【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
推荐试题
【多选题】
新时代党的建设总要求是____________。___
A. 坚持和加强党的全面领导,坚持党要管党、全面从严治党
B. 以加强党的长期执政能力建设、先进性和纯洁性建设为主线,以党的政治建设为统领,以坚定理想信念宗旨为根基,以调动全党积极性、主动性、创造性为着力点
C. 全面推进党的政治建设、思想建设、组织建设、作风建设、纪律建设
D. 把制度建设贯穿其中,深入推进反腐败斗争,不断提高党的建设质量
E. 把党建设成为始终走在时代前列、人民衷心拥护、勇于自我革命、经得起各种风浪考验、朝气蓬勃的马克思主义执政党
【多选题】
领导十三亿多人的社会主义大国,我们党既要政治过硬,也要本领高强。要_______。___
A. 增强学习本领,增强政治领导本领
B. 增强改革创新本领,增强科学发展本领
C. 增强依法执政本领,增强群众工作本领
D. 增强狠抓落实本领,增强驾驭风险本领
【多选题】
以____、____、____、____、____,把党内和党外、国内和国外各方面优秀人才集聚到党和人民的伟大奋斗中来。___
A. 识才的慧眼
B. 敬才的风度
C. 爱才的诚意
D. 用才的胆识
E. 容才的雅量
F. 聚才的良方
【多选题】
青年兴则国家兴,青年强则国家强。青年一代____、____、____,国家就有前途,民族就有希望。___
A. 有品德
B. 有理想
C. 有本领
D. 有担当
【多选题】
全党全国各族人民要紧密团结在党中央周围,高举中国特色社会主义伟大旗帜,锐意进取,埋头苦干,为实现推进现代化建设、完成祖国统一、维护世界和平与促进共同发展三大历史任务,为___________继续奋斗!___
A. 决胜全面建成小康社会
B. 夺取新时代中国特色社会主义伟大胜利
C. 全面建成社会主义现代化强国
D. 实现中华民族伟大复兴的中国梦
E. 实现人民对美好生活的向往
【判断题】
中国共产党人的初心和使命,就是为中国人民谋生活 ,为中华民族谋未来。
【判断题】
我国社会主要矛盾的变化,没有改变我们对我国社会主义所处历史阶段的判断,我国仍处于并将长期处于社会主义初级阶段的基本国情没有变,我国是世界最大发展中国家的国际地位没有变。
【判断题】
确保到二〇三五年,我国现行标准下农村贫困人口实现脱贫,贫困县全部摘帽,解决区域性整体贫困,做到脱真贫、真脱贫。
【判断题】
新时代中国特色社会主义思想,明确中国特色社会主义最本质的特征是“五位一体”总体布局。
【判断题】
力争到二〇三五年全面实现国防和军队现代化,到本世纪中叶把人民军队全面建成世界一流军队。
【判断题】
国家安全是安邦定国的重要基石,维护国家安全是全国各族人民根本利益所在。
【判断题】
保持土地承包关系稳定并长久不变,第二轮土地承包到期后再延长五十年。
【判断题】
脱贫攻坚战取得决定性进展,贫困发生率从百分之十点二下降到百分之四以下。
【判断题】
中国特色社会主义理论体系是指导党和人民实现中华民族伟大复兴的正确理论。
【判断题】
从现在到二〇二〇年,是全面建成小康社会决战期。
【单选题】
《思想道德修养与法律基础》是一门融思想性、政治性、科学性、理论性、实践性于一体的___
A. 道德修养课
B. 法律基础课
C. 道德和法律知识的传授课
D. 思想政治理论课
【单选题】
社会主义大学的培养目标是___。
A. 培养德智体美全面发展的人才
B. 培养德智体美全面发展的社会主义建设者
C. 培养德智体美全面发展的社会主义建设者和接班人
D. 培养德智体美全面发展的国家接班人
【单选题】
衡量大学生全面发展的一个重要标准是___。
A. 知识渊博
B. 品质高尚
C. 知行统一
D. 德才兼备
【单选题】
下列关于人的素质中,不属于思想道德素质的是___。
A. 政治素质
B. 心理素质
C. 科学文化素质
D. 道德素质
【单选题】
有人指出:“建设世界一流大学,大师、大楼、大气,这三个要素缺一不可。”这里的“大气”是指___
A. 气候
B. 气温
C. 文化和精神
D. 气派
【单选题】
独立生活意识是指___
A. 自己的事情自己处理,不需要别人管
B. 自己想干什么就干什么
C. 树立自信、自立、自强、自律的精神
D. 天马行空,独来独往
【单选题】
社会主义荣辱观中“八荣八耻”的要求是___
A. 风俗习惯
B. 人类共同生活准则
C. 法律行为规范
D. 道德行为规范
【单选题】
社会主义荣辱观是对___在发展社会主义市场经济条件下的基本要求。
A. 共产党员
B. 大学生
C. 每个公民
D. 先进分子
【单选题】
美是当代大学生人才素质的___ 。
A. 灵魂
B. 基础
C. 综合体现
D. 内容
【单选题】
智是大学生从事社会主义建设的本领,是大学生人才素质的 ___。
【单选题】
创新学习是一种以___为基础,采取创造性方法,积极追求创造性成果的学习。
A. 奇思妙想
B. 瞬间顿悟
C. 求真务实
D. 封闭蛮干
【单选题】
马克思说:“在科学上没有平坦的大道,只有不畏劳苦沿着陡峭山路攀登的人,才有希望达到光辉的顶点。”这句话告诉我们,在学习上一定要培养___的优良学风。
A. 求实
B. 一丝不苟
C. 勤奋
D. 敢为人先
【单选题】
当今时代,___已成为世界各国综合国力竞争的焦点。
A. 国际地位
B. 科技文化
C. 自然资源
D. 民主政治
【单选题】
《礼记·中庸》认为,道德修养应“莫见乎隐,莫显乎微,故君子慎其独也”。这种“慎独”的道德修养方法要求我们在学习“思想道德修养与法律基础”课时要注意___。
A. 学习科学理论
B. 理论联系实际
C. 知行统一
D. 多思考深理解
【单选题】
根据教材观点,贯穿《思想道德修养与法律基础》课的主线是___。
A. 道德
B. 社会主义核心价值体系
C. 法律体系
D. 教育政策
【单选题】
我们立党立国的根本指导思想是___
A. 马克思主义
B. 毛泽东思想、邓小平理论和“三个代表”重要思想
C. 科学发展观
D. 社会主义核心价值体系
【单选题】
社会主义核心价值体系的精髓是___
A. 社会主义荣辱观
B. 马克思主义指导思想
C. 中国特色社会主义共同理想
D. 以爱国主义为核心的民族精神和以改革创新为核心的时代精神
【单选题】
社会主义核心价值体系的灵魂是___。
A. 社会主义荣辱观
B. 马克思主义指导思想
C. 中国特色社会主义共同理想
D. 以爱国主义为核心的民族精神和以改革创新为核心的时代精神
【单选题】
中国特色社会主义共同理想是社会主义核心价值体系的___
【单选题】
社会主义荣辱观是社会主义核心价值体系的___
【单选题】
一个真正的大学应是___
A. 知识传播、创新和运用的基地
B. 培养创新精神的摇篮
C. 接受人文精神和科学精神教育的基地
D. 以上三点都应做到
【单选题】
___是人们的思想观念、政治立场、价值取向、道德情操和行为习惯等方面品质和能力的综合体现,反映着一个人的思想境界和道德风貌。
A. 思想政治素质
B. 道德素质
C. 思想道德素质
D. 法治素质
【单选题】
马克思指出:人的本质不是单个人所固有的抽象物,在其现实性上,它是一切___的总和。
A. 生产关系
B. 经济关系
C. 社会关系
D. 政治关系
