【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
推荐试题
【单选题】
静电本体包括阴极、阳极、槽型极板系统,___和壳体。
A. 电源装置;
B. 振打装置;
C. 集尘装置;
D. 均流装置。
【单选题】
阴极板系统主要包括阴极绝缘支柱、大小框架、___电晕线。
A. 振打装置;
B. 电源装置;
C. 均流装置;
D. 电源装置。
【单选题】
由于接班人员检查不彻底发生的问题,由___负责。
A. 交班人员;
B. 接班人员;
C. 值长;
D. 班长。
【单选题】
因交接班记录错误而发生的问题由___负责。
A. 交班人员;
B. 接班人员;
C. 值长;
D. 班长。
【单选题】
一般第一电场火花率是___次/min。
A. 20~40;
B. 40~60;
C. 60~80;
D. 80~100。
【单选题】
浓缩机正式运行前应先___。
A. 空转一周;
B. 检查油质;
C. 检查齿条;
D. 检查轴承。
【单选题】
启动时,按控制器电源按钮,指示灯不亮, 电源电压正常,此时电除尘器可能发生了___ 故障。
A. 一次回路有过电压产生;
B. 操作保险熔断;
C. 晶闸管保险接触不良或熔断;
D. 高压硅整流变压器高压线圈局部短路。
【单选题】
通常把交流___确定为人体的安全电流值,当通过人体的电流低于这个数值时,一般人体不会受到伤害。
A. 50~60Hz、10mA;
B. 50~60Hz、15mA;
C. 50~60Hz、20mA;
D. 50~60Hz、30mA。
【单选题】
电除尘器中的高压供电装置的功能是对尘粒的荷电和捕集提供强的电场和___。
A. 电流;
B. 电源;
C. 电极;
D. 电压。
【单选题】
设计完善的自动控制系统,即使当粉尘特性和浓度波动时,也能使___始终保持在最佳值。
A. 电压;
B. 电流;
C. 电源;
D. 功率。
【单选题】
在正常运行中,若发现电动机冒烟,应___。
A. 继续运行;
B. 申请停运;
C. 紧急停运;
D. 马上灭火。
【单选题】
集尘板呈___状,为了减少灰尘的二次飞扬和增加极板的刚度,通常把断面轧制成不同的凸凹槽型。
【单选题】
控制系统的功能是改变作用在电极系统上直流电压的___。
A. 波幅;
B. 振幅;
C. 波谷;
D. 波峰。
【单选题】
当表盘显示二次电流不稳定,毫安表指针急剧摆动,则可能发生了___。
A. 气流分布板孔眼被堵;
B. 电晕线肥大;
C. 电缆击穿;
D. 烟气湿度过小,使粉尘比电阻值上升。
【单选题】
绝对压力就是___。
A. 气体的真实压力;
B. 压力表所示压力;
C. 真空表所示压力;
D. 大气压力。
【单选题】
警报响、跳闸指示灯亮、电源电压正常、柜内开关接触正常,再次启动后,一、二次表计均无指示,此时电除尘器可能发生了___故障。
A. 一次回路有过电压产生;
B. 调节控制器的插件接触不良;
C. 晶闸管保险接触不良或熔断;
D. 高压硅整流变压器高压线圈局部短路。
【单选题】
触电人心脏停止跳动时,应采取___方法进行抢救。
A. 口对口呼吸;
B. 心肺复苏法;
C. 打强心针;
D. 摇臂。
【单选题】
当电除尘器顺气流方向串联4个电场,在气流分布均匀性试验时,只需测量第___电场进口断面的气流分布均匀性,就可表示整台电除尘器的均匀性。
【单选题】
泵常采用___调节。
A. 入口调节;
B. 出口调节;
C. 中间调节;
D. 出入口调节。
【单选题】
锅炉的各项热损失中损失最大的是___。
A. 散热损失;
B. 化学不完全燃烧热损失;
C. 排烟热损失;
D. 排渣热损失。
【单选题】
当灰斗的阻流板脱落,气流发生短路时,一、二次电压、电流以及除尘效率分别为___。
A. 正常、不变;
B. 升高、降低;
C. 降低、降低;
D. 正常、降低。
【单选题】
高压硅整流变压器每台容量约在60~80kVA,一般200~300MW机组配置的电除尘器的变压器容量一般不超过1200kVA,这样每台锅炉安装___台高压硅整流变压器可满足除尘效率为99.9%的要求。
A. 3~4;
B. 6~8;
C. 12~16;
D. 24~32。
【单选题】
___只适用于扑救600V以下的带电设备的火灾。
A. 泡沫灭火器;
B. 二氧化碳灭火器;
C. 干粉灭火器;
D. 1211灭火器。
【单选题】
电线接地时,人体距离接地点越近,跨步电压越高,距离越远,跨步电压越低,一般情况下距离接地体___,跨步电压可看成是零。
A. 10m 以内;
B. 20m 以外;
C. 30m 以外 ;
D. 5m 以内。
【单选题】
___适用于粉尘浓度高、容易产生电晕封闭的场合和工况恶劣以及除尘效率低的场合。
A. 临界火花跟踪、最佳工作点探测的控制方式;
B. 火花频率自动跟踪控制方式;
C. 间隙供电控制方式;
D. 输出功率自动调节控制运行方式。
【单选题】
三个相同的电阻串联时的总电阻是并联时总电阻的___。
A. 6倍;
B. 9倍; C、3倍; D、1倍。
【单选题】
电除尘器一般阳极板和阴极板分别___。
A. 接地、接负电性;
B. 接负电性、接地;
C. 接地、接地;
D. 接负电性、接负电性。
【单选题】
整流变压器输出的直流电流为___。
A. 一次电流;
B. 二次电流;
C. 电极电流;
D. 电晕电流。
【单选题】
电除尘器设置进、出口烟箱的作用是___。
A. 改善电场中气流的均匀性;
B. 减小烟气流速的阻力损失;
C. 避免粉尘沉积在进、出口管道内壁上;
D. 提高电除尘效率。
【单选题】
当电动机缺相运行时,会发出___声。
A. 嚓嚓;
B. 咝咝;
C. 嗡嗡;
D. 撞击。
【单选题】
卧式电除尘器中常用的极板形式是___。
A. 网状;
B. 鱼鳞状;
C. 波纹状;
D. 大C形。
【单选题】
电除尘器气流分布板的作用是___。
A. 改变烟气流动方向;
B. 提高粉尘荷电能力;
C. 增大烟气阻力;
D. 使烟气流速均匀。
【单选题】
电除尘器供电系统采用___电源,经升压整流后,通过高压直流电缆供给除尘器本体。
A. 380V,60Hz;
B. 220V,60Hz;
C. 220V,5OHz;
D. 380V,50Hz。
【单选题】
一般将一个电场最外侧两个阳极板排中心平面之间的距离称作___。
A. 同极距;
B. 异极距;
C. 电场宽度;
D. 阳极距。
【单选题】
___将高压的交流电变为电除尘器所需的高压直流电。
A. 高压硅整流器;
B. 高压控制柜;
C. 控制元件;
D. 升压变压器。
【单选题】
造成反电晕的根本原因是___。
A. 比电阻太小;
B. 比电阻过高;
C. 粉尘浓度大;
D. 粉尘浓度小。
【单选题】
___气体本身并没有电子亲和力,但其在受到电子碰撞后,会产生具有电子亲和力的气体分子。
A. 氮气;
B. 氢气;
C. 氦气;
D. 二氧化碳。
【单选题】
为了防止粉尘在烟道中沉降,通常将烟气在电除尘器前后烟道中的流速控制在___m/s。.
A. 3~5;
B. 8~13;
C. 15~20;
D. 20~25。
【单选题】
为了保证电除尘器的捕集效率,烟气在电场内流速为___m/s。
A. 0.1~0.2;
B. 0.3~0.4;
C. 0.4~1.5;
D. 1.6~2。
【单选题】
电除尘器变压器目前多采用___布置,通过高压隔离开关和阴极相连。
A. 电缆引入室;
B. 低位(地面);
C. 高位(除尘器顶部);
D. 电缆终端盒。
