【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
推荐试题
【单选题】
环式碎煤机的振动值超过0.15mm 时应___。
A. 加大给煤量;
B. 运行结束后检查;
C. 停机检查;
D. 分析原因后停机。
【单选题】
碎煤机运行中无明显振动,振动值不应超过 ___。
A. 0.4mm;
B. 0.3mm;
C. 0.2mm;
D. 0.1mm;
【单选题】
碎煤机监控仪主要是监测碎煤机运行的___。
A. 电流和功率;
B. 电压和功率;
C. 煤量和功率;
D. 温度和振动。
【单选题】
碎煤机启动后电流来回摆动,其原因是___。
A. 给料不均匀;
B. 转子不平衡;
C. 大块卡住;
D. 煤中水分大。
【单选题】
碎煤机运行中电流摆动,产生的原因是___。
A. 给料不均匀;
B. 负荷过大;
C. 电动机轴承缺油;
D. 碎煤机轴承缺油。
【单选题】
碎煤机电流摆动,是因为___。
A. 给料不均匀;
B. 负荷过大;
C. 轴承缺油;
D. 筛煤设备故障。
【单选题】
碎煤机严重堵塞会使碎煤机电流___。
A. 上升;
B. 下降;
C. 不变;
D. 不确定。
【单选题】
碎煤机强烈振动,电流突然上升并有严重响声的原因是___。
A. 机腔堵煤;
B. 碎煤机轴承损坏;
C. 大块煤进入碎煤机;
D. 大块煤石或铁块进入碎煤机。
【单选题】
碎煤机停止后,惰走时间较短,原因是___。
A. 电机故障;
B. 轴承故障;
C. 转子不平衡或轴承异常;
D. 衬板脱落。
【单选题】
因滚动轴承游隙过小造成碎煤机轴承温度超过80℃,处理方法为___。
A. 检修轴承;
B. 更换游隙合格的轴承;
C. 清洗轴承;
D. 填注润滑油。
【单选题】
碎煤机内有异常声响,产生的原因是有不易破碎的杂物进入机腔,处理方法是___。
A. 汇报辅控值班员;
B. 通知下级皮带值班员注意;
C. 停机清理杂物;
D. 不必处理。
【单选题】
碎煤机启动后,机械部分转动吃力或不转,电流最大而不返回,产生的原因是___。
A. 滚动轴承游隙过大,润滑脂不足;
B. 滚动轴承游隙小,润滑脂不合格;
C. 电动机老化,联轴器不同心;
D. 机内有杂物,碎煤机堵塞。
【单选题】
起动碎煤机后机械部分转动吃力或不转,电流大而不返回,产生的原因是___。
A. 滚动轴承游隙过大,润滑脂不足;
B. 电动机老化,联轴器不同心;
C. 机内有杂物,堵塞碎煤;
D. 电动机轴承缺润滑脂。
【单选题】
检修后的碎煤机在启动前应先___。
A. 请示班长了;
B. 人工盘车2~3转或点车试转;C、检查轴承; D、清理机腔。
【单选题】
检修后的碎煤机空车试运时间不低于___。
A. 4h;
B. 3h;
C. 2h;
D. 1h。
【单选题】
滚轴筛煤机筛分原煤后,其筛下物是将___以下的原煤直接运到下一级皮带,将筛上的大块煤运到碎煤机。
A. 30mm×30mm;
B. 300mm×300mm;
C. 450mm×450mm;
D. 200mm×200mm。
【单选题】
固定筛倾斜角度一般在___。
A. 30°~40°;
B. 45°~55°;
C. 55°~60°;
D. 60°以上。
【单选题】
固定筛筛孔尺寸应为筛下物的___倍。
A. 2.5;
B. 2;
C. 1.5;
D. 1.2~1.3。
【单选题】
一般情况下,固定筛的长度L 为___m。
A. 1.5;
B. 2~5;
C. 3.5~6;
D. 6.5。
【单选题】
带式除铁器是由电磁铁,机架,驱动电机,减速机,___,弃铁皮带,支撑托辊和冷却风机等组成。
A. 主、从动滚筒;
B. 改向滚筒;
C. 光面滚筒;
D. 拉紧滚筒。
【单选题】
皮带机头部安装带式除铁器时,除铁器离皮带机滚筒的距离为___mm 最合适。
A. l00;
B. 200;
C. 300;
D. 400。
【单选题】
带式除铁器的外接电源是___V。
A. 220;
B. 250;
C. 380;
D. 420。
【单选题】
带式除铁器的直流电路采用___整流回路。
A. 单相半波;
B. 三相桥式;
C. 三相半波;
D. 单相半波或三相半波。
【单选题】
带式除铁器运行中强磁保持时间一般为___s。
A. 6;
B. 10;
C. 12;
D. 15。
【单选题】
当带式除铁器与金属探测器配套使用时,要定期检查金属探测器的___。
A. 除铁效果;
B. 磁场强弱;
C. 动作情况;
D. 完好情况。
【单选题】
DDC —14带式电磁除铁器适用输煤皮带宽度为___mm.。
A. 800;
B. 1000;
C. l200;
D. 1400。
【单选题】
皮带秤的作用是___。
A. 测量皮带的重量;
B. 测量皮带的速度;
C. 计量皮带输送的煤量;
D. 对煤在皮带输送机静止时称重。
【单选题】
电子皮带秤应安装在离落料点___m 以外的区段上,保证其测量精度。
A. 5;
B. 10;
C. 14;
D. 15~20。
【单选题】
皮带秤应每月进行实煤校验2~4次,校验的煤量不小于皮带出力的___。
A. 0.5%;
B. 1.5%;
C. 2%;
D. 5%。
【单选题】
皮带秤计量误差率应小于___。
A. ±0.5%;
B. ±1.5%;
C. ±2%;
D. ±5%。
【单选题】
皮带机头部采样机的破碎机出料粒度应小于___ mm。
A. 6;
B. 10;
C. 20;
D. 30。
【单选题】
皮带机头部采样机的缩分器的缩分比为___可调。
A. 1~1∕20;
B. 1~1∕40;
C. 1~1∕60;
D. 1~1∕80。
【单选题】
采样机的年投运率要求达到___。
A. 90%;
B. 80%;
C. 95%;
D. 99%。
【单选题】
检验机械化采样装置采取样本的代表性,实际就是检验该装置的采样是否存在___偏差。
A. 操作;
B. 偶然;
C. 系统;
D. 过失。
【单选题】
犁式卸料器具有安全可靠、配煤方便、结构简单、___、维护量小等优点。
A. 体积重;
B. 重量轻;
C. 磨损少;
D. 刚度大。
【单选题】
清扫器皮带条应露出其金属夹板___ mm。
A. 10~14;
B. 5~10;
C. 15~20;
D. 10~20。
【单选题】
推煤机为了防止摩擦片的烧损,严禁离合器处于___状态。
A. 半结合;
B. 结合;
C. 分离;
D. 工作。
【单选题】
推煤机不允许在硬路上高速行驶,禁止使用___。
A. 四挡、五挡;
B. 一、二挡;
C. 二挡、三挡;
D. 空挡。
【单选题】
煤刮板机在电厂输煤系统中,大多用来作为___。
A. 给、配煤设各;
B. 煤场设备;
C. 卸煤设备;
D. 输送设备。
