【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
推荐试题
【多选题】
下列关于对中国籍旅客及其携运物品的表述,正确的是:___
A. 中国籍旅客是指持中华人民共和国护照等有效旅行证件出入境的旅客
B. 中国籍旅客携运进境物品,超出规定免税限量或限值的,海关一律作退运处理
C. 不满16周岁的旅客,海关只放行其旅途需要的《中国籍旅客带进物品限量表》第一类物品
D. 中国籍旅客携运出境的行李物品,经海关审核在自用合理数量范围内的,准予出境
【多选题】
__________属于享受保留免税待遇的中国籍旅客。___
A. 在印度工作的援外人员
B. 在湖南工作的香港白领
C. 去美国旅游的江西学生
D. 去欧洲进修的山东学者
【多选题】
下列关于定居旅客携带物品进出境的表述,正确的是:___
A. 进境定居旅客的征税安家物品包括自用小汽车
B. 进境定居旅客自进境之日起,居留时间不满2年,再次出境定居的,其免税携运进境的安家物品应复运出境或向海关补税
C. 获准出境定居的旅客携运出境的安家物品,除国家禁止或限制出境的物品需按有关规定办理外,在自用合理数量内的,予以放行
D. 进境安居旅客经核准,在规定范围内的物品,除国家规定征税的物品外,准予免税进境,其中,完税价格在人民币1000元以上,5000元及以下的物品每种限1件
【多选题】
台湾人刘某获准在中国内地定居,他申请入境的下列安家物品中,需要征税的是:___
A. 自用衣服一纸箱
B. 自用小汽车一辆
C. 自用家具一组
D. 自用全自动洗衣机一台
【多选题】
下列关于旅客以分离运输方式运进行李物品的表述,正确的是:___
A. 自旅客进境之日起六个月内运进
B. 自行李物品进境之日起六个月内运进
C. 海关办理验放手续时,连同已经放行的行李物品合并计算
D. 海关办理验放手续时,已经放行的行李物品可以不合并计算
【多选题】
短期旅客随身携带的__________,属于“旅行自用物品”。___
A. 照相机
B. 手提式摄录机
C. 便携式收录音机
D. 手提式文字处理机
【多选题】
下列关于外国驻华使馆和使馆人员携运进境物品的表述,错误的是:___
A. 外交代表携运进境自用物品,海关予以查验放行
B. 使馆和使馆人员进境公用、自用物品,只需要口头申报
C. 使馆进境物品超出海关核准直接需用数量范围的,不准进境
D. 使馆运进的公务用品,系指使馆执行职务直接需用的物品
【多选题】
日本驻华外交代表随身携带__________进境,需向海关提出书面申请。___
A. 600支香烟
B. 200支雪茄
C. 250克烟丝
D. 1瓶700毫升装轩尼诗XO
【多选题】
使馆进出境公务用品包括:___
A. 招待用品
B. 办公用品
C. 使馆使用的机动车辆
D. 免费散发的广告宣传品
【多选题】
__________属于《中华人民共和国海关关于境外登山团体和个人进出境物品管理规定》规定的“暂时进口物品”范围。___
A. 通讯器材
B. 摄像器材
C. 机动交通工具
D. 高山专用技术设备
【多选题】
美国帕克登山队来华进行登山活动,进境时携运一批登山装备和日常用品。下列关于其进境物品海关监管的表述,正确的是:___
A. 登山队不准运进中国禁止进出境物品
B. 运进无线电通讯设备和器材,需交验国家无线电管理委员会的批件
C. 随同登山队进境的美国记者运进的摄影摄像器材,需交验外交部新闻司或全国记协的批件
D. 登山队随身携带的测绘器材,由进境地海关凭有关主管部门的批件和中国登协缴纳的保证金暂予免税放行
【多选题】
__________携运进出境的行李物品,海关免予查验。___
A. 中国驻美国大使馆参赞
B. 中国驻日本大使馆武官
C. 中国驻韩国大使馆大使
D. 中国驻悉尼总领馆总领事
【多选题】
下列出境物品在特殊情况下,经国家主管部门批准并发给证明,可以放行的是:___
A. 海洛因
B. 银杏种子
C. 三级文物
D. 国家机密级文件
【多选题】
旅客禁止携带__________出境。___
A. 牛黄
B. 虎骨
C. 仿真手枪
D. 国家机密文件
【多选题】
旅客携带的__________,禁止进境。___
A. 烈性毒药
B. 濒危动植物
C. 通信保密机
D. 能使人成瘾的精神药物
【多选题】
__________限制出境。___
A. 外币
B. 濒危动物
C. 国家绝密文件
D. 无线电收发信机
【多选题】
__________既限制进境,又限制出境。___
A. 通信保密机
B. 贵重中药材
C. 一般文物
D. 国家货币
【多选题】
仿真武器系指具有攻击、防卫等性能的__________。___
A. 仿真弹药
B. 仿真枪支
C. 仿真手枪式电击器
D. 仿真手枪式催泪器
【多选题】
__________属于麻醉药品。___
A. 海洛因
B. 美沙酮
C. 可卡因
D. 古柯叶
【多选题】
对__________进境宗教印刷品,海关应予没收。___
A. 散发性的
B. 以伪装方式逃避海关检查的
C. 曾被海关退运,又重新带入的
D. 自用、数量合理且向海关主动申报的
【多选题】
旅客__________文物出口,必须向海关申报。___
【多选题】
下面关于人民币进出境管理的表述,正确的是:___
A. 不得擅自运输人民币出入境
B. 不得在邮件中夹带人民币出入境
C. 携带人民币出入境应当向海关如实申报
D. 违规携带人民币出入境构成犯罪的,依法追究刑事责任
【多选题】
下列关于旅客带进黄金及其制品的海关监管的表述,正确的是:___
A. 应以自用、合理数量为限
B. 超出自用、合理数量的,视同进口货物
C. 经核准在自用、合理数量内的予以免税放行
D. 按照货物处理的,须验核中国人民银行总行的批件
【多选题】
__________,可凭外汇管理局《携带外汇出境许可证》,携带超过等值10000美元的外币现钞出境。___
A. 政府领导人出访
B. 人数较多的出境团组
C. 出境时间较长的科学考察团组
D. 出境人员赴金融条件差的国家
【多选题】
旅客携带__________等外币支付凭证出入境,海关不予管理。___
A. 汇票
B. 旅行支票
C. 银行存款凭证
D. 邮政储蓄凭证
【多选题】
旅客携带__________人民币进出境,无需向海关申报。___
A. 6000元
B. 10000元
C. 20000元
D. 30000元
【多选题】
旅客携带__________进出境时,海关不按照外币管理规定验放。___
A. 美元纪念票据
B. 美元
C. 缅币
D. 朝鲜元
【多选题】
下列哪些物品属于《濒危野生动植物种国际贸易公约(CITES)》附录Ⅱ所列濒危物种濒危野生动物及其产品?___
A. 象牙酒杯
B. 玳瑁发簪
C. 穿山甲鳞片
D. 牛角杯
【多选题】
任何单位、个人不得运输、携带、邮寄__________进出境。___
A. 虎骨
B. 犀牛角
C. 羚羊角
D. 猛犸象牙
【多选题】
旅客携带伴侣猫进境,须持__________向海关申报。___
A. 狂犬病免疫证书
B. 口岸检疫部门通关单
C. 口岸检疫部门检疫证书
D. 输出国(或地区)官方兽医检疫机关出具的检疫证书
【多选题】
载有__________内容的印刷品,禁止进境。___
A. 扰乱社会秩序,破坏社会稳定
B. 宣扬淫秽、赌博、暴力或者教唆犯罪
C. 侮辱或者诽谤他人,侵害他人合法权益
D. 危害社会公德或者民族优秀文化传统
【多选题】
旅客携带__________进境,海关予以免税验放。___
A. 单行本文学书籍5册
B. 单碟发行的音乐光盘10盘
C. 成套童话书籍5套
D. 成套音乐专辑5套
【多选题】
旅客携带__________进境,海关按照进口货物办理相关手续。___
A. 单行本科学图书100册
B. 单碟发行的瑜伽光碟120盘
C. 成套历史小说20套
D. 成套音乐专辑20套
【多选题】
旅客携带禁止进出境的印刷品、音像制品进出境,如实向海关申报的,__________。___
A. 予以收缴
B. 责令退回
C. 在海关监管下予以销毁
D. 在海关监管下进行技术处理
【多选题】
对外国国宾团随行记者所用采访器材,进境地海关凭中国外交部新闻司出具的__________办理手续。___
A. 担保函
B. 器材清单
C. 接待证明
D. 国宾随行记者器材证明信
【多选题】
临时来内地采访大型会议香港记者携带采访器材进境时,进境地海关凭__________办理暂时进境手续。___
A. 器材清单
B. 进境有效证件
C. 港澳记者采访证
D. 相当于税款的保证金
【多选题】
来大陆采访的台湾记者携带采访器材进境时,海关凭__________出具的《器材通关批准书》予以验放。___
A. 中华全国新闻工作者协会
B. 新疆生产建设兵团台办
C. 深圳市台办
D. 广东省台办
【多选题】
下列中药材中,不准携运出境的是:___
【多选题】
旅客携带的下列物品,属于限制进出境的是:___
A. 人体血液
B. 人体组织
C. 人体器官
D. 人体血液制品
【多选题】
个人携带的卫星电视接收设备,包括__________等,禁止入境。___
A. 高频头
B. 接收机
C. 编码器
D. 解码器
