【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
推荐试题
【单选题】
BB028 横联差动保护的优点是原理简单、灵敏度高、动作可靠、不受___变化的影响,因而得到了广泛的应用。
A. 电压
B. 运行方式
C. 外界因素
D. 母线电压
【单选题】
BB028 电容器组的横联差动保护是通过比较两臂中___乏工作的。
A. 频率的大小
B. 电压的大小
C. 电流的大小
D. 功率的大小
【单选题】
BB029 电容器组无论是采用星形接线还是三角形接线,均应装设___保护。
A. 零序电流
B. 零序电压
C. 负序电流
D. 负序电压
【单选题】
BB029 三角形接线的电容器组可采用零序电流保护方式,尤其是电容器2组以上 ___时可获得更好的效果。
A. 并联
B. 串、并联
C. 串联
D. 星接
【单选题】
BB029 电容器组零序电流可从接成星形的电流互感器___上取得,零序电流继电器直接接在三相电流互感器副边中性线上。
A. 中性线
B. 任意两相
C. 任意一相
D. A或c
【单选题】
BB030 电动机的过电流保护用于保护其___短路故障。
【单选题】
BB030 电动机的过电流保护动作时间应___电动机的启动时间。
【单选题】
BB030 电动机利用电流继电器构成的过电流保护,其定值应___电动机的可能出现的最大负荷电流量。
【单选题】
BB031 电动机差动保护启动电流应按躲开电动机___来整定。
A. 启动电流
B. 额定电流
C. 负荷电流
D. 外部短路电流
【单选题】
BB031 在小接地电流供电电网中,电动机的纵差动保护一般采用___接线。
A. 三相式
B. 两相式
C. 单相式
D. 三相制
【单选题】
BB031 容量为___的电动机,应装设差动保护。
A. 1000 kW
B. 1000 kW及以上
C. 2 000 kW
D. 2 000 kW及以上
【单选题】
BB032 电动机速断保护采用___接线即可满足要求。
A. 单相式
B. 两相式
C. 三相式
D. 差
【单选题】
BB032 目前广泛采用___作为防止电动机相间故障的主保护。
A. 过电流保护
B. 过电压保护
C. 过负荷保护
D. 电流速断保护
【单选题】
BB033 电动机低电压启动的过电流保护的接线应能够反映___,并且在电压互感器回路断线时不应误动作。
A. 电压下降
B. 对称的电压下降
C. 电流变化
D. 电流、电压的变化
【单选题】
BB033 电动机采用低电压启动的过电流保护,其动作电压应躲开电动机自启动时母线上的___电压。
【单选题】
BB033 3~6 kV电动机低电压保护中,由低电压继电器KV1、KV2、KV3及时间继电器KT1构成不重要电动机的低电压保护,以___跳开不重要电动机,并兼作电压回路断线信号。
A. 0.3 s
B. 0.5 s
C. 0.8 s
D. 1.0 s
【单选题】
BB034 晶体管保护电路中,实现强与弱转换并起隔离作用的电路称为___。
A. 变换电路
B. 电压形成电路
C. 隔离电路
D. 电抗变换
【单选题】
BB034 晶体管保护装置与一般继电保护装置一样,它也包括测量回路、___回路和输出回路3个基本部分。
【单选题】
BB035 变电所采用双主机监控系统与二次设备分散布置,主控室和配电装置之间的信息传输方式由___。
A. 数字式改为模拟式
B. 模拟式改为数字式
C. 数字式改为信息式
D. 模拟式改为信息式
【单选题】
BB035 在变电所内装设一套单主机的微机监测系统,在事故或需要时能按___,以人便于接受的信息形式在CRT上显示。
A. 事故发生的严重程度
B. 不同电压等级的顺序
C. 个人需求的顺序
D. 事件发生的顺序
【单选题】
BB036 信息采集与___是监控系统的最基本功能。
【单选题】
BB036 模拟量、脉冲量、开关量的采集是将原始信息经各种变送器变成___的直流信号,接人监控系统的A/D变换器。
A. 4~2 0 A或-10~+10 V
B. 4--20 A或-5~+5 V
C. 4~2 0 mA或-10~+10 V
D. 4---20 mA或-5~+5 V
【单选题】
351.BB036 事故追忆是指对变电所内的一些主要___在事故前后一段时间内做连续的测量记录。
A. 脉冲量
B. 模拟量
C. 开关量
D. 数据量
【单选题】
BB037 计算机保护的特性主要是由___决定的。
A. 软件
B. 硬件
C. 软件和硬件的相互配合
D. 信息量
【单选题】
BB0 3 7 计算机有很强的综合分析和判断能力,因而它可以实现常规保护很难办到的自动纠错,即自动___。
A. 识别逻辑的错误
B. 识别本身硬件的异常部分
C. 识别和排除干扰
D. 保护配备的错误
【单选题】
BB037 计算机保护要求将以模拟量输入的电流、电压的___变换为离散的数字量。
A. 最大值
B. 平均值
C. 瞬时值
D. 最小值
【单选题】
BB038 为了防止干扰,计算机保护在输入信号处理部分装设了几个起隔离、屏蔽作用的___。
A. 转换器
B. 变换器
C. 解调器
D. 隔离器
【单选题】
BB038 计算机保护中的变换器将输入的电流、电压的最大值变换成计算机设备所允许的___。
A. 最大允许值
B. 最大电流值
C. 最大电压值
D. 最大工作值
【单选题】
BB038 计算机保护中A/D转换器的作用是将输入的模拟电压变换为以一定电压为基准,与输入电压___的数码。
A. 成比例
B. 相等
C. 相同
D. 同相位
【单选题】
B039 变电所综合自动化系统是将变电所的二次设备利用计算机技术、现代通信技术,经过功能组合和优化设计,对变电所执行___、测量、控制和协调的一种综合性的自动化系统。
A. 自动启动
B. 自动监视
C. 自动保护
D. 自动通信
【单选题】
BB039 变电所综合自动化系统按___形式可以分为多种。从国内外变电站综合自动化系统的发展过程来划分,可分为集中式、分布式和分散(层)分布式3种。
A. 软件结构
B. 整体结构
C. 分布结构
D. 硬件结构
【单选题】
BB039 综合自动化变电所为满足远方监控信息量大、传输可靠、实施性强的要求,通信系统采用___系统。
A. 数字微波
B. 通信光缆
C. 数字微波通信及光纤
D. 现代卫星定位
【单选题】
BB040 计算机监控系统应具有远动RTU功能,其功能模块(单元)必须完成___功能,并且功能指标和( )应满足调度自动化系统的总体要求。
A. “四遥”;通信速率
B. “三遥”;通信速率
C. “四遥”;信息量
D. “三遥’’;信息量
【单选题】
BB040 综合自动化变电所对继电保护的要求是:实时向监控系统传送保护主要状态,如___、输入量值以及保护动作信号。
A. 开关模拟量
B. 开关遥测量
C. 功能投入情况
D. 开关遥信量
【单选题】
BB040 综合自动化变电所数据采集量包括:状态量、模拟量、___和数字量。
A. 控制量
B. 脉冲量
C. 启动量
D. 信号量
【单选题】
BB041 后台机监控系统具有事故追忆功能,可追忆事故发生前,___及发生后6 s.内负荷变化和电压变化情况,并形成事故报表。
A. 3 s
B. 4 s
C. 5 s
D. 6 s
【单选题】
BB041 综合自动化变电所前台机主要巡视检查内容有:液晶显示是否正常,液晶循环显示___与实际一次值、压板状态、当前定,值区是否相符。
A. 开关
B. 母线
C. 遥信量
D. 遥测量
【单选题】
BB041 综合自动化变电所前、后台机核对的主要内容包括“远方/就地’’、弹簧储能、___、各保护投停位置及重合闸信号等是否正确。
A. 设备位置
B. 时钟状态
C. 母线电压
D. 告警信号
【单选题】
BCO01 在值班期间,需要移开或越过遮栏时,___。
A. 必须有领导同志在场
B. 必须先停电
C. 必须有监护人在场
D. 必须持有第一种工作票
【单选题】
BCO01 在值班期间,运行人员巡视高压设备时___。
A. 一般由2人进行
B. 值班员可以干其他工作
C. 发现问题可以随时处理
D. 必须持有操作票
