【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
推荐试题
【判断题】
感应雷也称作雷电感应,分为静电感应雷和电磁感应雷。
【判断题】
严禁在装有避雷针的构筑物上架设通信线、广播线或低压线。
【判断题】
室颤电流即最小致命电流,与电流持续时间关系密切。
【判断题】
成年男性平均感知电流比女性大,因此男性比女性对电流更敏感。
【判断题】
易燃气体气瓶的首次充装或定期检验后的首次充装,必须经置换或抽真空处理后进行。
【判断题】
压力容器爆破时所能释放的能量与它的工作介质的物性状态没有关系。
【判断题】
《压力容器安全技术监察规程》规定,液氧罐的操作人员,严禁使用带油脂的工具和防护用品。
【判断题】
《气瓶安全监察规程》规定,不允许瓶对瓶直接倒气。
【判断题】
职业病危害严重的建设项目,其职业病危害预评价报告应当报安全生产监督管理部门审核,职业病防护设施设计应当报安全生产监督管理部门审查,职业病防护设施竣工后,由安全生产监督管理部门组织验收。
【判断题】
职业病诊断、鉴定的费用由用人单位承担,再次鉴定的费用由个人承担。
【判断题】
化学危险品库、氢氧站、油料库等应远离火源,布置在厂区边缘地区及最小频率风向的上风侧。
【判断题】
一般可燃物质的燃烧都经历氧化分解、着火、燃烧等阶段。
【判断题】
混合物的爆炸极限不是固定的,而是随混合物的温度、压力等变化的。
【判断题】
进入危险化学品库区的机动车辆应安装防火罩。机动车装卸货物后,不得在库内、库房、货场停放和修理。
【判断题】
储存危险化学品的建筑必须安装通风设备,并注意设备的防护措施。
【判断题】
毒物毒性能导致全部实验动物死亡的剂量,称为绝对致死剂量,用LD100表示。
【判断题】
危险化学品的标志设主标志由表示危险化学品危险特性的图案、文字说明、底色和危险类别号四个部分组成的菱形标志。副标志图形与主标志相同。
【判断题】
有毒品在水中的溶解度越大,其危险性也越大。
【判断题】
自燃点与闪点一样都是可燃物质的固有性质。
【判断题】
《常用危险化学品的分类及标志》中此图形为爆炸品的安全标志。
【判断题】
安全标准化是指为安全生产活动获得最佳秩序,保证安全管理及生产条件达到法律、行政法规、部门规章和标准等要求制定的规则。
【判断题】
危险化学品库房门应为木质门,采用外开式,设置高侧窗。(剧毒物品仓库的窗户应加设铁护栏)。
【判断题】
盛装危险化学品的容器或包装,在经过处理并确认其危险性完全消除之后,方可撕下安全标签,否则不能撕下相应的安全标签。
【判断题】
无论是新型包装、重复使用的包装、还是修理过的包装均应符合危险货物运输包装性能试验的要求。
【判断题】
库存危险化学品应保持相应的垛距、墙距、柱距。
【判断题】
按照《建筑设计防火规范》可燃固体,其火灾危险性为丁类。
【判断题】
储存危险化学品的建筑是否安装通风设备,根据具体情况而定。
【判断题】
未取得危险化学品经营许可证,任何单位和个人不得经营危险化学品。
【判断题】
经营销售危险化学品的单位,应当取得危险化学品经营许可证并经工商管理部门登记注册。
【判断题】
储存危险化学品的建筑物可以有地下室或其他地下建筑。
【判断题】
在可能发生人身伤害、设备或设施损坏和环境破坏的场合,事先采取措施,防止事故发生。
【判断题】
剧毒化学品以及储存数量构成重大危险源的其他危险化学品,应当在专用仓库内单独存放,实行双人收发、单人保管制度。
【判断题】
腐蚀性物品,包装必须严密,不允许泄漏,严禁与液化气体和其他物品共存。
【判断题】
《生产安全事故报告和调查处理条例》适用于生产经营活动中发生的造成人身伤亡或者直接经济损失的生产安全事故的报告和调查处理。
【判断题】
依据的法律、法规、规章和标准发生变化的生产经营单位应急预案应当及时修订。
【判断题】
根据演练规模和观摩需要,可编制演练观摩手册。演练观摩手册通常包括应急演练时间、地点、情景描述、安全注意事项等。
【判断题】
当发生危险化学品事故时,现场人员必须根据各自企业制定的事故预案采取积极有效的抑制措施,尽量减少事故蔓延,并向有关部门报告和报警。
