【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
推荐试题
【单选题】
下列是关于疼痛的特征,不包括___
A. 疼痛是个体身心受到侵害的危险警告
B. 疼痛是一种身心不舒适的感觉
C. 疼痛常伴有生理行为和情绪反应
D. 个体关注自身疼痛的感觉,可以使疼痛减轻
E. 患者处于焦虑恐惧状态时,疼痛可以加重
【单选题】
慢性风湿性关节炎可选择___
A. 热疗
B. 冷疗
C. 深部脑刺激
D. 射频
E. 电疗
【单选题】
下列影响疼痛的因素中不包括___
A. 个体早期的生活经验
B. 天气
C. 个体对疼痛的注意力
D. 患者的情绪
E. 患者所处的社会文化背景
【单选题】
下列是为疼痛患者实施止痛措施,错误的是___
A. 药物与非药物止痛方法联合使用
B. 当患者出现明显疼痛时,护士才可采用止痛措施
C. 对中等程度疼痛的患者,可采用非麻醉性止痛药
D. 疼痛原因未明,禁止使用任何镇痛药
E. 给药后20~30分钟,须评估和记录镇痛效果及不良反应
【单选题】
下列哪项是椎动脉型颈椎病的临床表现___
A. 上下肢肌腱反射亢进
B. 有副交感神经症状
C. X线平片常阴性
D. 上肢牵拉试验阳性
E. 旋颈试验阳性
【单选题】
男,47岁,四肢麻胀,乏力逐渐加重近3年,1个月前不慎滑倒,当即出现四肢活动障碍,查体:神志清楚,头部活动无明显受限,第2肋以下皮肤痛觉减退,四肢不能主动活动,肌张力增高,病理征(+),诊断为___
A. 颈椎脱位
B. 脊髓型颈椎病
C. 外伤性颈髓损伤
D. 颈椎肿瘤
E. 颈椎管内肿瘤
【单选题】
顿挫型带状疱疹表现为___
A. 仅出现红斑.丘疹而无水疱
B. 同时侵犯2个以上神经节产生对侧皮损
C. 不出现皮损而仅有神经痛
D. 侵犯肺.脑等器官
E. 只出现皮损而无神经痛
【单选题】
骨质疏松抗骨吸收药不对的有___
A. 钙制剂
B. 雌激素.孕激素
C. 芬必得.消炎痛
D. 维生素D
E. 降钙素
【单选题】
以下哪一项是对类风湿性关节炎的正确描述___
A. 全身性疾病
B. 原因明确
C. 主要为大关节病变
D. 多呈非对称性
E. 病程短
【单选题】
血栓闭塞性脉管炎的止痛措施错误的是___
A. 可用血管扩张药
B. 用低分子右旋糖酐改善微循环
C. 用中分子右旋糖酐有止痛效果
D. 疼痛剧烈可用麻醉性镇痛药
E. 严重的可通过硬膜外使用镇痛泵
【单选题】
在人体实验中,以犯人为受试者,认识正确的是___
A. 在任何情况下,都不允许以犯人作为受试者
B. 只要有犯人的签字同意,以犯人为受试者可以得到伦理的辩护
C. 一般情况下,是不允许用犯人做实验的,即使使用犯人作为受试者,必须首先考察是否具备受试者的条件
D. 犯人是犯了罪的人,用他们作受试者,是给他们一个为社会做贡献从而改过自新的机会
E. 应该按照公安部门的安排进行
【单选题】
医德修养的根本途径和方法是___
A. 学习医德理论知识
B. 在医疗卫生保健实践中修养
C. 有的放矢
D. 持之以恒
E. 追求慎独
【单选题】
生命伦理学研究的主要内容是___
A. 义务论
B. 公益论
C. 公平理论
D. 生命道德理论
E. 生命科学
【单选题】
在保护病人隐私时应考虑除外___
A. 患者不愿让他人知道的变态心理,要求绝对保密
B. 患者不愿让他人知道的个人行为,要求绝对保密
C. 患者不愿让他人知道的家庭生活,要求绝对保密
D. 患者不愿让他人知道的不良诊断,要求绝对保密
E. 患者不愿让他人知道的艾滋病病情,要求绝对保密
【单选题】
某老年患者身患肺癌晚期,生命垂危,家属明确要求不惜一切代价地进行抢救,医护人员应该___
A. 尊重家属意见,不惜一切代价地进行抢救
B. 实施积极安乐死
C. 实施消极安乐死
D. 说服家属彻底放弃治疗与抢救
E. 有限度地治疗和抢救
【单选题】
某病人因车祸造成多发性骨折,多脏器破裂,如果不及时手术,就会危及病人生命。然而,同行的伙伴谁也不敢代替家属签名。这时,主刀医生站出来。说:"我签,有责任我负!"经过医务人员的全力抢救,病人终于脱离危险。医生最符合医学道德的做法是___
A. 医生不应施手术,因为没有人在手术同意书上签字
B. 主刀医生已把不施行手术抢救可有发生的后果告知他的伙伴,如抢救不成功,医生不应该承担法律责任
C. 主刀医生代表患者亲人签字,表现了医生以病人利益为重、无私无畏的高尚医德精神
D. 以上三点都符合抢救重危病人的道德
E. 以上除B点,其他几点都是符合医学道德的
【单选题】
现代临终关怀事业的创始人是___
A. 英国的南丁格尔
B. 美国的库布勒一罗斯
C. 英国的桑德斯
D. 美国的史密斯
E. 德国的康德
【单选题】
卫生资源分配的最基本的伦理道德准则是___
A. 公平公正原则
B. 生命价值原则
C. 优先原则
D. 效益原则
E. 不伤害原则
【单选题】
不属于人体实验的道德原则是___
A. 知情同意的原则
B. 符合科学的原则
C. 符合受试者利益的原则
D. 实事求是的原则
【单选题】
下列关于审慎的理解,最正确的是___
A. 周密谨慎
B. 谨小慎微
C. 认真负责
D. 全神贯注
E. 瞻前顾后
【单选题】
以下关于"不伤害"原则的表达不正确的是___
A. 无损伤
B. 尽可能避免身体方面的伤害
C. 尽可能避免生理方面的伤害
D. 尽可能避免心理方面的伤害
E. 避免道德伤害
【单选题】
标志着当代护理思想和观念重大变革的是___
A. 整体护理
B. 心理护理
C. 基础护理
D. 社区护理
E. 家庭病床护理
【单选题】
关于临终关怀正确的是___
A. 治疗和护理并重
B. 重治疗,轻护理
C. 重护理,轻治疗
D. 重病人,轻家属
E. 促使病人早日结束生命
【单选题】
在临床医学研究中要求对资料保密,以下哪一点是不属于该范畴的___
A. 对研究资料严加保密
B. 对研究成果严加保密
C. 医师与病人之间的保密
D. 研究者与受试者之间的保密
E. 对病人姓名做保密处理
【单选题】
《大医精诚》的作者是___
A. 刘完素
B. 孙思邈
C. 张仲景
D. 林逋
E. 李时珍
【单选题】
护理职业道德监督的手段包括___
A. 法律、制度监督、社会监督、自我监督
B. 法律、制度监督、社会监督、服务对象监督
C. 法律、制度监督、群众监督、服务对象监督
D. 自我监督、群众监督、社会监督
E. 领导监督、媒体监督、服务对象监督
【单选题】
当某种诊治决策对病人利害共存时,要求临床医师保证最大善果和最小恶果的医学伦理学原则是___
A. 患者自主
B. 有利患者
C. 为社会主义现代化建设服务
D. 严谨审慎
E. 双方协商解决
【单选题】
某医疗辅助生殖技术机构在没有通知某当事人的情况下,将其冷冻保存精子为一患者提供了人工授精技术,该机构违背了哪项伦理原则___
A. 有利于供受者的原则
B. 知情同意的原则
C. 社会公益原则
D. 保密原则
E. 保护后代的原则
【单选题】
护患关系的特征是___
A. 一种工作关系,是一种信任关系
B. 一种信任关系,是一种治疗关系,是一种工作关系,是一种群群关系
C. 一种群群关系,是一种工作关系,是一种信任关系
D. 一种群群关系,是一种治疗关系,是一种信任关系
E. 一种工作关系,是一种群群关系,是一种治疗关系
【单选题】
对医术与医德之间关系的理解有误的是___
A. "医乃仁术"
B. 有能力做的就应该去做
C. "大医精诚"
D. 临床医学决策同时也是伦理决策
E. 前沿医学技术应用于临床必须有医德参与
【单选题】
医务人员应共同遵守的道德原则以及建立良好医际关系的思想基础是___
A. 病人利益至上
B. 医生利益至上
C. 医院利益至上
D. 社会利益至上
E. 以上都不是
【单选题】
医学伦理的"有利"原则不包括___
A. 努力使患者受益
B. 关心患者的客观利益和主观利益
C. 选择受益最大,伤害最小的行动方案
D. 努力预防或减少难以避免的伤害
E. 把患者的利益看得高于一切
【单选题】
护理工作应具有丰富的人文、社会科学知识,因为它是一门源于___
A. 生物、社会、经济及行为等方面科学知识的专业
B. 生物、社会、心理及行为等方面科学知识的专业
C. 生物、法律、社会及行为等方面科学知识的专业
D. 生物、艺术、社会及行为等方面科学知识的专业
E. 生物、法律、心理及社会等方面科学知识的专业
【单选题】
符合临终关怀伦理的做法是___
A. 想方设法延长病人的生命,以使其获得更长的寿命
B. 研制更加安全可靠的药物,帮助病人安详辞世
C. 由于临终病人生命质量通常都比较低,没有幸福可言,应及早放弃治疗
D. 努力减轻临终病人的身体疼痛和心理不适,提高其生命质量
E. 让病人了解死亡是每个人都不可避免的
【单选题】
护理道德的原则是___
A. 不伤害原则、行善原则、公正原则、尊重原则
B. 不伤害原则、一视同仁原则、平等原则、尊重原则
C. 平等原则、公正原则、行善原则、尊重原则
D. 不伤害原则、行善原则、平等原则、公正原则
E. 行善原则、公正原则、尊重原则、维护病人利益的原则
【单选题】
护患关系的道德规范之一是尊重病人,一视同仁,其内含是___
A. 护士要尊重病人的生命价值,不论病人的职位、贫富、年龄、病种、民族等差异多大,都要以诚相待,一视同仁
B. 护士要尊重病人的人格和权利,不论病人的职位、贫富、年龄、病种、民族等差异多大,都要以诚相待,一视同仁
C. 护士要尊重病人的生命价值,尊重病人的人格和权利,不论病人的职位、贫富、年龄、病种、民族等差异多大,都要以诚相待,一视同仁
D. 护士不论病人的职位、贫富、性别、年龄、相貌、病种、病情、民族等差异多大,都要以诚相待,一视同仁
E. 护士要尊重病人的生命价值,尊重病人的人格和权利,并成为病人人格和权利的忠实维护者
【单选题】
整体护理具有如下意义,但不包括___
A. 改变了"医生的嘴,护士的腿"的工作局面
B. 密切了护患关系
C. 调动护士的工作积极性
D. 树立"以病人为中心"的护理理念
E. 丰富了护理理论与实践内容
【单选题】
现代医学模式是指___
A. 生物-心理-社会医学模式
B. 生物医学模式
C. 高新技术医学模式
D. 整体医学模式
E. 分子医学模式
【单选题】
对医学伦理学不伤害原则的准确理解是对病人___
A. 避免责任伤害
B. 避免技术伤害
C. 避免躯体伤害
D. 避免心理伤害
E. 以上都是
【单选题】
临终关怀的伦理意义表现在___
A. 它有利于建立和谐社会
B. 它体现生命神圣、质量和价值的统一
C. 它理解临终病人的需求
D. 它维护临终病人的生命尊严
E. 它同情和关心临终病人的家属
