【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
推荐试题
【填空题】
[题目]38.___发电机为什么要做直流耐压和泄漏电流试验?[3415220724]___
【填空题】
[答案]因为用摇表测量绝缘电阻,由于所加直流电压不高,绝缘中个别或局部缺陷未必能暴露出来。___而直流耐压和泄漏电流试验在原理上同用摇表测量绝缘电阻相同。只是直流耐压是对绝缘施加较高的直流电压;并通过一只微安表测量泄漏电流,以观察被试物的绝缘好坏。它可有效地检查出定子端部的绝缘缺陷。所以要对发电机进行直流耐压及泄漏电流试验。___
【填空题】
[题目]39.___如何利用压力表区分无标志的R12和R22钢瓶?[345220741]___
【填空题】
[答案]在一个大气压力下,各种制冷剂都有固定的汽化___温度,测量此温度的高低可区分无标志的R12和R22。选用一只量程为-50℃的温度计,并在制冷剂瓶上接出500MM长的排液管,___然后把A钢瓶倒置,稍许打开瓶头阀让制冷剂液体流出,把管端置于敞口容器内,再把温度计插入容器中,记下测得的温度值。用同样方法测得B钢瓶中制冷剂的汽化温度。两者比较,温度低的是R22钢瓶,高的是R12钢瓶。___
【填空题】
[题目]40.___为什么三相异步电动机起动电流比额定电流大得多?[345220728]___
【填空题】
[答案]异步电动机定子绕组刚刚接通电源时,其转子因惯性作用还未转动,这时旋转磁场与转子绕组相对切割的速度非常高,转子感应电动势及感应电流也就相当大,由于转子电流的作用,使定子的起动电流也很大。___电动机额定运行时,转子的转速已达到额定值,与旋转磁场的转速相差很小,这时旋转磁场与转子绕组相对切割的速度很低,因而转子感应电动势与感应电流都比起动时小得多,定子电流也就比起动时小得多。___
【单选题】
由于国内通货膨胀或通货紧缩而导致的国际收支不平衡,称为___
A. 周期性不平衡
B. 收入性不平衡
C. 结构性不平衡
D. 货币性不平衡
【单选题】
理论上判断一国国际收支是否平衡的标准是___
A. 经常项目的差额为零
B. 资本金融项目的差额为零
C. 自主性交易项目的差额为零
D. 调节性交易项目的差额为零
【单选题】
米德冲突指:___
A. 国际收支顺差和保持固定汇率的冲突
B. 内部均衡和外部均衡的冲突
C. 本国充分就业和通货膨胀的冲突
D. 货币政策和财政政策有效性的冲突
【单选题】
在“不可能三角”中,香港和阿根廷的金融模式是选择___
A. 独立的货币政策和汇率稳定
B. 独立的货币政策和资本自由流动
C. 汇率稳定和资本自由流动
D. 联合浮动并实行统一的财政标准
【单选题】
根据蒙代尔的分配原则,当一国同时面临通货膨胀和国际收支逆差时,政府应采取___
A. 紧缩的财政政策和扩张的货币政策
B. 扩张的财政政策和紧缩的货币政策
C. 紧缩的财政政策和紧缩的货币政策
D. 扩张的财政政策和扩张的货币政策
【单选题】
若国际收支不平衡是由于总需求大于总供给而形成的收入性不平衡,可采取的措施是___
A. 紧缩的财政货币政策
B. 扩张的财政货币政策
C. 直接管制政策
D. 货币贬值的汇率政策
【单选题】
如果经常项目账户上出现赤字,则___
A. 出口和进口都在减少
B. 出口和进口相等
C. 出口和进口相等且均减少
D. 出口小于进口
【单选题】
一般来说,引起国际收支长期且持久失衡的因素是___
A. 经济周期更迭
B. 货币价值变动
C. 预期目标改变
D. 经济结构滞后
【单选题】
短期资本流入有利于一国___
A. 利率水平降低
B. 货币政策的执行
C. 通货膨胀的减缓
D. 出口贸易的增加
【单选题】
由于经济增长速度的变化引起的国际收支失衡属于___
A. 收入性失衡
B. 货币性失衡
C. 周期性失衡
D. 结构性失衡
【单选题】
下列哪个(些)账户能够较好地衡量国际收支对国际储备造成的压力___
A. 贸易收支差额
B. 经常项目收支差额
C. 资本和金融账户差额
D. 综合账户差额
【单选题】
若国际收支不平衡是由于季节性变化等暂时性原因形成的,可运用的政策是___
A. 外汇缓冲政策
B. 直接管制政策
C. 财政货币政策
D. 汇率政策
【单选题】
当一国国际收支逆差是因贸易逆差而导致的,会造成其国内___
A. 资金紧张
B. 资金宽松
C. 失业增加
D. 失业减少
【单选题】
在纸币本位的固定汇率制度下,当外国货币价格下跌,有超过汇率波动上限的趋势时,各国货币当局调节汇率的惯用手段是___
A. 提高贴现率
B. 降低贴现率
C. 冻结物价
D. 限制资金流出
【单选题】
在国际收支调节中,应付临时性失衡一般使用___
A. 外汇缓冲政策
B. 货币政策
C. 财政政策
D. 汇率政策
【单选题】
以减少财政支出、提高税率、再贴现率和法定存款准备率等方法来对国际收支赤字进行调整的政策是___
A. 外汇缓冲政策
B. 直接管制
C. 财政和货币政策
D. 汇率政策
【单选题】
通过增税和减少政府开支,使私人和政府对商品和劳务的需求萎缩,借以减少商品和劳务的进口,从而缩小和消除国际收支逆差的调节政策是___
A. 紧缩性财政政策
B. 扩张性财政政策
C. 紧缩性货币政策
D. 扩张性货币政策
【单选题】
“蛇行于洞”描述的是欧洲货币一体化发展历程中的___
A. 跛行货币区阶段
B. 联合浮动阶段
C. 欧洲货币体系阶段
D. 欧洲单一货币阶段
【单选题】
在国际收支出现结构性失衡的情况下,许多发展中国家采取的调节政策通常是___
A. 外汇缓冲政策
B. 财政货币政策
C. 汇率政策
D. 直接管制措施
【单选题】
在“不可能三角”中,美国的金融模式是选择___
A. 独立的货币政策和汇率稳定
B. 独立的货币政策和资本自由流动
C. 汇率稳定和资本自由流动
D. 联合浮动并实行统一的财政标准
【单选题】
认为债务危机是暂性困难的是___
A. 清偿能力理论
B. 支付能力理论
C. 流动性理论
D. 以上均不对
【单选题】
下面哪一项不是布雷顿森林体系的基础___
A. 美国的国际收支保持顺差
B. 美国的国际收支保持平衡
C. 美国的黄金储备充足
D. 黄金价格维持在官价水平
【单选题】
下列实际发生国际间资本移动的是___
A. 一国投资者在另一国(东道国)开办新企业
B. 再投资
C. 以无形要素入股所进行的投资
D. 投资者在东道国筹集资金所进行的投资
【单选题】
资本流动促进全球经济效益提高,主要是指___
A. 贸易性资本流动
B. 投机性资本流动
C. 长期资本流动
D. 以上均不对
【单选题】
债务危机的根本解决,不取决于___
A. 有利的国际环境
B. 债务国的经济调整与国际债务的良性循环
C. 外部资金注入债务国
D. 汇率的波动
【单选题】
20世纪90年代以来关于国际资本流动的说法正确的是___
A. 由于金融危机频繁爆发,国际资本流动的总量减少
B. 国际资本流动的速度持续加快
C. 国际资本的结构以外国直接投资为主
D. 金融衍生产品的发展速度随资本流动的速度持续加快而有所提高
【单选题】
在本国是一个大国,本国的经济政策能对外国产生影响的情况下,考虑到宏观经济政策的外溢效应,浮动汇率制度下,本国的财政扩张___
A. 有效,且效果大于封闭经济条件和小型开放经济条件下的财政扩张
B. 有效,且效果小于封闭经济条件和小型开放经济条件下的财政扩张
C. 无效
D. 有效,效果小于封闭经济条件下的财政扩张,但大于小型开放经济条件下的财政扩张
【单选题】
一国使用国际货币基金组织的信贷和贷款记录包括在该国国际收支平衡表的___中
A. 经常账户
B. 资本金融账户
C. 储备与相关项目
D. 净差错与遗漏项目
【单选题】
若国际收支不平衡是由于总需求大于总供给而形成的收入性不平衡,可采取的措施是___
A. 紧缩的财政货币政策
B. 扩张的财政货币政策
C. 直接管制政策
D. 货币贬值的汇率政策
【单选题】
下列哪些人不可以划为本国的居民___
A. 刚刚注册的企业
B. 在该国居住了2年的自然人
C. 国际货币基金组织驻该国代表
D. 驻在本国的外国领事馆雇用的当地雇员
【单选题】
一国出现持续性的顺差,则可能会导致或加剧___
A. 通货膨胀
B. 国内资金紧张
C. 经济危机
D. 货币对外贬值
【单选题】
根据“蒙代尔分配原则”,当一国发生经济过热和国际收支顺差时,政府应同时采取___
A. 膨胀性的货币政策和紧缩性的财政政策
B. 紧缩性的货币政策和紧缩性的财政政策
C. 膨胀性的财政政策和紧缩性的货币政策
D. 膨胀性的货币政策和膨胀性的财政政策
【单选题】
当一国货币汇率升值时,下述哪种情况会发生___
A. 本国出口竞争力提高,投资于外币付息资产的本币收益率上升
B. 本国出口竞争力提高,投资于外币付息资产的本币收益率降低
C. 本国出口竞争力降低,投资于外币付息资产的本币收益率降低
D. 本国出口竞争力降低,投资于外币付息资产的本币收益率上升
【单选题】
一般而言,由___因素引起的国际收支不平衡是临时性的
A. 国民收入
B. 经济周期
C. 经济结构
D. 货币价值
