【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
推荐试题
【单选题】
入党介绍人的任务是认真了解申请人的思想、品质、经历和工作表现,向他解释(),说明党员的条件、义务和权利,并向党组织作出负责的报告。___
A. 党的路线方针政策
B. 党的纲领和党的章程
C. 党的历史
D. 国家政策
E.
【单选题】
党的()是党的根本性建设,决定党的建设方向和效果。___
A. 思想建设
B. 政治建设
C. 组织建设
D. 制度建设
E.
【单选题】
要尊崇党章,严格执行新形势下党内政治生活若干准则,增强党内政治生活的< >。___
A. 政治性、时代性、原则性、战斗性
B. 思想性、政治性、时代性、原则性
C. 政治性、思想性、时代性、原则性
D. 政治性、思想性、时代性、战斗性
E.
【单选题】
预备党员的预备期为< >。___
A. 一年
B. 两年
C. 三年
D. 四年
E.
【单选题】
预备党员的预备期,从< >算起。___
A. 填写入党志愿
B. 入党宣誓
C. 支部大会通过他为预备党员
D. 党组织找他谈话
E.
【单选题】
坚决防止和反对(),坚决防止和反对宗派主义、圈子文化、码头文化,坚决反对搞两面派、做两面人。___
A. 个人主义、享乐主义、自由主义、本位主义、好人主义
B. 个人主义、分散主义、山头主义、本位主义、好人主义
C. 个人主义、分散主义、自由主义、本位主义、好人主义
D. 个人主义、分散主义、自由主义、本位主义、享乐主义
E.
【单选题】
下面属于党的纪律处分的是()。___
A. 警告、严重警告、记大过、留党察看、开除党籍
B. 警告、严重警告、撤消党内职务、留党察看、开除党籍
C. 警告、记过、撤消党内职务、留党察看、开除党籍
D. 警告、记大过、撤消党内职务、留党察看、开除党籍
E.
【单选题】
1939年10月,毛泽东< >一文中,全面阐述了党的建设与党的政治路线密切联系的规律,并把党的建设称作"伟大的工程"。___
A. 社会组织结构
B. 社会政治生活
C. 社会基层组织
D. 社会团体
E.
【单选题】
()和(),是中国共产党人的精神支柱和政治灵魂,也是保持党的团结统一的思想基础。___
A. 共产主义远大理想、新时代中国特色社会主义共同理想
B. 共产主义远大理想、中国特色社会主义共同理想
C. 共产主义崇高理想、新时代中国特色社会主义共同理想
D. 共产主义崇高理想、中国特色社会主义共同理想
E.
【单选题】
党组织对违犯党的纪律的党员,应当本着< >精神,按照错误性质和情节轻重,给以批评教育直至纪律处分。___
A. 惩前毖后、治病救人
B. 坦白从宽、抗拒从严
C. 团结-批评-团结
D. 实事求是
E.
【单选题】
< >是党内的最高处分。___
A. 留党察看
B. 开除党籍
C. 开除公职
D. 刑事处分
E.
【单选题】
党章规定,党的基层组织是党在< >中的战斗堡垒,是党的全部工作和战斗力的基础。___
A. 社会组织结构
B. 社会政治生活
C. 社会基层组织
D. 社会团体
E.
【单选题】
党员受到警告或者严重警告处分,< >内不得在党内提升职务和向党外组织推荐担任高于其原任职务的党外职务。___
A. 半年
B. 一年
C. 二年
D. 三年
E.
【单选题】
党员受到撤销党内职务处分,()不得在党内担任和向党外组织推荐担任与其原任职务相当或者高于其原任职务的职务。___
A. 一年内
B. 二年内
C. 三年内
D. 四年内
E.
【单选题】
党的最高理想和最终目标是< >。___
A. 实现共产主义
B. 建设中国特色社会
C. 建设社会主义强国
D. 实现社会主义现代化
E.
【单选题】
党支部党员人数一般不超过< >人。___
A. 30
B. 40
C. 50
D. 60
E.
【单选题】
作为一名共产党员,能否信仰宗教。___
A. 能
B. 不能
C. 不清楚
D. 不了解
E.
【单选题】
党的纲领分最高纲领和社会主义初级阶段基本纲领。最高纲领是< >。___
A. 实现共产主义
B. 实现革命主义
C. 实现社会主义
D. 实现公平主义
E.
【单选题】
中国共产党党徽为< >组成的图案。___
A. 镰刀和锤头
B. 镰刀和斧头
C. 五角星和镰刀
D. 斧头和五角星
E.
【单选题】
< >标志着中国工人阶级开始以独立的政治力量登上了历史舞台。___
A. 中国共产党的成立
B. 五四运动
C. 二七大罢工
D. 五卅运动
E.
【单选题】
中国共产党最早的组织是由< >等发起,在< >首先建立的。___
A. 陈独秀上海
B. 李大钊北京
C. 毛泽东长沙
D. 李达南京
E.
【单选题】
党支部党员大会、党支部委员会会议由< >召集并主持。___
A. 书记
B. 副书记
C. 委员
D. 党小组组长
E.
【单选题】
有正式党员< >人以上的党支部,应当设立党支部委员会。___
【单选题】
民主集中制是民主基础上的集中和集中指导下的民主相结合。它既是党的< >,也是群众路线在党的生活中的运用。___
A. 根本领导原则
B. 根本管理原则
C. 根本组织原则
D. 根本生活准则
E.
【单选题】
坚持反腐败无禁区、全覆盖、零容忍,坚定不移“打虎”、“拍蝇”、“猎狐”,< >的目标初步实现,< >的笼子越扎越牢,< >的堤坝正在构筑,反腐败斗争压倒性态势已经形成并巩固发展。___
A. 不敢腐不能腐不想腐
B. 不能腐不敢腐不想腐
C. 不想腐不敢腐不能腐
D. 不敢腐不想腐不能腐
E.
【单选题】
党政军民学,东西南北中,党是领导一切的。必须增强< >,自觉维护党中央权威和集中统一领导,自觉在思想上政治上行动上同党中央保持高度一致。___
A. 政治意识、大局意识、核心意识、看齐意识
B. 政治意识、大局意识、权威意识、看齐意识
C. 政治意识、全局意识、核心意识、看齐意识
D. 政治意识、全局意识、权威意识、看齐意识
E.
【单选题】
()是改革开放的基本出发点和落脚点。___
A. 改善人民生活
B. 促进共同富裕
C. 消除贫富差距
D. 社会进步
E.
【单选题】
党在自己的工作中实行< >,一切为了群众,一切依靠群众,从群众中来,到群众中去,把党的正确主张变为群众的自觉行动。___
A. 集中力量办大事
B. 党管干部原则
C. 群众路线
D.
E.
【单选题】
党的十九大报告指出,发展是解决我国一切问题的基础和关键,发展必须是< >。___
A. 长期发展
B. 持续发展
C. 绿色发展
D. 科学发展
E.
【单选题】
建设< >是中华民族伟大复兴的基础工程。___
A. 经济强国
B. 政治强国
C. 教育强国
D. 文化强国
E.
【单选题】
增强党自我净化能力,根本靠强化< >和< >。___
A. 党的自我监督,舆论监督
B. 党的自我监督,群众监督
C. 党的自我监督,司法监督
D. 党的自我监督,民主监督
E.
【单选题】
党的十九大报告指出,发展是解决我国一切问题的基础和关键,发展必须是< >。___
A. 长期发展
B. 持续发展
C. 绿色发展
D. 科学发展
E.
【单选题】
实施< >战略。农业农村农民问题是关系国计民生的根本性问题,必须始终把解决好“三农”问题作为全党工作重中之重。___
A. 农村振兴
B. 乡村振兴
C. 农业振兴
D. 农民增收
E.
【单选题】
我们党的最大政治优势是密切联系群众,党执政后的最大危险是脱离群众。< >、党同人民群众联系问题是关系党生死存亡的问题。___
A. 党风问题
B. 作风问题
C. 民主问题
D. 思想问题
E.
【单选题】
< >是改革开放以来党的全部理论和实践的主题,是党和人民历尽千辛万苦、付出巨大代价取得的根本成就。___
A. 中国道路
B. 以经济建设为中心
C. 科学社会主义
D. 中国特色社会主义
E.
【单选题】
党章规定,党员必须履行的义务有< >。___
A. 6项
B. 8项
C. 10项
D. 12项
E.
【单选题】
必须坚持以人民为中心的发展思想,坚持< >的发展理念。___
A. 创新、协调、绿色、开放、共享
B. 创造、协调、生态、开放、共享
C. 创新、统筹、绿色、开放、共享
D. 创造、统筹、生态、开放、共享
E.
【单选题】
党的纪律主要包括< >、工作纪律、生活纪律。___
A. 思想纪律、队伍纪律、群众纪律、学习纪律
B. 政治纪律、廉政纪律、群众纪律、作风纪律
C. 思想纪律、组织纪律、廉洁纪律、作风纪律
D. 政治纪律、组织纪律、廉洁纪律、群众纪律
E.
【单选题】
党员的先进性,党员与一般群众的根本区别,就在于党员具有高度的< >。___
A. 组织纪律性
B. 共产主义觉悟
C. 历史使命感与责任感
D. 全心全意为人民服务的品质
E.
【单选题】
党员的党龄从()之日算起。___
A. 递交入党志愿书
B. 支部大会通过他为预备党员
C. 预备期满转为正式党员
D. 党员转正一年
E.
