【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
推荐试题
【填空题】
9.坚持社会主义___体制是我们党的一个伟大创举,是我国经济体制改革在实践和理论上的重大突破。
【填空题】
10.解放思想,实事求是,从实际出发建设社会主义,最大的“实际”就是中国的___。
【填空题】
1、2002年5月31日,江泽民在中共中央党校省部级干部进修班毕业典礼上深刻阐述了“三个代表”重要思想的内在联系,提出“贯彻‘三个代表’要求,关键在坚持___,核心在保持___,本质在坚持___”。
【填空题】
2、“三个代表”重要思想是在建设___伟大实践的基础上形成的。
【填空题】
3、十六大将___与马克思列宁主义、毛泽东思想和邓小平理论一道确立为党必须长期坚持的指导思想,并写入党章。
【填空题】
4、党的十三届四中全会以来,江泽民在坚持实事求是思想路线的过程中,特别强调弘扬___精神。
【填空题】
5、___是党执政兴国的第一要务。
【填空题】
6、___是经济工作和其他一切工作的生命线,是我们党和社会主义国家的重要政治优势。
【填空题】
7、建设社会主义政治文明,必须坚持___,建设社会主义法治国家。
【填空题】
2.科学发展观强调“以人为本”,这体现了中国共产党全心全意为人民服务的根本宗旨和___的根本目的。
【填空题】
3.转变经济发展方式的重大战略决策是___。
【填空题】
4.实现工业化、信息化、___、农业现代化,是促进我国经济持续健康发展的重要动力。
【填空题】
5.科学发展观强调,___是人和社会持续发展的根本基础,要建设生态文明,加大自然生态和环境保护力度。
【单选题】
以下哪个参数与不平衡量无关___
A. 跳动
B. 圆周间隙
C. 质量分布不均匀
D. 转速
【单选题】
下面哪个不是影响花键压入力的因素___
A. 实际齿厚
B. 作用齿厚
C. 螺旋角
D. 花键加工长度
【单选题】
SX节的最大摆角是 ___
A. 46°
B. 48°
C. 50°
D. 52°
【单选题】
以下哪种油脂的综合性能最好___
A. H15
B. Optimol 2LN 584/LO
C. Olci
D. Renolit LX CVH/2
【单选题】
实轴的作用不包含___
A. 传递扭矩
B. 传递转速
C. 提供移矩
D. 连接移动端和固定端
【单选题】
球笼与内外星轮的球面不接触的万向节是___
【单选题】
关于三销轴叉外圆磨削阐述不正确的是___
A. 加工长柄轴叉时需保持无火花磨削1s以上
B. 加工表面硬度越高,所选择的砂轮结合剂的强度要越高
C. 相同条件下,砂轮磨料的颗粒尺寸越小,加工表面光洁度越好
D. 在测量同一表面粗糙度时数值Ry>Rz>Ra
【单选题】
马氏体片的粗细,主要取决于___
A. 淬火冷却速度
B. 母相奥氏体的晶粒度
C. Ms点的高低
D. 淬火加热速度
【单选题】
下列属于定心夹紧机构的是 ___
A. 螺旋夹紧压板
B. 四爪单动卡盘
C. 偏心夹紧机构
D. 三爪卡盘
【单选题】
申江厂冷精整压机是___
A. 400吨
B. 500吨
C. 300吨
D. 800吨
【单选题】
冷精整首件送三座标精测的工件尺寸公差需收紧____% ___
【单选题】
C200 PTU装配线hypoid gear和pinion gear是否可以互换装配___
A. 可以
B. 不可以
C. 部分可以
D. 无所谓
【单选题】
为了保证产品质量检验结果的准确,产品生产者必须重视对检验结果影响因素的___
A. 质量策划
B. 质量控制
C. 质量保证
D. 质量承诺
【单选题】
临时脱离通知,在 需识别为变化点___
A. 从临时脱离开始,一直到临时脱离结束期间
B. 在临时脱离开始首次执行时
C. 从临时脱离开始和结束时都需执行
D. 仅在临时脱离退出时执行
【单选题】
过程输入要求的五大要素是___
A. 人机工法环
B. 人机料法测
C. 人机料法环
D. 人机检法测
【单选题】
金相显微镜通过物镜和目镜两次放大成像后,最终确定图片的倍率,那么图片的放大倍率应该为___
A. 物镜+目镜
B. 物镜*目镜
C. 物镜-目镜
D. 物镜/目镜
【单选题】
以下哪种说法是正确的___
A. 工厂所有量具都必须经过法定计量单位校准或检定后,才能投入使用
B. 工厂所有量具都必须经过校准或检定后,才能投入使用
C. 工厂所有量具都无需校准或检定
D. 工厂所有量具在任何情况下,都必须校准或检定
【单选题】
轴叉球道热处理时产生打火,导致球道表面出现材质熔化凸点,该轴叉在车辆上使用时有可能会引起___
A. 车辆行驶停止
B. 车辆抖动
C. 万向节护套破裂
D. 万向节漏油
【单选题】
常温下,刀具材料的硬度应在____以上___
A. 50HRC
B. 60HRC
C. 80HRC
D. 100HRC
【单选题】
当程序中出现F550时,表示为___
A. 进给率为550rev/min
B. 进给速度为550mm/min
C. 进给量为550mm/min
D. 进给速度为550m/min
【单选题】
以下对089.5-1008R夹箍描述错误的是:___
A. 夹箍直径为ф89.5
B. 夹箍宽度为10mm
C. 夹箍厚度为0.8mm
D. 字母R表示镀锌夹箍
【单选题】
为了确保安全,用示教编程器手动运行机器人时,机器人的最高速度限制为___
A. 250mm/s
B. 50mm/s
C. 800mm/s
D. 1600mm/s
【单选题】
对于精度要求高的主轴部件,轴承与轴配合时可采用___
A. 定向装配
B. 固定装配
C. 浮动装配
D. 互换装配
【单选题】
以下哪种球笼热后不需要再硬加工___
A. AC节球笼
B. SX节球笼
C. DO节球笼
D. 冷精整球笼
【多选题】
以下哪种零件需要淬火热处理后回火___
A. AC外星轮
B. VL内星轮
C.
D. O外星轮