【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
推荐试题
【单选题】
《检验检测机构资质认定能力评价检验检测机构通用要求》(RB/T 214 —2017)规定,检验检测机构应对检验检测原始记录、报告、证书归档留存,保证其具有可追溯性。检验检测原始记录、报告、证书的保存期限通常不少于___。
A. 2年
B. 3 年
C. 5 年
D. 6 年
【单选题】
《机动车安全技术检验项目和方法》(GB21861-2014)规定,在用机动车检验时,重中型货车、挂车的外廓尺寸应与机动车行驶证签注的内容相 符,且误差不超过___ 或±100mm 。
A. ±1%
B. ±2%
C. ±3%
D. ±5%
【单选题】
《机动车安全技术检验项目和方法》(GB21861-2014)规定,___检验时,除检验员外可再乘坐一名送检人员或随车人员。
A. 外观
B. 路试
C. 底盘
D. 仪器设备
【单选题】
《机动车运行安全技术条件》(GB7258-2017)所称乘用车,是指设计和制造上主要用于载运乘客及其随身行李和/或临时物品的汽车,包括驾驶人座位在内最多不超过___个座位。它可以装置一定的专用设备或器具,也可以牵引一辆中置轴挂车。
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,___和总质量小于等于 3500kg 的货车(低速汽车除外)应在靠近风窗立柱的位置设置能永久保持的车辆识别代号标识;该标识从车外应能清晰地识读,且非经破坏性操作不能被完整取下。
A. 乘用车
B. 长途客车
C. 专用校车
D. 半挂牵引车
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,货车核定乘坐人 数应小于等于___,专项作业车(消防车除外)核定乘坐人数应小于等于 9人,危险货物运输货车的核定乘坐人数应小于等于 3 人。
A. 3 人
B. 6 人
C. 9 人
D. 10 人
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,教练车应在车身两侧及后部喷涂高度大于等于___的“教练车”等字样。
A. 20mm
B. 50mm
C. 100mm
D. 200mm
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,车体应周正,车体外缘左右对称部位高度差应小于等于___。
A. 20 mm
B. 30 mm
C. 40 mm
D. 50 mm
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,汽车(纯电动汽车、燃料电池汽车和低速汽车除外)驾驶人耳旁噪声声级应小于等于___。
A. 80dB(A)
B. 90dB(A)
C. 100dB(A)
D. 115dB(A)
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,车长大于___的公路客车和旅游客车应装备符合标准规定的车道保持辅助系统和自动紧急制动系统。
A. 6m
B. 9m
C. 10m
D. 11m
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,插电式混合动力 汽车的纯电动续驶里程应大于等于___。
A. 50km
B. 100km
C. 150km
D. 200km
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,汽车(三轮汽车除外)的车轮定位应与该车型的技术要求一致。对前轴采用非独立悬架的汽车(前轴采用双转向轴时除外),其转向轮的横向侧滑量,用侧滑台检验时侧滑量值应小于等于___。
A. 3m/km
B. 5m/km
C. 10m/km
D. 15m/km
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,总质量大于等于 ___ 的危险货物运输货车还应装备电控制动系统(EBS)。
A. 6000kg
B. 10000kg
C. 12000kg
D. 15000kg
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,机动车行车制动性能和应急制动性能检验应在平坦、硬实、清洁、干燥且轮胎与地面间的附着系数大于等于___ 的混凝土或沥青路面上进行。
A. 0.7
B. 0.9
C. 0.5
D. 0.8
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,在空载状态下,驻车制动装置应能保证机动车在坡度为 20%(对总质量为整备质量的 1.2倍以下的机动车为 15%)、轮胎与路面间的附着系数大于等于 0.7 的坡道上正、反两个方向保持固定不动, 时间应大于等于___。
A. 1min
B. 2min
C. 3min
D. 5min
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,机动车应装置后反射器。挂车及车长大于等于___的机动车应安装侧反射器和侧标志灯。
A. 6m
B. 9m
C. 10m
D. 11m
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,所有货车(半挂牵引车、多用途货车除外)、货车底盘改装的专项作业车和挂车(旅居挂车除外)应在侧面设置车身反光标识。侧面的车身反光标识长度应大于等于车长的___,对三轮汽车应大于等于 1.2m,对侧面车身结构无连续平面的货车底盘改装的专项作业车应大于等于车长的 30%,对货厢长度不足车长 50%的货车应为货厢长度。
A. 30%
B. 40%
C. 50%
D. 60%
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,机动车(手扶拖拉机运输机组除外)应设置具有连续发声功能的喇叭,喇叭声级在距车前 2m、离地高 1.2m 处测量时,发动机最大净功率(或电机额定功率总和)为 7 kW 以 下 的 摩 托 车 为 80 dB(A)__ ~ 112 dB(A) , 其 他 机 动 车 为( )。
A. 80 dB(A)~90 dB(A)
B. 90 dB(A)~112 dB(A)
C. 90 dB(A)~115 dB(A)
D. 100 dB(A)~115 dB(A)
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,总质量大于等于___ 的货车,应装备符合标准要求的车辆右转弯音响提示装置,并在设计和制造上保证驾驶人不能关闭车辆右转弯音响提示装置。
A. 6000kg
B. 9000kg
C. 10000kg
D. 12000kg
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,乘用车、挂车轮胎胎冠花纹上的花纹深度应大于等于___,摩托车轮胎胎冠花纹上的花纹深度应大于等于 0.8mm;其他机动车转向轮的胎冠花纹深度应大于等于 3.2mm,其余轮胎胎冠花纹深度应大于等于 1.6mm。
A. 0.8mm
B. 1.2mm
C. 1.5mm
D. 1.6mm
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,两轮普通摩托车、两轮轻便摩托车的前后轮和边三轮摩托车的主车前后轮中心平面允许偏差应小于等于 ___。
A. 6mm
B. 8mm
C. 10mm
D. 15mm
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,前风窗玻璃驾驶人 视区部位及驾驶人驾驶时用于观察外后视镜的部位的可见光透射比应大于 等于___。所有车窗玻璃不应张贴镜面反光遮阳膜。
A. 50%
B. 60%
C. 70%
D. 80%
【单选题】
纯电动汽车、插电式混合动力汽车在车辆起步且车速低于___ 时,应能给车外人员发出适当的提示性声响。
A. 10km/h
B. 20km/h
C. 30km/h
D. 50km/h
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,所有汽车(三轮汽车、五轴及五轴以上专项作业车除外)及总质量大于___ 的挂车应 装备符合规定的防抱制动装置。
A. 1500kg
B. 2500kg
C. 3500kg
D. 4500kg
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,液压行车制动在达到规定的制动效能时,踏板行程应小于等于踏板全行程的___, 制动器装有自动调整间隙装置的机动车踏板行程应小于等于踏板全行程的五分之四,且乘用车应小于等于 120mm,其他机动车应小于等于 150mm。
A. 三分之二
B. 四分之一
C. 四分之三
D. 五分之四
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,汽车的制动协调时间,对液压制动的汽车应小于等于___,对气压制动的汽车应小 于等于 0、60s。
A. 0、35s
B. 0、45s
C. 0、60s
D. 0、80s
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,铰接客车、铰接 式无轨电车的制动协调时间应小于等于___。
A. 0、35s
B. 0、45s
C. 0、60s
D. 0、80s
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,进行制动力检验时, 汽车、汽车列车各车轮的阻滞力均应小于等于轮荷的___。
【单选题】
《机动车运行安全技术条件》(GB7258-2017)规定,车长大于等于___的客车应具有超速报警功能,当行驶速度超过允许的最大行驶速度(允许的最大行驶速度不应大于 100km/h)时能通过视觉和声觉 信号报警,但具有符合规定的限速功能或限速装置的除外。
【单选题】
《机动车查验工作规程》(GA801-2019)规定,对客车、危险货物运输货车、半挂牵引车和总质量大于或等于___的其他货车,查验行驶记录装置。
A. 10000kg
B. 12000kg
C. 15000kg
D. 20000kg
【单选题】
《机动车查验工作规程》(GA801-2019)规定,进口机动车注册登记,专项作业车、挂车、中型(含)以上载客汽车、中型(含)以上载货汽车的注册登记和变更登记(变更迁出除外),危险货物运输车辆的所有登记业务,以及申领机动车登记证书和校车使用许可、报废机动车法定监督解体、嫌疑车辆调查取证等业务的机动车查验应由___负责。
A. 外观员
B. 审核员
C. 民警查验员
D. 初级查验员
【单选题】
《机动车查验工作规程》(GA801-2019)规定,先行核发机动车检验合格标志后监督检查的,机动车安全技术检验远程视频监管中心应在检验照片(或视频)上传后的___内将检验照片(或视频)比对完毕;采用了符合规定的机动车检验智能审核监管方式的,按比例抽查。比对结果表明检验项目不符合 GB7258 国家标准及其他相关规定的,应要求机动车安全技术检验机构通知送检的机动车重新进行检验,并按规定对机动车安全技术检验机构予以处罚。
A. 1 h
B. 12 h
C. 24 h
D. 48 h
【单选题】
汽车一般由发动机、___、车身、电气和电子设备四大部分组成。
A. 底盘
B. 变速箱
C. 离合器
D. 驾驶室
【单选题】
目前汽车用代用燃料主要有:合成液体石油、___、压缩天然气(CNG)、 醇类等燃料。
A. 汽油
B. 液化石油气(LPG)
C. 柴油
D. 蓄电池
【单选题】
发动机按工作方式分,有___和四冲程两种,一般发动机为四冲程 发动机。
A. 二冲程
B. 三冲程
C. 五冲程
D. 六冲程
【单选题】
通常讲的发动机排气量指的是___。
A. 气缸总容积
B. 燃烧室容积
C. 气缸工作容积
D. 活塞行程
【单选题】
行驶系统包括:支撑全车的承载式车身及副车架、悬架和___等部分。
A. 车轮
B. 离合器
C. 半轴
D. 变速器
【单选题】
转向盘在空转阶段中的___称为转向盘自由行程。
【单选题】
轮胎标志为205/ 75R15,这里205表示___。
A. 断面宽度(cm)
B. 轮辋直径(cm)
C. 轮辋直径(inch)
D. 断面宽度(mm)
【单选题】
轮胎标志为205/ 75R15,这里75表示___。
A. 扁平比
B. 轮辋直径(cm)
C. 轮辋直径(inch)
D. 轮胎宽度(mm)
