【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
推荐试题
【多选题】
40富强、民主、文明、和谐,自由、平等、公正、法治,爱国、敬业、诚信、友善24个字的社会主义核心价值观,把涉及三个层面___的价值要求融为一体。
【多选题】
41培育和践行社会主义核心价值观,要坚持___。
A. 全民行动、家长带头
B. 全民行动、干部带头
C. 从家庭做起、从娃娃抓起
D. 从家庭做起、从学生抓起
【多选题】
42培育和践行社会主义核心价值观,必须立足___。
A. 中华优秀传统文化
B. 世界优秀传统文化
C. 革命文化
D. 改革文化
【多选题】
43培育和践行社会主义核心价值观,还必须发扬伟大民族精神,这就是___。
A. 伟大创造精神
B. 伟大奋斗精神
C. 伟大团结精神
D. 伟大梦想精神
【多选题】
44文化强国是指一个国家具有强大的文化力量。这种力量表现为___。
A. 具有高度文化素养的国民
B. 发达的文化产业
C. 强大的文化软实力
D. 强力输出本国文化
【多选题】
45在中国特色社会主义新时代,我们要以更大的力度、更实的措施___。
A. 保障和改善民生
B. 加强和创新社会治理
C. 坚决打赢脱贫攻坚战
D. 促进社会公平正义
【多选题】
46提高保障和改善民生水平,要___。
A. 优先发展教育事业
B. 提高就业质量和人民收入水平
C. 加强社会保障体系建设
D. 坚决打赢脱贫攻坚战
【多选题】
47鼓励勤劳守法致富,___。
A. 扩大中等收入群体
B. 增加低收入者收入
C. 调节过高收入
D. 取缔非法收入
【多选题】
48要全面建成覆盖全民___的多层次社会保障体系。
A. 城乡统筹
B. 权责清晰
C. 保障适度
D. 可持续
【多选题】
49加强和创新社会治理,要___。
A. 创新社会治理体制
B. 改进社会治理方式
C. 加强预防和化解社会矛盾机制建设
D. 加强社会心理服务体系建设
【多选题】
50推进社会文明进步、安定和谐,必须积极培育___的社会心态。
A. 自尊自信
B. 理性平和
C. 积极向上
D. 争强好胜
【多选题】
51坚持总体国家安全观,需要___。
A. 完善国家安全体系
B. 健全公共安全体系
C. 推进平安中国建设
D. 加强国家安全能力建设
【多选题】
52坚持总体国家安全观,需要___。
A. 完善国家安全体系
B. 健全公共安全体系
C. 推进平安中国建设
D. 加强国家安全教育
【多选题】
53建设社会主义生态文明就是要建设以___的资源节约型、环境友好型社会。
A. 资源环境承载力为基础
B. 以自然规律为准则
C. 可持续发展为目标
D. 人的需求得到完全满足为目的
【多选题】
54在生态环境保护上,一定要树立___,不能因小失大、顾此失彼、寅吃卯粮、急功近利。
A. 区域观
B. 大局观
C. 长远观
D. 整体观
【多选题】
55形成人与自然和谐发展新格局,必须___。
A. 把节约资源放在首位
B. 坚持保护优先、自然恢复为主
C. 着力推进绿色发展、循环发展、低碳发展
D. 形成节约资源和保护环境的空间格局、产业结构、生产方式、生活方式
【多选题】
56建设生态文明是一场涉及___的革命性变革。
A. 生产方式
B. 生活方式
C. 思维方式
D. 价值观念
【多选题】
57加快生态文明体制改革,必须___。
A. 推进绿色发展
B. 着力解决突出环境问题
C. 加大生态系统保护力度
D. 改革生态环境监管体制
【多选题】
58解决突出环境问题,必须构建___的环境治理体系。
A. 政府为主导
B. 企业为主体
C. 社会组织共同参与
D. 公众共同参与
【多选题】
59文化强国是指一个国家具有强大的文化力量。这种力量表现为___。
A. 具有高度文化素养的国民
B. 发达的文化产业
C. 强大的文化软实力
D. 强力输出本国文化
【多选题】
60在中国特色社会主义新时代,我们要以更大的力度、更实的措施___。
A. 保障和改善民生
B. 加强和创新社会治理
C. 坚决打赢脱贫攻坚战
D. 促进社会公平正义
【多选题】
61培育和践行社会主义核心价值观,必须立足___。
A. 中华优秀传统文化
B. 世界优秀传统文化
C. 革命文化
D. 改革文化
【多选题】
62在生态环境保护上,一定要树立___,不能因小失大、顾此失彼、寅吃卯粮、急功近利。
A. 区域观
B. 大局观
C. 长远观
D. 整体观
【多选题】
63形成人与自然和谐发展新格局,必须___。
A. 把节约资源放在首位
B. 坚持保护优先、自然恢复为主
C. 着力推进绿色发展、循环发展、低碳发展
D. 形成节约资源和保护环境的空间格局、产业结构、生产方式、生活方式
【多选题】
64建设生态文明是一场涉及___的革命性变革。
A. 生产方式
B. 生活方式
C. 思维方式
D. 价值观念
【多选题】
65加快生态文明体制改革,必须___。
A. 推进绿色发展
B. 着力解决突出环境问题
C. 加大生态系统保护力度
D. 改革生态环境监管体制
【多选题】
66解决突出环境问题,必须构建___的环境治理体系。
A. 政府为主导
B. 企业为主体
C. 社会组织共同参与
D. 公众共同参与
【多选题】
1制度问题带有___,加强制度建设是全面从严治党的长远之策、根本之策。
A. 根本性
B. 全局性
C. 稳定性
D. 长期性
【多选题】
2全面建成小康社会,“全面”讲的是发展的___。
A. 平衡性
B. 协调性
C. 全面性
D. 可持续性
【多选题】
3下列有关全面小康的说法正确的是___。
A. 全面小康,覆盖的领域要全面,是“五位一体”全面进步的小康。
B. 全面小康,覆盖的人口要全面,是惠及全体人民的小康。
C. 全面小康,覆盖的区域要全面,是城乡区域共同发展的小康。
D. 全面小康,覆盖的国家要全面,是世界各国共同发展的小康。
【多选题】
4下列有关全面小康的说法正确的是___。
A. 全面建成小康社会,是“同一水平小康”。
B. 全面建成小康社会,要实事求是、因地制宜。
C. 全面建成小康社会是针对全国讲的,不是每个地区、每个民族、每个人都达到同一个水平。
D. 如期全面建成小康社会,既坚持一定标准,又防止好高骛远;既考虑到2020年这个时间节点,又立足于打基础、谋长远、见成效。
【多选题】
5党的十八届五中全会,赋予“小康”更高的标准、更丰富的内涵___。
A. 经济保持中高速增长。
B. 创新驱动成效显著。
C. 发展协调性明显增强。
D. 人民生活水平和质量普遍提高。
【多选题】
6决胜全面建成小康社会,___。
A. 第一,坚决打好防范化解重大风险攻坚战。
B. 第二,坚决打好精准脱贫攻坚战。
C. 第三,坚决打好污染防治攻坚战。
D. 第四,确保经济社会持续健康发展。
【多选题】
7全面建成小康,缩小城乡区域发展差距,是___。
A. 缩小国内生产总值总量和增长速度的差距
B. 老百姓之间的差距
C. 缩小居民收入水平、基础设施通达水平、基本公共服务均等化水平、人民生活水平等方面的差距
D. 实现收入平均化
【多选题】
8中国特色社会主义进入新时代,要站在更高起点谋划和推进改革,改革是___的。
A. 有目标
B. 有方向
C. 有立场
D. 有原则
【多选题】
9党是改革的___,改革能否顺利推进,关键取决于党,取决于党的领导。
A. 倡导者
B. 获利者
C. 推动者
D. 领导者
【多选题】
10我国改革开放之所以能取得巨大成功___。
A. 关键是我们把党的基本路线作为党和国家的生命线
B. 始终坚持把以经济建设为中心同四项基本原则、改革开放这两个基本点统一于中国特色社会主义伟大实践
C. 既不走封闭僵化的老路,也不走改旗易帜的邪路
D. 坚定不移走中国特色社会主义道路
【多选题】
11坚持社会主义市场经济改革方向___。
A. 是经济体制改革的基本遵循
B. 是全面深化改革的重要依托
C. 是改革开放的前提
D. 是改革开放的核心
【多选题】
12下列有关国家治理体系和治理能力说法正确的是___。
A. 国家治理体系和治理能力是一个国家的制度和制度执行能力的集中体现,两者相辅相成。
B. 国家治理体系是在党领导下管理国家的制度体系,包括经济、政治、文化、社会、生态文明和党的建设等各领域体制机制、法律法规安排,即一整套紧密相连、相互协调的国家制度
C. 国家治理能力则是运用国家制度管理社会各方面事务的能力,包括改革发展稳定、内政外交国防、治党治国治军等各个方面
D. 不能把国家治理体系和国家治理能力等同起来,不是国家治理体系越完善,国家治理能力越强。
【多选题】
13要大力培育和弘扬社会主义核心价值体系和核心价值观,加快构建充分反映中国特色、民族特性、时代特征的价值体系,努力抢占价值体系的制高点,___。
A. 处理好解放思想和实事求是的关系
B. 处理好顶层设计和摸着石头过河的关系
C. 时代特征
D. 历史特点
