【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
推荐试题
【单选题】
自古至今,贯穿于中华民族社会生活的各个领域,体现在中华民族德行的各个方面,鲜明地体现了中华民族的民族性格和道德精神的民族精神是___
A. 爱好和平
B. 勤劳勇敢
C. 团结统一
D. 自强不息
【单选题】
团结统一、爱好和平、勤劳勇敢、自强不息的民族精神,在历史的发展过程中都服务于___的主题。
A. 建功立业
B. 保家卫国
C. 爱国兴邦
D. 富民强国
【单选题】
中华民族是一个爱好和平的民族,中国选择走和平发展的道路。但是,中华民族也是一个不畏强暴、不容他人侵略的民族。在当今时代,维护世界和平,维护国家的安全、统一和发展,需要___
A. 建立强大、巩固的国防
B. 建立强大、巩固的军队
C. 建立强大的预备役部队
D. 建立全民皆兵的国防体制
【单选题】
在漫长的历史岁月中,中国的主体一直是一个统一的多民族国家,虽有分合离乱,但统一的时期远远多于分裂的时期,其根本的原因就在于中华民族具有___的优良传统。
A. 爱好和平
B. 勤劳勇敢
C. 团结统一
D. 自强不息
【单选题】
在中华民族的意识中,___是一切事业成功的保证,是兴家立国之本。
【单选题】
中华民族所以能在五千多年的历史进程中历经挫折而不屈,屡遭坎坷而不馁,靠的是勇于进取的___精神。
A. 忍辱负重
B. 艰苦奋斗
C. 自强不息
D. 任劳任怨
【单选题】
新的世纪,各国之间综合国力的竞争日趋激烈。在激烈的国际竞争中,中华民族立于不败之地的一个重要保障,就是要高扬___旗帜,最大限度地团结全国各族人民和港澳台以及广大海外同胞,激发起爱我中华、建我中华、强我中华的爱国热情。
A. 爱国主义
B. 集体主义
C. 社会主义
D. 民族主义
【单选题】
在中华民族的爱国主义发展史上,___是中华儿女爱国情怀的重要体现,也是对国家主权、领土完整及民族感情的认同。
A. 推动民族融和和民族交流
B. 维护祖国统一、反对祖国分裂
C. 忠君爱民
D. 认祖归宗
【单选题】
中华民族崇尚精神的优良传统,首先表现在对物质生活与精神生活相互关系的独到理解上。下列名言警句,体现这一点的是___
A. 为天地立心,为生民立命,为往圣继绝学,为万世开太平
B. 自天子以至于庶人,一切皆以修身为本
C. 见贤思齐焉,见不贤而内自省也
D. 一箪食,一瓢饮,在陋巷,人不堪其忧,回也不改其乐
【单选题】
爱国主义精神的感性基础是___
A. 爱国思想
B. 爱国行为
C. 爱国情感
D. 爱国信念
【单选题】
爱国主义体现了人民群众对自己祖国的深厚感情,反映了个人对祖国的___
A. 依存关系
B. 亲情关系
C. 服从关系
D. 血肉关系
【单选题】
___是调节个人与祖国之间关系的道德要求、政治原则和法律规范。
A. 爱国思想
B. 爱国行为
C. 爱国主义
D. 爱国情感
【单选题】
爱国主义的基本要求包括:爱祖国的大好河山、爱自己的骨肉同胞、___和爱自己的国家。
A. 爱人民
B. 爱劳动
C. 爱祖国的灿烂文化
D. 爱科学
【单选题】
“苟利国家生死以,岂因祸福避趋之”体现了爱国者矢志不渝的精神。提出此名言的爱国者是___
A. 梁启超
B. 黄兴
C. 林则徐
D. 司马迁
【单选题】
写下“位卑未敢忘忧国”的爱国名言的人是___
A. 苏武
B. 康有为
C. 顾炎武
D. 陆游
【单选题】
“先天下之忧而忧,后天下之乐而乐”体现了爱国者以天下为己任的崇高精神境界。写下这句名言的人是___
A. 李白
B. 杜甫
C. 辛弃疾
D. 范仲淹
【单选题】
“天下兴亡,匹夫有责”的思想深刻表达了中华民族以天下为己任的爱国情怀。提出这个思想的人是___
A. 顾炎武
B. 黄宗羲
C. 林则徐
D. 谭嗣同
【单选题】
国家的核心利益是___
A. 领导世界
B. 维护国家主权和领土完整
C. 繁荣富强
D. 对外扩张
【单选题】
新时期爱国主义的主题是___
A. 维护国家的根本利益
B. 建设中国特色社会主义
C. 保卫祖国、抵抗侵略
D. 为祖国统一、领土主权完整贡献力量
【单选题】
在当代中国,爱国主义首先体现在对___的热爱上。
A. 社会主义中国
B. 传统文化
C. 历史成就
D. 祖国河山
【单选题】
中国的历史和现实都充分证明了,只有___才能救中国和发展中国。
A. 社会主义
B. 民族主义
C. 资本主义
D. 自由主义
【单选题】
中华民族近代民族独立和人民解放的曲折历史证明,___是高举爱国主义旗帜并躬身实践的光辉典范。
A. 中国国民党
B. 中国共产党
C. 民间团体
D. 民族资本家
【单选题】
在爱国主义的原则上,对生活在祖国大陆的中华人民共和国公民的基本要求是___
A. 坚持爱国主义与爱社会主义的一致性
B. 坚持爱国主义与拥护祖国统一的一致性
C. 坚持爱国主义与爱中国共产党的一致性
D. 坚持爱国主义与爱人民政府的一致性
【单选题】
在爱国主义的原则上,对全体中华儿女包括港澳台同胞以及海外侨胞的基本要求是___
A. 坚持爱国主义与爱社会主义的一致性
B. 坚持爱国主义与拥护祖国统一的一致性
C. 坚持爱国主义与爱中国共产党的一致性
D. 坚持爱国主义与爱人民政府的一致性
【单选题】
当今时代发展的重要趋势之一是___
A. 经济全球化
B. 政治一体化
C. 文化一体化
D. 国家中性化
【单选题】
爱国主义精神的落脚点和归宿是___
A. 爱国情感
B. 爱国思想
C. 爱国行为
D. 爱国语言
【单选题】
爱国主义不仅代表了人们对自己祖国的深厚情感,更体现为现实的义务和责任。脚踏实地,___应当成为每一个中国人的基本追求。
A. 做忠诚的爱国者
B. 只购买民族品牌的商品
C. 跟日本、美国等反华势力斗争到底
D. 参军入伍
【单选题】
在当代中国,爱国主义首先体现在___
A. 对社会主义中国的热爱
B. 对人民群众的热爱
C. 对港澳台同胞和海外侨胞的热爱
D. 对马克思主义的热爱
【单选题】
时代精神的核心是___
A. 改革创新
B. 艰苦奋斗
C. 求真务实
D. 勤劳勇敢
【单选题】
社会主义的根本任务是___
A. 消灭剥削
B. 保护环境
C. 发展生产力
D. 扩军备战
【单选题】
党的十一届三中全会以来的辉煌成就雄辩地证明,___是中国走向繁荣富强的必由之路,是中国特色社会主义发展前进的成功之路。
A. 实事求是
B. 解放思想
C. 市场经济
D. 改革开放
【单选题】
党中央向全党全社会发出了建立创新型国家的号召。建设创新型国家,就要把___作为发展科学技术的战略基点和调整经济结构、转变经济增长方式的中心环节,不断巩固和发展中国特色社会主义伟大事业。
A. 理论创新
B. 制度创新
C. 科技创新
D. 增强自主创新能力
【单选题】
中国共产党在准确把握世界发展趋势、认真总结中国社会主义发展经验、深入分析中国发展阶段特征的基础上提出的、指导发展的世界观和方法论的集中体现的重大战略思想是___
A. 科学发展观
B. 西部大开发
C. 振兴东北
D. 科教兴国
【单选题】
在各种创新中,能够成为社会发展和变革的先导的创新是___
A. 制度创新
B. 理论创新
C. 科技创新
D. 文化创新
【单选题】
___是其他一切创新的重要保障。
A. 制度创新
B. 理论创新
C. 科技创新
D. 文化创新
【单选题】
___是国家竞争力的核心。
A. 理论创新能力
B. 文化创新能力
C. 思维创新能力
D. 科技创新能力
【单选题】
人才是第一资源,理论创新、制度创新、科技创新和文化创新,都要以___为基础。
A. 培养创新型人才
B. 培养实用型人才
C. 培养管理类人才
D. 培养专业型人才
【单选题】
发展的希望在创新,创新的希望在青年,___是国家创新型人才的重要后备军。
A. 知识分子
B. 技术型工人
C. 当代大学生
D. 自然科学家
【单选题】
解决台湾问题,实现祖国完全统一,是海内外中华儿女的共同心愿,是中华民族的根本利益所在。推进两岸关系发展和祖国统一大业,必须坚持的基本方针是___
A. 和平统一、一国两制
B. 武力促统
C. 封锁和打压台湾
D. 求助于国际势力
【单选题】
我国社会主义国防观念的重要思想基础是___
A. 集体主义
B. 民族主义
C. 爱国主义
D. 霸权主义
