【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
推荐试题
【单选题】
(32952)对于柴油机的润滑,不正确的说法是( )。(1.0分)___
A. 不仅机油能起到润滑作用,燃油也可起到润滑作用
B. 润滑可以减少摩擦力
C. 润滑可以降低摩擦面温度
D. 润滑可以减轻穴蚀
【单选题】
(32953)对于电机,下列正确的说法是( )。(1.0分)___
A. 电机以磁场作为中间媒介的双向能量的转换装置
B. 电机转换的一定是电能
C. 电机转换的一定是机械能
D. 电机转换的一定是化学能
【单选题】
(32954)下列都属于电机的一类机器是( )。(1.0分)___
A. 发电机、电动机、柴油机、控制电机
B. 发电机、电动机、汽油机、控制电机
C. 发电机、电动机、蒸汽机、控制电机
D. 发电机、电动机、变压器、控制电机
【单选题】
(32955)当导体在磁力线中运动时,下列说法正确的是( )。(1.0分)___
A. 只要导体在磁力线中运动时,就会产生感生电动势
B. 只要导体在磁力线中运动时,就会产生感生电动流
C. 只要导体切割磁力线,就会产生感生电动势
D. 只要导体在磁力线中运动时,就会受到电磁力的阻力
【单选题】
(32956)当导线切割磁力线运动时,导体中产生感生电动势,对感生电动势的大小正确的描述是( )。(1.0分)___
A. 与磁感应强度成反比
B. 与导线的长度成反比
C. 与导线的移动速度成正比
D. 与导线的运动方向成正比
【单选题】
(32957)对于电机的能量转换,正确的说法是( )。(1.0分)___
A. 电机正常工作,必定会有电能转换
B. 电机正常工作,必定会有机械能转换
C. 电机正常工作,必定会有化学能转换
D. 电机正常工作,不管转换什么能量,都一定会遵守能量守恒定律
【单选题】
(32958)马拉松电机采用进口的NSK双列调心滚子轴承,其润滑脂采用SRI-2油脂,温度范围是( )℃。(1.0分)___
A. -20~150
B. -20~170
C. -30~170
D. -40~150
【单选题】
(32959)发电车上的马拉松电机与柴油机连接时,为了对准联轴器片与柴油机飞轮中的螺孔,正确的操作方式是( )。(1.0分)___
A. 通过发电机风扇拨动转子
B. 同时拨动发电机风扇与柴油机飞轮
C. 只拨动柴油机的飞轮
D. 交替拨动发电机风扇与柴油机飞轮
【单选题】
(32960)发电车用马拉松电机联轴器片的力矩是( )N·m。(1.0分)___
A. 259
B. 359
C. 459
D. 559
【单选题】
(32961)发电车的充电柜输入的AC380三相交流电经三相桥式整流之后,给24V蓄电池充电时,其输出的直流电电压范围在( )V。(1.0分)___
A. 24~26
B. 26~28
C. 27~30
D. 28~32
【单选题】
(32962)发电车的充电柜输入的AC380三相交流电经三相桥式整流之后,给48V蓄电池充电时,其输出的直流电电压范围在( )V。(1.0分)___
A. 50~56
B. 55~58
C. 58~60
D. 56~60
【单选题】
(32963)康明斯发电车启动电源柜内三台启动电机主回路中的保险容量是( )A。(1.0分)___
A. 200
B. 300
C. 400
D. 500
【单选题】
(32964)发电车24V蓄电池与48V蓄电池的用法,正确的说法是( )。(1.0分)___
A. 24V蓄电池既用作启机用,又用作照明用
B. 48V蓄电池在应急情况下,可通过改变接线方式用作启机
C. 当24V蓄电池电量亏损时,可用48V蓄电池给24V蓄电池充电
D. 当24V与48V电池都出现亏损时,可将两组蓄电池串起来启动柴油机组
【单选题】
(32965)发电车的辅助供油装置中,燃油流动路线方向正确的是( )。(1.0分)___
A. 下油箱→燃油泵→燃油粗滤器→上油箱→磁性滤清器→机组→下油箱
B. 下油箱→燃油粗滤器→燃油泵→上油箱→磁性滤清器→机组→下油箱
C. 下油箱→燃油粗滤器→燃油泵→磁性滤清器→上油箱→机组→下油箱
D. 下油箱→燃油粗滤器→燃油泵→上油箱→机组→磁性滤清器→下油箱
【单选题】
(32966)发电车下油箱里隔板的作用,其说法正确的是( )。(1.0分)___
A. 防止燃油发生爆炸
B. 防止燃油因冬季低温时结蜡
C. 防止油箱发生泄漏
D. 加强油箱强度并缓冲列车运行时,燃油因惯性对油箱的冲动
【单选题】
(32967)发电车辅助供油装置中,有关油阀的“开”和“关”的位置,正确的说法是( )。(1.0分)___
A. 应急情况下,使用手摇泵泵油时,与交流燃油泵直接相连的油阀均需打开
B. 机组停机后需关闭该机与上油箱连通的油阀
C. 上油箱放油阀在运行中必须打开
D. 下油箱的连通管油阀在正常情况下,必须关闭
【单选题】
(32968)发电车的燃油粗滤器和磁性滤清器,在( )级保养时必须拆开清洗。(1.0分)___
【单选题】
(32969)发电车装在侧墙上的旋风式过滤器,对其作用不正确的说法是( )。(1.0分)___
A. 进气通道的首端
B. 过滤进气中的大颗粒杂质
C. 过滤进气中的水滴
D. 增加进气中的含氧量
【单选题】
(32970)对发电车的柴油机排烟口的防雨帽,要经常检查,一旦出现( )情况时,要立即检修。(1.0分)___
A. 打开时能自动落下
B. 打开时不能自动落下
C. 转动很灵活
D. 密封严实
【单选题】
(32971)发电车的柴油机进气装置中,空气流动方向正确的是( )。(1.0分)___
A. 进气风道→旋风式过滤器→空气滤清器→增压器→中间冷却器
B. 旋风式过滤器→进气风道→增压器→空气滤清器→中间冷却器
C. 旋风式过滤器→进气风道→空气滤清器→中间冷却器→增压器
D. 旋风式过滤器→进气风道→空气滤清器→增压器→中间冷却器
【单选题】
(32972)发电车的备用机油箱的容量是( )L。(1.0分)___
A. 80
B. 90
C. 100
D. 110
【单选题】
(32973)发电车机油供装置中,通常装有( )。(1.0分)___
A. 一台机油泵
B. 二台机油泵
C. 一台手摇机油泵
D. 没有机油泵,用人工领来机油倒入机油箱中
【单选题】
(32974)发电车的机油供给装置的作用是( )。(1.0分)___
A. 贮存机油备用
B. 贮存废机油
C. 为了“B”级保养时排机油方便
D. 为了在“B”级保养中,自动换机油
【单选题】
(32975)发电车机房内,烟火报警传感器不能探测到的火灾隐患因素的是( )。(1.0分)___
A. 烟雾
B. 高温
C. 火焰
D. 适量一氧化碳
【单选题】
(32976)发电车的烟火报警器具有下列正确的功能的是( )。(1.0分)___
A. 能检测到烟雾、高温、火焰气体
B. 报警时,有时间记忆
C. 可以进行手动报警
D. 一旦有少量火灾隐患时,可自动喷撒灭火剂
【单选题】
(32977)发电车的烟火报警器正常工作时的电源供给,正确的是( )。(1.0分)___
A. 烟火报警器主机自带电源
B. 发电车提供的交流380V电源
C. 发电车提供的交流220V,或直流48V电源
D. 发电车提供的直流24V电源
【单选题】
(32978)发电车烟火报警器下列正确的工作原理图是( )。(1.0分)___
A. 火患源→烟火报警器探头→输入回路→声光报警器→输出回路→消防联动灭火设备或报警、记录广播单元
B. 烟火报警器探头→火患源→输入回路→声光报警器→输出回路→消防联动灭火设备或报警、记录广播单元
C. 火患源→烟火报警器探头→声光报警器→输入回路→输出回路→消防联动灭火设备或报警、记录广播单元
D. 火患源→烟火报警器探头→声光报警器→输入回路→输出回路→消防联动灭火设备或报警、记录广播单元
【单选题】
(32979)TCDS不能监控的下列因素的是( )。(1.0分)___
A. 空调故障
B. 基础制动系统故障
C. 发电车燃油不足
D. 客车事故
【单选题】
(32980)TCDS实现远程监控报警时,下列( )不是必备的环节。(1.0分)___
A. 无线通讯装置
B. 地面数据管理专家
C. 车辆乘务员
D. 局域网
【单选题】
(32981)TCDS对主要行车故障进行实时监控时,下列( )不是其中的功能之一。(1.0分)___
A. 实时监测诊断
B. 记录和存储
C. 集中显示和报警
D. 进行故障消除
【单选题】
(32982)TCDS实时监控数据不包括的是( )。(1.0分)___
A. 客车状态数据
B. 故障特征参数
C. 分析数据
D. 发电车柴油机运行数据
【单选题】
(32983)TCDS的主要功能中,不能通过GPRS发送的是( )。(1.0分)___
A. 车辆故障和报警事件
B. 报警和故障的定时通报
C. 列车的GPS定位信息
D. 车辆乘务员当班饮酒
【单选题】
(32984)TCDS实时数据传输流程正确的是( )。(1.0分)___
A. GPRS实时数据→移动公网→铁路局网络安全传输平台→铁路局5T双机服务器→车辆段双机服务器
B. GPRS实时数据→铁路局网络安全传输平台→移动公网→铁路局5T双机服务器→车辆段双机服务器
C. GPRS实时数据→铁路局网络安全传输平台→铁路局5T双机服务器→移动公网→车辆段双机服务器
D. GPRS实时数据→移动公网→车辆段双机服务器→铁路局网络安全传输平台→铁路局5T双机服务器
【单选题】
(32985)在接触器的电磁机构中,下列( )不是其组件之一。(1.0分)___
A. 电磁线圈
B. 铁芯
C. 衔铁
D. 触头
【单选题】
(32986)在接触器的组成中,下列( )不全是其组成结构。(1.0分)___
A. 电磁机构、脱扣器、灭弧装置、辅助触头、外壳、支架
B. 电磁机构、触头、灭弧装置、辅助触头、外壳、支架
C. 电磁机构、触头、灭弧装置、复位螺钉、外壳、支架
D. 电磁机构、触头、报警装置、辅助触头、外壳、支架
【单选题】
(32987)自动空气断路器中,下列( )不是其组件之一。(1.0分)___
A. 触点系统
B. 电磁线圈
C. 灭弧系统
D. 脱扣机构
【单选题】
(32988)继电器进行工作时,下列( )不是其必须完成的工作程序。(1.0分)___
A. 感测机构把感测的电气量或非电气量传递给中间机构
B. 感测量与整定值比较
C. 发出报警信号
D. 感测量达到整定值时,中间机构执行接通或断开的动作
【单选题】
(32989)有关继电器结构和功能,其不正确的说法是( )。(1.0分)___
A. 继电器的感测机构能对许多种电气量或非电气量进行感测,因而其应用范围很宽
B. 继电器的感测机构可以感测许多种非电气量,但执行的动作可以是接通或断开电路
C. 继电器的感测机构感测电气量因素时,执行的动作不会是接通或断开电路
D. 继电器的感测机构感测电气量或非电气量变化时,必须进行比较后达到整定值时,中间机构才执行动作
【单选题】
(32990)在继电器的作用中,下列( )不是其作用之一。(1.0分)___
A. 扩大控制范围
B. 放大
C. 直接接通或断开三相电路
D. 综合信号
【单选题】
(32991)电测量指示仪表执行测量任务时,下列( )不是其中的功能之一。(1.0分)___
A. 测量线路把被测量转换成测量机构可以接受的过渡量
B. 过渡量与给定值进行比较
C. 测量机构把过渡量转换为指针的角度位移
D. 指针指向相应的数值刻度
