【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
推荐试题
【多选题】
当代国际垄断组织的主要形式是___
A. 国际卡特尔;
B. 跨国公司;
C. 国家垄断资本主义的国际垄断同盟;
D. 国际辛迪加;
E. 国际托拉斯
【多选题】
近二、三十年贸易全球化加快发展的原因是___
A. 世界资本市场和国际金融体系大发展;
B. 各国间产业分工的深化使产品交流的必要性大大增加;
C. 高效率、大批量生产要求扩大国际贸易规模;
D. 人们生活水平提高增加了对各国产品的需求;
E. 更便捷更灵活的国际贸易方式的发现
【多选题】
战后以来,对世界经济和国际经济秩序产生较大影响的国际经济经组织主要有___
A. 海牙国际法院;
B. 国际货币基金组织;
C. 世界银行;
D. 世界贸易组织;
E. 北大西洋公约组织
【多选题】
经济全球化___
A. 与民族经济利益是对立的;
B. 会威胁到民族社会的凝聚力和认同;
C. 要求世界各国进行密切的分工合作;
D. 要求不要保护民族和国家的经济利益;
E. 要求提高民族和国家自身的竞争力
【多选题】
资产阶级推动改良主义的措施主要有___
A. 收买本国工人阶级中少数上层分子和工人领袖从内部分裂破坏工人运动;
B. 通过推行福利政策,举办多种福利事业来缓和阶级矛盾;
C. 推行“劳资合作”、“工人参加管理”等措施,来调动工人的积极性;
D. 宣扬“资本民主化”、“人民资本主义”思想;
E. 发放小额股票,鼓励工人购买以此宣扬人人都是企业“主人”
【多选题】
资本主义经济政治发展不平衡导致社会主义革命___
A. 可能在一切资本主义国家同时取得胜利;
B. 可能在资本主义最发达国家取得胜利;
C. 肯定在发达资本主义国家同时取得胜利;
D. 只能在垄断资本主义统治链条最薄弱环节取得胜利;
E. 只能在一个或几个资本主义国家首先取得胜利
【多选题】
社会主义取代资本主义将是一个长期的历史过程,这是由于___
A. 资本主义基本矛盾的运动具有复杂性和曲折性;
B. 资本主义生产关系的调整,在一定程度上还能容纳生产力继续发展;
C. 资本主义已经积累了雄厚的经济实力和丰富的统治经验;
D. 资本主义经济和政治发展不平衡规律的作用;
E. 社会主义制度的巩固和完善需要一个历史过程
【多选题】
促进资本全球化的因素包括___
A. 经济结构变化引起资本的国际流动
B. 跨国公司的发展及其投资的增加
C. 国家垄断资本主义的发展及国家垄断资本的增加
D. 贸易保护主义政策的放宽
E. 发展中国家为了发展本国经济大量吸引外资
【多选题】
资本主义国际经济协调的形式有___
A. 国际经济组织的协调
B. 区域经济联盟的协调
C. 政府首脑会晤的协调
D. 国际货币基金组织的协调
E. 世界贸易组织的协调
【多选题】
第二次世界大战后,随着科技进步和新产业革命的发展,国际分工出现的新特点有___
A. 部门间的国际分工发展为更多的部门内部的国际分工
B. 传统的以自然资源为基础的分工,发展为更多的以科技成果为基础的分工
C. 以“技术密集、资本密集、劳动密集”产业划分的分工格局日益突出
D. 参加国际分工的国家类型发生了变化
E. 垂直型的国际分工发展为水平型的国际分工
【多选题】
作为一个完整的科学体系,马克思主义理论体系的三个主要组成部分是___
A. 马克思主义政治学
B. 马克思主义政治经济学
C. 马克思主义哲学
D. 马克思主义文艺学
E. 科学社会主义
【多选题】
标志马克思主义产生的阶级基础确立的19世纪的三大工人运动是___
A. 巴黎公社
B. 法国大革命
C. 1831年、1834年法国里昂工人的两次起义
D. 1838年英国爆发的延续十年的宪章运动
E. 1844年德国西里西亚纺织工人起义
【多选题】
马克思主义产生的直接理论来源是___
A. 德国古典哲学
B. 英国古典政治经济学
C. 法国启蒙思想
D. 法国空想社会主义
E. 美国实用主义
【多选题】
德国古典哲学的代表性人物有___。
A. 亚当·斯密
B. 黑格尔
C. 费尔巴哈
D. 洛克 D.笛卡儿
【多选题】
资产阶级古典政治经济学的代表人物有___
A. 亚当·斯密
B. 马尔萨斯
C. 大卫·李嘉图
D. 威廉·配第
E. 西斯蒙
【多选题】
19世纪空想社会主义最杰出的代表是___
A. 昂利·圣西门
B. 沙尔·傅立叶
C. 罗伯特·欧文
D. 托马斯·莫尔
E. 托马斯·康帕内拉
【多选题】
马克思恩格斯最重要的理论贡献是___
A. 辩证法
B. 劳动价值论
C. 剩余价值论
D. 唯物史观
E. 阶级斗争理论
【多选题】
马克思主义中国化的三大理论成果是___
A. 李大钊的理论
B. 陈独秀的理论
C. 毛泽东思想
D. 邓小平理论
E. “三个代表重要思想
【多选题】
马克思主义的根本特性是___
A. 阶级性
B. 实践性
C. 客观性
D. 人民性
E. 国际性
【多选题】
学习马克思主义理论,必须要分清___
A. 哪些是必须长期坚持的马克思主义基本原理
B. 哪些是需要结合新的实际加以丰富发展的理论判断
C. 哪些是必须破除的对马克思主义错误的、教条式的理解
D. 哪些是必须澄清的附加在马克思主义名下的错误观点
【判断题】
思维和存在是否具有同一性是划分唯物主义和唯心主义的唯一标准。
【判断题】
马克思主义哲学是自然科学、社会科学和思维科学的综合。
【判断题】
黑格尔的辩证法和费尔巴哈的唯物主义相加就是马克思主义哲学。
【判断题】
马克思主义哲学是19世纪中叶创立的学说,今天早已过时。
【判断题】
学习马克思主义哲学的根本目的,就是为了找到解决问题的现成答案。
【判断题】
鬼神观念和错的认识也是客观世界的反映。
【判断题】
矛盾的斗争性是绝对的,因而是事物发展的主要原因;矛盾的同一性是相对的,因而是事物发展的次要原因 。
【判断题】
辩证唯物主义认为,只有认识事物的度才能准确地认识事物的质,才有条件做好工作。