【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
推荐试题
【单选题】
孙中山第一次将同盟会的纲领概括为民族、民权、民生三大主义是在 ___
A. 《国民报》
B. 《民报》发刊词
C. 《万法精理》
D. 《民约论》
【单选题】
陈天华在日本留学期间,出版了以下两本小册子( )
①《革命军》 ②《驳康有为论革命书》 ③《警世钟》 ④《猛回头》
【单选题】
邹容所写的反清革命的著名篇章是 ___
A. 《猛回头》
B. 《警世钟》
C. 《游学译编》
D. 《革命军》
【单选题】
中国民族资产阶级在政治上的主要特点是 ___
A. 产生于明末清初
B. 是中国自给自足的自然经济的必然产物
C. 最初来源于农民阶层
D. 具有革命性与妥协性
【单选题】
三民主义的核心是 ___
A. 民生主义
B. 民族主义
C. 民权主义
D. 平均地权
【单选题】
1906年至1907年,革命派与立宪派展开一场激烈论战。立宪派的主要代表人物是___
A. 黄兴、宋教仁
B. 陈天华、蔡元培
C. 康有为、梁启超
D. 章炳麟、刘揆一
【单选题】
辛亥革命的导火线是 ___
A. 武昌起义
B. 成都血案
C. 保路运动
D. 抵制美货
【单选题】
中国民族资产阶级具有两面性的根本原因是 ___
A. 其产生晚于中国无产阶级
B. 其产生发展于中国社会半殖民地半封建化的过程中
C. 其产生晚于西方资产阶级
D. 中国资产阶级力量弱小
【单选题】
在保路运动期间,四川总督赵尔丰下令军警向手无寸铁的群众开枪,造成 ___
A. 成都血案
B. 五卅惨案
C. 二七惨案
D. 下关惨案
【单选题】
1915年12月25日,在云南组织护国军,宣布独立的是 ___
A. 唐继尧
B. 陆荣廷
C. 蔡锷
D. 黄兴
【单选题】
1917年6月,率军北上拥戴溥仪复辟帝制的人是 ___
A. 康有为
B. 冯国璋
C. 段祺瑞
D. 张勋
【单选题】
1917年,以孙中山为大元帅的护法军政府成立于 ___
【单选题】
1914年7月,孙中山在日本东京组建了 ___
A. 保国会
B. 中华革命党
C. 同盟会
D. 中国国民党
【单选题】
1912年8月25日,以同盟会为基础,联合其他几个小党派组成国民党的主要人物是___
A. 孙中山
B. 黄兴
C. 宋教仁
D. 章炳麟
【单选题】
1913年4月,袁世凯不经国会批准,以出卖国家主权为条件与英、法、德、俄、日五国银行团签订了 ___
A. 西原借款
B. “二十一条”
C. 善后大借款
D. 铁路借款
【单选题】
中国历史上第一部具有资产阶级共和国宪法性质的法典是 ___
A. 《中华民国约法》
B. 《钦定宪法大纲》
C. 《中华民国临时约法》
D. 《共同纲领》
【单选题】
武昌起义胜利后,出任湖北军政府都督的是 ___
A. 袁世凯
B. 孙中山
C. 黎元洪
D. 黄兴
【单选题】
下列哪次运动是针对段祺瑞的 ___
A. 二次革命
B. 护法运动
C. 护国运动
D. 国民革命
【单选题】
科举制度是清政府在下列哪次活动中废除的___
A. 洋务运动
B. 戊戌变法
C. 清末新政
D. 预备仿行宪政
【单选题】
资产阶级革命派的骨干是___
A. 资产阶级、小资产阶级的知识分子
B. 华侨
C. 资产阶级工商业者
D. 会党
【单选题】
辛亥革命与戊戌维新运动失败的共同原因是___
A. 不能依靠和发动群众
B. 列强的敌视和反对
C. 没有自己的纲领
D. 没有一个自己的政党
【单选题】
中国近代第一个资产阶级共和国性质的政权是___
A. 湖北军政府
B. 南京临时政府
C. 南京国民政府
D. 北京临时大总统
【单选题】
南京临时政府《告友邦书》___
A. 决定废除不平等条约
B. 承认不平等条约和外债
C. 拒绝偿还外债
D. 拒绝偿还赔款
【单选题】
辛亥革命的失败主要是指___
A. 没有完成反帝反封建的任务
B. 没有推翻清政府的统治
C. 没有打击帝国主义在华势力
D. 没有促进中国革命的向前发展
【单选题】
辛亥革命的最大功绩是___
A. 结束了两千多年的君主专制政体,建立了资产阶级共和国
B. 使人民获得了一些民主和自由的权利
C. 为资本主义的发展创造了条件
D. 使民主共和观念深入人心
【单选题】
中华民国第一任内阁总理是___
A. 段祺瑞
B. 冯国璋
C. 唐绍仪
D. 袁世凯
【单选题】
1912年成立之中华民国国旗是___
A. 五色旗
B. 青天白日旗
C. 五星红旗
D. 铁血十八星旗
【单选题】
中华民国临时政府内阁名单中,任教育部部长的是___
A. 陈独秀
B. 蔡元培
C. 于右任
D. 汤寿潜
【单选题】
1922年6月,___在孙中山的第二次护法中叛变了孙中山,炮轰总统府。
A. 陆荣廷
B. 蔡锷
C. 陈炯明
D. 吴佩孚
【单选题】
民国初期,盘踞东三省的军阀是___
A. 曹锟
B. 陆荣廷
C. 张作霖
D. 徐世昌
【单选题】
辛亥革命前资产阶级革命派发动的留下众多绝笔书的一次起义是___
A. 黄花岗之役
B. 河口之之役
C. 镇南关之役
D. 惠州之役
【单选题】
新文化运动产生的基本条件不包括 ___
A. 俄国十月社会主义革命的影响
B. 北洋军阀掀起复古倒退的思潮
C. 资产阶级强烈要求政治上民主
D. 西方启蒙思想不断介绍到中国
【单选题】
新文化运动兴起的标志是 ___
A. 蔡元培就任北京大学校长
B. 鲁迅发表《狂人日记》
C. 陈独秀在上海创办《新青年》
D. 胡适发表《文学改良刍议》
【单选题】
新文化运动的主要发起者是 ___
A. 李大钊
B. 鲁迅
C. 胡适
D. 陈独秀
【单选题】
在新文化运动中,把白话文的形式和反封建的内容结合起来的是 ___
A. 陈独秀
B. 李大钊
C. 胡适
D. 鲁迅
【单选题】
新文化运动把反对儒家传统道德作为矛头所向,其根本原因是 ___
A. 儒家思想阻碍中国资本主义的发展
B. 当时北洋军阀政府推崇儒家思想
C. 儒家思想比资产阶级文化落后
D. 儒家思想是维护封建统治的理论基础
【单选题】
早期新文化运动的性质是 ___
A. 资产阶级旧民主主义的思想文化运动
B. 新民主主义性质的思想文化运动
C. 无产阶级思想文化运动
D. 马克思主义思想文化运动
【单选题】
标志着中国新民主主义革命开端的历史事件是 ___
A. 辛亥革命
B. 中华民国成立
C. 五四运动
D. 中国共产党成立
【单选题】
1919年五四运动爆发的导火索是 ___
A. 日本提出灭亡中国的“二十一条”
B. 民族矛盾和阶级矛盾的日益激化
C. 十月革命的影响
D. 巴黎和会上中国政府的外交失败
