【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
推荐试题
【填空题】
9.站控工艺系统报警值,包括输气站进、出站压力高高报警值、___、___、___ 等参数。。
【填空题】
10.单支路一级调压定值原则中一级调压后压力为___MPa 。
【填空题】
11.单支路一级调压定值原则中SSV起跳压力定值一般调压后压力+ ___MPa 。
【填空题】
12.一级调压后设安全阀的,安全阀起跳压力设定___SSV起跳压力。。
【填空题】
13.双支路一级调压定值原则中一级调压后压力为 ___ 。
【填空题】
14.自用气撬内安全切断阀和自力式调节阀定值设定同主设备,设定周期为1年___ 次。
【填空题】
15.压力表只设置警戒___,不设置警戒___。
【填空题】
16.地面火炬压力表仅设置警戒 ___。
【填空题】
17.主工艺设备上差压计设置警戒上限均设置为___KPa ,不设置警戒下限。
【填空题】
18.双金属温度计设置警戒上限均设置为___ ℃。
【填空题】
19.缺陷分为___、___ 、___ 、___ 四类。。
【填空题】
20.管道打开:指采取将油气管道___、___和油气管道上开孔方式,改变密闭管道的完整性的作业。
【填空题】
21.置换是指:用___或其它___将管道或设备内可燃气体替换出来的方法。
【填空题】
22.输气站站长或线路管理人员必须参与___及以上动火作业现场的许可、安全监护和监督检查工作。遇特殊情况下不能现场参与,必须委托具有相应管理能力的___现场把关,并经部门批准、报备。
【填空题】
23.《输气管道安全工作规程》中所称特殊作业是指涉及输气管道安全运行并具有较大作业风险的动火作业、___ 、___ 、___ 、___ 、___ 、___ 、___。
【填空题】
24.输气管道设备设施上工作的人员,经医师鉴定,无妨碍工作的病症,并应至少每___ 进行一次体检。。
【填空题】
25.工作票编号应按___的顺序设置,并连续编号。
【填空题】
26.输气管道起讫点及沿线按输送工艺需要而设立的站场。一般包括首站、___ 、___、___、___等。
【填空题】
28.过盈量是指 ___外径大于管道内径的值与管道内径的百分比)。
【填空题】
31.监控与数据采集系统,无论规模大小都由三部分组成:位于调度控制中心的___ 、___ 、和连接它们的通信系统。
【填空题】
32.调度指令只能在同一输气调度指挥系统中___下达。
【填空题】
33.站场设备、仪表应按规定进行接地,接地电阻应每年至少检测___次。
【填空题】
34.定期测试___ 、___ 、___参数设置。
【填空题】
35.根据管道状况和清管器特性选择清管器。可选择软质清管器、皮碗清管器、直板清管器等或结合使用。皮碗、直板清管器过盈量一般宜在___。
【填空题】
36.管道两侧各___线路带内禁止种植深根植物,禁止取土、采石和构建其他建筑物等。
【填空题】
37.管道两侧各___ 线路带内禁止开山、爆破、修筑大型建筑物、构筑物工程。
【填空题】
38.管道阴极保护率应在___,开机率应大于___ 。
【填空题】
39.阴极保护极化电位应控制在___。
【填空题】
40.强压试压宜采用___ 作为试压介质,试压压力不应小于最大工作压力的___ ,应在试压压力下稳压___ 。
【填空题】
41.严密性试验压力不应小于最大工作压力,应在试验压力下稳压___ 。
【填空题】
42.清管过程中清管器运行速度不宜超过___ 。
【填空题】
43.站场绝缘、阴极电位、沿线保护电位应___测一次;管道防腐涂层每___检测一次;沿线自然电位应___ 检测一次。
【填空题】
44.省级管网调度控制中心是省级管网运行的___、___、___ 和___机构。各级调度运行相关单位应服从调度中心的 ___ 。
【填空题】
45.当班调度值长在其当班期间是省级管网运行、操作和事故处理等的___,按本规程规定的调度管辖范围行使___ 。
【填空题】
46.投产试运中的调度指令由 ___下达至对应区域中心站值班人员,控制置换、升压等投产试运行作业进度。
【填空题】
47.气源中断等级四级的管 网生存时间t___为___,三级为___,二级为___,一级为___。
【填空题】
48.特殊时期___以优先确保省级管网整体___为原则。通过___ 、___ 、___ 、___ 等措施,尽可能削减该时期管网安全风险。
