.1
D. 1927.8.1
【单选题】
“功盖三分国,名成八阵图。江流石不转,遗恨失吞吴。”一诗中描述的是谁。___
【单选题】
毛泽东是一位伟大的军事家,撰写了大量的军事著作,下列哪一部不是毛泽东所著。___
A. 《论持久战》
B. 《战争和战略问题》
C. 《战争论》
D. 《星星之火,可以燎原》
【单选题】
大国实力地位的变化导致国际战略格局的演变,当今国际战略格局的样式是___。
A. 单极格局
B. 两极格局
C. 多极格局
D. 一超多强
【单选题】
目前我国边界地区存在划界争端的主要是在哪里。___
A. 中俄边界
B. 中印边界
C. 中越边界
D. 中朝边界
【单选题】
1991年海湾战争中,哪种防空导弹成功地拦截住了伊拉克的“飞毛腿”导弹。___
A. “毒刺”
B. “海麻雀”
C. “海响尾蛇”
D. “爱国者”
【单选题】
隐身战术已经广泛应用于现代作战飞机,下列哪种型号的飞机不是隐身飞机。___
A. B-2
B. B-52
C. F-22
D. F-117
【单选题】
下列哪个国家目前还没有拥有核武器。___
A. 巴基斯坦
B. 印度
C. 日本
D. 朝鲜
【单选题】
信息化战争使战争进程大大缩短,1999年的科索沃战争共进行了多少天。___
A. 18天
B. 42天
C. 44天
D. 78天
【单选题】
中华人民共和国领海面积达___万平方公里。
A. 200
B. 300
C. 400
D. 500
【单选题】
我国属于___国防。
A. 扩张型
B. 自卫型
C. 联盟型
D. 中立型
【单选题】
《孙子兵法》是我国历史上经典的军事著作,作者孙武所属年代是___。
A. 春秋末年
B. 秦朝
C. 唐朝
D. 宋朝
【单选题】
当今世界格局总体情况是___。
A. 两极格局
B. 一超独霸
C. 一超多强
D. 多超多强
【单选题】
世界上最早提出“信息战”的是___。
A. 拿破仑
B. 毛泽东
C. 克劳塞维茨
D. 沈伟光
【单选题】
我国“全民国防教育日”是每年九月___。
A. 第一个星期六
B. 第二个星期六
C. 第三个星期六
D. 第四个星期六
【单选题】
1994年11月16日生效的《联合国海洋法公约》约定,主权国可以划出___公里的专属经济区。
A. 100
B. 200
C. 300
D. 400
【单选题】
第四十一届世博会于2010年5月1日在___如期开馆。
【单选题】
2010年5月12日是举世震惊的汶川特大地震___周年纪念日,全国各地举办纪念活动,悼念逝者,展望未来。
【单选题】
中国人民解放军海军组建于哪一天,每年的这一天也被定为我国的海军节。___
A. 1949.4.23
B. 1949.11.11
C. 1950.4.14
D. 1950.8.1
【单选题】
当今世界上战略格局的样式是“一超多强”,下列哪个国家上不属于“多强”的行为。___
【单选题】
下列哪一个国家是我国的陆上邻国。___
A. 日本
B. 白俄罗斯
C. 伊朗
D. 阿富汗
【单选题】
发射火箭升空需要达到第一宇宙速度才能克服地球引力,这个速度为___。
A. 7.9千米/秒
B. 9.7千米/秒
C. 11.2千米/秒
D. 16.7千米/秒
【单选题】
我国目前已建成了三个卫星发射中心,下列哪一个地方不是。___
【单选题】
高技术战争使战争进程大大缩短,2003年发生的伊拉克战争共进行了多少天。___
【单选题】
高技术战争形成的标志是___。
A. 马岛战争
B. 科索沃战争
C. 海湾战争
D. 伊拉克战争
【单选题】
下列不属于我国海军五大兵种的是___。
A. 潜艇部队
B. 陆战队
C. 电子对抗队
D. 岸防兵
【单选题】
下列关于个人反恐的行为措施哪一条的正确的。___
A. 随便把自己的电话告诉网友
B. 不要接受来历不明的邮包
C. 发现被袭击后赶紧回家
D. 不要和陌生人说话
【单选题】
冷战结束后,世界各主要大国都在调整安全观,印度主张的是安全观是___。
A. 绝对安全
B. 制衡安全
C. 借伞安全
D. 互信与合作安全
【单选题】
对抗红外制导的导弹采用下列哪种干扰最直接有效。___
A. 通信干扰
B. 雷达干扰
C. 光电干扰
D. 计算机病毒干扰
【单选题】
《孙子兵法》十三篇中的哪一篇论述了慎战思想。___
A. 《计篇》
B. 《作战篇》
C. 《火攻篇》
D. 《军争篇》
【单选题】
GPS卫星导航定位系统至少需要几颗卫星才能准确进行定位。___
【单选题】
空袭报警发出后,民众必须迅速疏散隐蔽,怎样判断空袭报警的声响。___
A. 呜6秒6停6秒
B. 呜6秒6停6秒
C. 呜6秒6停6秒
D. 呜6秒6停6秒
【单选题】
军事高技术的体系结构是由科学技术体系中面向军事应用的那部分技术科学和工程技术所组成的,它包括___
A. 基础科学、技术科学
B. 技术科学和工程技术
C. 军事基础技术和军事应用技术
D. 军用光电技术和军用航天技术
【单选题】
当代高技术包含了信息技术群、新材料技术群、新能源技术群、生物技术群、海洋技术群和航天技术群,其中基础是___
A. 新能源技术群
B. 信息技术群
C. 新材料技术群
D. 生物技术群
