【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
推荐试题
【单选题】
电脑用一段时间后,磁盘空间会变得零散,可以使用___软件工具进行整理。 D
A. 磁盘空间管理
B. 磁盘清理程序
C. 磁盘扫描程序
D. 磁盘碎片整理
【单选题】
在Windows 7中,按压键盘上的〈Windows 7徽标〉键将___。 D
A. 打开选定文件
B. 关闭当前运行程序
C. 显示“系统”属性
D. 显示“开始”菜单
【单选题】
如果任务栏的右边有一个小喇叭,则表示计算机中已安装了___。 C
A. 硬盘
B.
C. DROM C.声卡
D. 显卡
【单选题】
关于Windows 7的“任务栏”,以下描述正确的是___。 D
A. 显示系统的所有功能
B. 只显示当前活动程序窗口名
C. 只显示正在后台工作的程序窗口名
D. 便于实现程序窗口之间的切换
【单选题】
剪贴板的作用是___。 A
A. 临时存放应用程序剪切或复制的信息
B. 作为资源管理器管理的工作区
C. 作为并发程序的信息存储区
D. 在使用DOS时划给的临时区域
【单选题】
Windows 7是一种___。 C
A. 数据库软件
B. 应用软件
C. 系统软件
D. 中文字处理软件
【单选题】
在Windows 7中,当一个应用程序的窗口被最小化后,该应用程序将___。 B
A. 继续在桌面运行
B. 仍然在内存中运行
C. 被终止运行
D. 被暂停运行
【单选题】
可以通过Windows 7“开始”菜单的___列表来寻找新安装的应用程序。 A
A. “所有程序”
B. “控制面板”
C. “安装程序”
D. “帮助和支持”
【单选题】
直接永久删除文件而不是先将其移至回收站的快捷键是___。 D
A. <Esc>+<Delete>
B. <Alt>+<Delete>
C. <Ctrl>+<Delete>
D. <Shift>+<Delete>
【单选题】
在资源管理器窗口中,若要选定连续的几个文件或文件夹,可以在选中第一个对象后,用___键+单击最后一个对象完成选取。 B
A. <Tab>
B. <Shift>
C. <Alt>
D. <Ctrl>
【单选题】
Windows 7的文件系统规定___。 D
A. 同一文件夹中的文件可以同名
B. 不同文件夹中的文件不可以同名
C. 同一文件夹中的子文件夹可以同名
D. 同一文件夹中的子文件夹不可以同名
【单选题】
在Windows7中,关于库的描述,错误的是___。
A. 在Windows 7中,使用库来组织和访问文件,这些文件与存储的位置无关
B. 当不需要查看库中的文件夹时,可以将它删除
C. 从库中删除文件夹时,该文件夹原始位置中的文件夹及其内容也随即被删除
D. 可以创建新库
【单选题】
若将一个应用程序添加到___文件夹中,当启动Windows 7时就会自动启动该项目。B
A. 控制面板
B. 启动
C. 文档
D. 程序
【单选题】
在Windows 7操作系统中,文件的类型可以根据___来识别。C
A. 文件的大小
B. 文件的用途
C. 文件的扩展名
D. 文件的存放位置
【单选题】
Microsoft的在线Office服务属于___。
A. SaaS
B. PaaS
C. IaaS
D. DataCenter
【单选题】
在Word 2010中,“插入”选项卡文本组中的“对象”按钮,不可以插入的是___
【单选题】
在Word 2010中,自动生成的目录可以通过按___键同时单击对应标题来快速定位该标题在文档中的位置。
A. <Ctrl>
B. <Tab>
C. <Shift>
D. <Alt>
【单选题】
在Word 2010中,“开始”选项卡“字体”组中“B”图形按钮的作用是:使选定对象___。
A. 变为粗体
B. 变为斜体
C. 加下划线单线
D. 加下划波浪线
【单选题】
在Word 2010中,格式刷___。
A. 只能复制图形格式
B. 只能复制字体格式
C. 只能复制段落格式
D. 可以复制选定对象的任何格式
【单选题】
在Word 2010中,如果要调整行距,可使用“开始”选项卡___组中的命令。
A. “字体”
B. “段落”
C. “制表位”
D. “样式”
【单选题】
在Word 2010中,要把文档内所有文字"计算机"改为加粗显示,最有效的方法是选择___命令。
【单选题】
在Word 2010中,要给段落添加底纹可以通过___实现。
A. “开始”选项卡“段落”组“底纹”命令
B. “插入”选项卡“底纹”命令
C. “开始”选项卡“字体”命令
D. “开始”选项卡“样式”命令
【单选题】
在Word 2010中,可以通过在“字体”对话框的___选项卡中调整字符间距与位置。
【单选题】
在Word 2010中,可以通过在___搜索文本框中输入对象名(如表格、图形、公式等)快速在文档中查找到相关的匹配项。
A. 导航窗格
B. 页面设置
C. 样式窗口
D. 段落窗格
【单选题】
在Word 2010中,可以设置文本效果的按钮在“开始”选项卡的___功能区里。
【单选题】
在Word 2010中,自动生成的目录可以通过按___键同时单击对应标题快速定位需要查询的内容。 A
A. <Ctrl>
B. <Tab>
C. <Shift>
D. <Alt>
【单选题】
在Excel 2010中,下列可以实现表格行列互换的操作是___。
A. 选择后使用“格式刷”
B. 复制后使用“选择性粘贴”
C. 复制后使用“条件格式”
D. 选择后使用“套用表格格式”
【单选题】
在Excel 2010中,一个新建的Excel工作簿中一般含有___个默认工作表。
【单选题】
在Excel 2010中,如果某单元格显示为“###.###”,这表示___。
A. 公式错误
B. 格式错误
C. 行高不够
D. 列宽不够
【单选题】
在Excel 2010中,输入数字字符的文本型数据(如身份证号码、邮政编码等)时,要在数字字符前加一个英文(西文)输入状态下的___。
A. 逗号
B. 分号
C. 单引号
D. 双引号
【单选题】
在Excel 2010中,单元格区域“A3:B4”代表的单元格为___。
A. A3
B. 4 B. B3 B4
C. A3 B3 A4 B4
D. A1 A2 A3 B4
【单选题】
在Excel 2010中,在单元格中输入文字时,缺省的对齐方式___。
A. 左对齐
B. 右对齐
C. 居中对齐
D. 两端对齐
【单选题】
在Excel 2010中,使用"重命名"命令后,则下面正确的是___命令。
【单选题】
在Excel 2010中,若在工作表中插入一列,则一般插入在当前列的___。
【单选题】
在Excel 2010中,编辑栏上的“对号”表示___。
A. 取消输入
B. 确认输入
C. 编辑公式
D. 编辑文字
【单选题】
关于Excel 的描述中,错误的是___。
A. 一个Excel文件就是一张工作表
B. 一个Excel文件就是一张工作簿
C. 一个工作簿可以有多个工作表
D. 双击某个工作表标签,可以对该工作表进行重新命名
【单选题】
在Excel 2010中,错误值“#DIV/0”代表什么意思___。
A. 无法识别的数字
B. 数字有问题
C. 分母为0值
D. 字符输入太长
【单选题】
在Excel 2010工作表的单元格中输入公式时,可先输入___号。
【单选题】
在Excel 2010的图表中,水平X轴通常用来作为___。B
A. 排序轴
B. 分类轴
C. 数据轴
D. 时间轴
【单选题】
在Excel 2010中,对单元格的引用有多种,以下属于绝对引用的是___。 C
A. B1
B. B$1
C. $B$1
D. $B1
