【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
推荐试题
【多选题】
加强党的建设,必须放在首位的是___
A. 思想建设
B. 组织建设
C. 作风建设
D. 理论建设
【多选题】
中国共产党在统一战线中处理同资产阶级关系的正确方针是___
A. 又联合又斗争
B. 一切经过统一战线
C. 一切服从统一战线
D. 发展进步势力
【多选题】
抗日民族统一战线中的顽固势力是指___
A. 亲英美派的大地主大资产阶级
B. 地方实力派
C. 亲日派的大地主大资产阶级
D. 民族资产阶级
【多选题】
在抗日民族统一战线中对顽固势力采取的策略是___
A. 有理、有利、有节
B. 坚决打击
C. 彻底消灭
D. 团结-批评-团结
【多选题】
“因为中国资产阶级根本上与剥削农民的豪绅地主相联结相混合,中国革命要推翻豪绅地主阶级,便不能不同时推翻资产阶级。”这一观点的主要错误是___
A. 忽视了反对帝国主义的必要性
B. 未能区分中国资产阶级的两部分
C. 混淆了民主革命和社会主义革命的任务
D. 不承认中国资产阶级与地主阶级的区别
【多选题】
新民主主义革命统一战线的主体是___
A. 无产阶级和小资产阶级联盟
B. 工农联盟
C. 非劳动者联盟
D. 劳动者与非劳动者联盟
【多选题】
正式提出建立国共合作统一战线的思想是在___
A. 党的一大上
B. 党的二大上
C. 党的三大上
D. 党的四大上
【多选题】
第一次明确提出坚持无产阶级领导权和农民同盟军思想是在___
A. 党的一大上
B. 党的二大上
C. 党的三大上
D. 党的四大上
【多选题】
“枪杆子里出政权”论断的提出是在___
A. 党的四大
B. 党的八七会议上
C. 党的七大上
D. 党的七届二中全会上
【多选题】
关于近代中国半殖民地半封建社会的主要矛盾,下列说法正确的是 ___
A. 帝国主义和中华民族的矛盾
B. 封建主义和人民大众的矛盾
C. 资产阶级与农民阶级的矛盾
D. 帝国主义和中华民族的矛盾又是各种矛盾中最主要的矛盾
【多选题】
1948年,毛泽东在《在晋绥干部会议上的讲话中》完整地表述了新民主主义革命总路线的内容,即___
A. 无产阶级领导的
B. 人民大众的
C. 反对帝国主义、封建主义和官僚资本主义的革命
D. 反对民族资产阶级的革命
【多选题】
新民主主义革命的对象是___
A. 民族资产阶级
B. 帝国主义
C. 官僚资本主义
D. 封建主义
【多选题】
新民主主义革命的动力包括 ___
A. 农民阶级
B. 无产阶级
C. 城市小资产阶级
D. 民族资产阶级
【多选题】
近代中国社会的阶级结构是“两头小中间大”,那么“两头”是指___
A. 地主大资产阶级
B. 城市小资产阶级
C. 农民阶级
D. 无产阶级
【多选题】
新民主主义革命属于 ___
A. 资产阶级民主革命
B. 无产阶级社会主义革命性质
C. 世界资产阶级革命范畴
D. 世界无产阶级社会主义革命的一部分
【多选题】
毛泽东指出,无产阶级要实现对同盟者的领导必须具备的条件有 ___
A. 率领被领导者(同盟者)向着共同敌人作坚决的斗争,并取得胜利
B. 坚持独立自主的原则,对同盟者实行又联合又斗争的政策
C. 对被领导者给以物质福利,至少不损害其利益,同时对被领导者给予政治教育
D. 坚持发展进步势力、争取中间势力、孤立顽固势力的方针
【多选题】
中国无产阶级特殊的优点有___
A. 大部分出身于破产的农民,和农民有着天然的联系
B. 富于组织性和纪律性
C. 深受帝国主义、封建主义和官僚资本主义三重压迫
D. 分布集中,有利于无产阶级队伍的组织和团结
【多选题】
新民主主义革命时期,党领导的统一战线,先后经过了___
A. 第一次国共合作统一战线
B. 工农民主统一战线
C. 抗日民主统一战线
D. 人民民主统一战线
【多选题】
新民主主义革命和社会主义革命的关系是___
A. 新民主主义革命与社会主义革命的任务相同
B. 两个革命之间需要有一个资本主义的过渡阶段
C. 新民主主义革命是社会主义革命的必要准备
D. 社会主义革命是新民主主义革命的必然趋势
【多选题】
土地革命战争时期,中国的红色政权能够存在与发展的主观条件有___
A. 中国是帝国主义国家间接统治的政治经济发展不平衡的半殖民地半封建的大国
B. 全国革命形势的继续向前发展
C. 相当力量的正式红军的存在
D. 党的领导及其正确的政策
【多选题】
党在长期斗争中形成的三大优良作风___
A. 理论联系实际
B. 密切联系群众
C. 为人民服务
D. 批评与自我批评
【多选题】
中国革命统一战线中的两个联盟是___
A. 工人阶级和农民及其他劳动者的联盟
B. 工人阶级和民族资产阶级及其他可以合作的非劳动人民的联盟
C. 农民阶级、小资产阶级的联盟
D. 民族资产阶级和大资产阶级的联盟
【多选题】
中国官僚资本主义具有___
A. 买办性
B. 封建性
C. 垄断性
D. 软弱性
【多选题】
中国的民族资产阶级___
A. 是中国革命的动力之一
B. 具有一定的反帝反封建的革命性
C. 反帝反封建的勇气不彻底,具有妥协性和动摇性
D. 无产阶级必须对民族资产阶级实行既团结又斗争的政策
【多选题】
中国共产党抗日民族统一战线中的策略总方针是___
A. 发展进步势力
B. 打击反动势力
C. 争取中间势力
D. 孤立顽固势力
【多选题】
中国共产党领导的武装斗争,实质上是在无产阶级领导下的农民战争,这是因为___
A. 农民阶级是中国最为集中的、最为革命的先进阶级
B. 中国革命不同时期人民武装力量的主要成分是农民
C. 中国革命最广大的动力和革命队伍的主力军是农民
D. 革命领导者的中国共产党是农民阶级的先锋队组织
【多选题】
土地革命战争时期,毛泽东以马克思主义为指导,发表了《中国的红色政权为什么能够存在?》、《井冈山的斗争》、《星星之火,可以燎原》、《反对本本主义》等重要著作,这些著作___
A. 是毛泽东思想形成阶段的主要成果
B. 分清了革命斗争中的敌友问题
C. 概括了新民主主义革命的总路线和基本纲领
D. 提出了农村包围城市、最后夺取城市的革命道路理论
【多选题】
民主革命时期,城市小资产阶级包括广大的___
A. 知识分子
B. 自由职业者
C. 手工业者
D. 小商人
【多选题】
近代以来中华民族面临的两大历史任务是___
A. 推翻军阀官僚的反动统治
B. 争取民族独立和人民解放
C. 建立无产阶级专政的政权
D. 实现国家富强和人民富裕
【多选题】
1949年新中国的建立,标志着中国已从半殖民地半封建社会进入___。
A. 资本主义社会
B. 新民主主义社会
C. 社会主义社会
D. 共产主义社会
【多选题】
新民主主义社会的五种经济成分中处于领导地位的是___。
A. 国营经济
B. 合作社经济 C.私人资本主义经济 D.国家资本主义经济
【多选题】
新民主主义社会是___。
A. 固定不变的社会
B. 过渡性的社会
C. 独立的社会形态
D. 共产主义社会的初级阶段
【多选题】
新中国成立,尤其是土地制度的改革完成后,中国国内的主要矛盾已经转变为:___。
A. 帝国主义与中华民族、封建主义与人民大众的矛盾
B. 人民日益增长的美好生活需要和不平衡不充分的发展之间的矛盾
C. 无产阶级与资产阶级、社会主义道路与资本主义道路的矛盾
D. 人民对于经济文化迅速发展的需要同当前经济文化不能满足人民需要的状况之间的矛盾
【多选题】
我国新民主主义社会属于___
A. 社会主义社会体系
B. 新民主主义社会体系
C. 资本主义社会体系D.共产主义社会体系
【多选题】
个体经济向社会主义集体经济过渡的形式是___
A. 国营经济
B. 合作社经济
C. 国家资本主义经济
D. 私人资本主义经济
【多选题】
私人资本主义经济向社会主义国营经济过渡的形式是___
A. 个体经济
B. 合作社经济
C. 国家资本主义经济
D. 私人资本主义经济
【多选题】
新中国成立初期建立社会主义国营经济的主要途径是___
A. 没收帝国主义在华企业
B. 没收官僚资本
C. 赎买民族资产阶级的财产
D. 剥夺地主阶级的财产
【多选题】
新民主主义社会中,民族资产阶级的两面性是___
A. 革命性和妥协性
B. 唯利是图的一面和促进生产发展的一面
C. 积极性和消极性
D. 剥削工人的一面和接受工人阶级及其政党领导的一面
【多选题】
过渡时期的总路线的主体是___
A. 工业化
B. 对农业的社会主义改造
C. 对手工业的社会主义改造
D. 对资本主义工商业的社会主义改造
【多选题】
过渡时期的总路线被概括为“一化三改”,“一化”的含义是指___
A. 实现私营企业的国有化
B. 实现农业的集体化
C. 实现手工业的合作化
D. 实现社会主义的工业化
