【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
推荐试题
【判断题】
医疗器械临床试验质量管理规范不适用于按照医疗器械管理的体外诊断试剂。
【判断题】
验证是指通过提供客观证据表明规定要求已经满足的确认。(风险管理中)
【判断题】
《医疗器械生产质量管理办法》不适用于体外诊断试剂。
【判断题】
生产用细胞应当建立原始细胞库、主代细胞库、工作细胞库。
【判断题】
与血型、组织配型、血源筛查相关的试剂。
【判断题】
体外诊断试剂产品技术要求可以低于国家强制性标准。
【判断题】
变更体外诊断试剂的主要原材料供应商都属于许可事项变更。
【判断题】
体外诊断试剂可以分为定量检测和定性检测。
【判断题】
在医疗器械延续注册申报中,如医疗器械强制性标准没有变化,申请人无需递交产品检验报告。
【判断题】
产品技术要求中的性能指标较多时,可以以“见随附资料”等形式提供。
【判断题】
进口医疗器械在我国注册时需提供境外政府医疗器械主管部门批准该产品上市的证明文件,还需提供境外政府医疗器械主管部门批准该产品上市时的临床评价资料。
【判断题】
国内首创且具有显著临床应用价值的医疗器械可认定为创新医疗器械。
【判断题】
为了维护食品药品监管部门发布的政策、法规的权威性、严肃性和延续性,已注册的医疗器械,其管理类别由低类别调整为高类别的,在有效期内的医疗器械注册证继续有效。
【判断题】
已经注册的医疗器械,在医疗器械注册证中“结构及组成”栏内所载明的组合部件,在不改变预期用途的情况下可以单独销售,不用注册。
【判断题】
植入性医疗器械生产企业不得使用患有传染性疾病的人员。
【判断题】
在质量管理体系文件里,生产过程中使用的生产工艺规程属于技术文件。
【判断题】
监管机构对体外诊断试剂生产企业生产许可现场检查时,关键项目全部符合要求,仅一般项目中不符合要求的项目数<10%的检查结论为“整改后复查”。
【判断题】
无菌医疗器械生产用100级的洁净室(区)内不得设置地漏。
【判断题】
质量目标应是可测量的,并与质量方针保持一致。
【单选题】
《安规》关于“低[电]压”的定义是:用于配电的___的电压等级。
A. 直流系统中1000V以下;
B. 交流系统中1000V以下;
C. 交(直)流系统中1000V及其以下;
D. 交流系统中1000V及以下
【单选题】
为加强电力生产现场管理,规范各类工作人员的行为,保证___安全,依据国家有关法律、法规,结合电力生产的实际,制定《安规》。
A. 人身;
B. 设备;
C. 人身和设备;
D. 人身、电网和设备
【单选题】
作业现场的生产条件和安全设施等应符合有关标准、规范的要求,工作人员的___应合格、齐备。
A. 劳动防护用品;
B. 工作服;
C. 安全工器具;
D. 施工机具;
【单选题】
经常有人工作的场所及施工车辆上宜配备急救箱,存放___,并应指定专人经常检查、补充或更换。
A. 劳保用品;
B. 医用绷带;
C. 创可贴;
D. 急救用品
【单选题】
具有通高频、阻低频特性的电路器件是_______。
A. 电阻器
B. 电感器
C. 电容器
D. 不存在
【单选题】
某电容的标称值为 103,代表它的容值实际为_______ 。
A. 1μF
B. 0.1μF
C. 0.01μF
D. 0.001μF
【单选题】
通常电工术语“负载大小”是指_______大小。
A. 实际电压
B. 总电流
C. 消耗功率
D. 等效电阻
【单选题】
人们常说的交流电压 220V 是指交流电压的 。
A. 最大值
B. 平均值
C. 瞬时值
D. 有效值
【单选题】
家用自动空气开关具有_______保护功能。
A. 漏电
B. 欠压
C. 短路
D. 以上都有
【单选题】
三相四线制的电路中,中线_______ 。
A. 可以接熔断器
B. 可以接开关
C. 两个都可以接
D. 两个都不能接
【单选题】
发生 LC 串联谐振的条件是_______。
A. XL>XC
B. XL<XC
C. XL=XC
D. 以上都不对
【单选题】
叠加定理适用于_________。
A. 一切电路
B. 线性电路
C. 非线性电路
D. 直流电路
【单选题】
一理想变压器,原绕组接在 220V 的交流电源上,测得副绕组的端电压 11V,如果原绕组的匝数为 220 匝,则变压器的变压比、副绕组的匝数分别为_________
A. k=10,N2=210 匝
B. k=20,N2=11 匝
C. k=10,N2=1 匝
D. k=20,N2=210 匝
【单选题】
采用差分放大电路是为了_______
A. 加强电路对称性
B. 抑制零点漂移
C. 增强放大倍数
D. 以上都不对
【单选题】
阻值为 4Ω 的电阻和容抗为 3Ω 的电容串联,总复阻抗为_________。
A. Z=3+j4
B. Z=3-j4
C. Z=4+j3
D. Z=4-j3
【单选题】
欲测单相桥式整流电路的输入电压 Ui 及输出电压 U0,应采用的方法是 _______ 。
A. 用直流电压表分别测 Ui 及 U0
B. 用交流电压表分别测 Ui 及 U0
C. 用直流电压表测 Ui,用交流电压表测 U0
D. 用交流电压表测 Ui,用直流电压表测 U0
【单选题】
三个相同的灯泡做星形连接时,在三相四线制供电线路中,如果供电总中线断开,则_______。
A. 三个灯泡都变暗
B. 三个灯泡都变亮
C. 三个灯泡的亮度不变
D. 三个灯泡都不亮
【单选题】
交流电路中的线性元件_________的阻抗与频率成反比
A. 电阻
B. 电感
C. 电容
D. 铁心线圈
【单选题】
电路等效变换时,如果一条支路的电流为零,可按_______处理。
A. 短路
B. 断路
C. 通路
D. 以上都不是
【单选题】
为了去除信号直流分量,应选择示波器为 _______耦合。
