【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
推荐试题
【单选题】
脾破裂可以引起那种休克___
A. 过敏性休克
B. 低血容量休克
C. 感染性休克
D. 损伤性休克
E. 神经性休克
【单选题】
颅内无明显器质性改变的脑损伤是___
A. 脑挫裂伤
B. 硬脑膜外血肿
C. 硬脑膜下血肿
D. 脑内血肿
E. 脑震荡
【单选题】
关于胃、 十二指肠溃疡的特点准确的是___
A. 多为多发性溃疡
B. 直径一般大于2cm
C. 一般局限于黏膜层
D. 可引起出血或穿孔
E. 多与慢性胃炎有关
【单选题】
下列哪对韧带与维持子宫位置无关___
A. 圆韧带
B. 主韧带
C. 子宫骶骨韧带
D. 骨盆漏斗韧带
E. 阔韧带
【单选题】
腹部空腔脏器中最容易损伤的是___
A. 胃
B. 十二指肠
C. 小肠
D. 结肠
E. 大肠
【单选题】
细菌性肝脓肿最常见的感染途径是___
A. 胆道感染
B. 经开放性伤口
C. 经血液循环
D. 经淋巴途径
E. 细菌栓子脱落进入
【单选题】
经产妇妊娠60天时终止妊娠,最常用的方法是___
A. 负压吸引术
B. 钳刮术
C. 水囊引产
D. 依沙吖啶羊膜腔内注射法
E. 药物流产
【单选题】
关于人体铁代谢,下列说法错误的是___
A. 人体内的铁主要来源于食物
B. 女性铁的丢失形式主要为月经、粪便、哺乳、妊娠等
C. 合成红细胞的铁主要来源于衰老红细胞破坏释放铁的再利用
D. 人体铁的贮存形式主要为含铁血黄素和铁蛋白
E. 人体能吸收的铁为三价铁
【单选题】
原发性肝癌早期诊断的重要检查是___
A. 甲胎蛋白测定
B. 血清转氨酶测定
C. 碱性磷酸酶测定
D. 癌胚抗原测定
E. 异常凝血酶原测定
【单选题】
下列病因中与子宫脱垂无关的是___
A. 子宫增大以致压力增加
B. 盆底组织损伤
C. 卵巢功。能减退
D. 子宫支持结构先天发育异常
E. 腹腔压力增加
【单选题】
高血压脑病常见的症状是___
A. 一时性脑缺血
B. 脑出血
C. 头痛、头晕
D. 意识丧失、抽搐
E. 偏瘫、失语
【单选题】
梅毒的潜伏期一般为___
A. 24小时
B. 1~2天
C. 3~7天
D. 2~4周
E. 3~7个月
【单选题】
抑郁症的关键症状是___
A. 自责自罪
B. 情绪低落
C. 无价值妄想
D. 认知扭曲
E. 精神运动性迟钝
【单选题】
患者男性,60岁。20年前曾患肝炎。近2个月来纳差、消瘦,肝区疼痛明显。查体:轻度黄疸,面部有蜘蛛痣,腹膨隆,肝肋下2cm、剑下4cm,质硬,压痛;脾肋下3cm;移动性浊音阳性。现首先应检测的是___
A. 血氨
B. 甲胎蛋白
C. 血清胆红素
D. 血清白蛋白
E. 血清ALT和AST
【单选题】
急性肾小球肾炎多发生于下列哪种细菌所致的上呼吸道感染之后___
A. 肺炎链球菌
B. 金黄色葡萄球菌
C. 乙型溶血性链球菌
D. 大肠埃希菌
E. 流感嗜血杆菌
【单选题】
主要降低心脏前后负荷的药物为___
A. 硝普钠
B. 酚妥拉明
C. 硝酸甘油
D. 多巴胺
E. 多巴酚丁胺
【单选题】
人体维生素D的主要来源是___
A. 乳类中的维生素D
B. 蛋黄中的维生素D
C. 猪肝中的维生素D
D. 植物中的维生素D
E. 皮肤中的7-脱氢胆固醇
【单选题】
结核分枝杆菌侵犯肠道主要是___
A. 血液传播
B. 经口感染
C. 呼吸道传播
D. 生殖道传播
E. 体液感染
【单选题】
气性坏疽属于___
A. 败血症
B. 脓血症
C. 菌血症
D. 脓毒症
E. 毒血症
【单选题】
为明确和量化诊断二尖瓣狭窄最可靠的方法是___
A. 胸部X线检查
B. 心电图
C. 超声心动图
D. 心血管造影
E. 心脏CT
【单选题】
急性左心衰病人进行酒精湿化给氧的目的是___
A. 稀释痰液
B. 松弛支气管平滑肌
C. 使肺泡内泡沫破裂而改善通气
D. 加强心肌收缩力
E. 消毒氧气湿化瓶
【单选题】
以下所叙述的不符合传染病基本特征的是___
A. 有病原体
B. 有传染性
C. 有传播途径
D. 有流行性、季节性、地方性
E. 有免疫性
【单选题】
婴儿服用维生素D预防佝偻病,每日剂量为___
A. 100U
B. 400U
C. 1000U
D. 5000U
E. 50000U
【单选题】
一名艾滋病患者在社区医院就医后,发现自己患病的消息被护士告诉了所在社区的居民,导致邻居们对这名患者的态度非常排斥,这名护士损害了该患者的什么权利___
A. 健康权
B. 知情同意权
C. 姓名权
D. 医疗权
E. 隐私权
【单选题】
有促进生长发育,并是形成视紫质所必需的维生素是___
A. 维生素A
B. 维生素B
C. 维生素C
D. 维生素D
E. 维生素E
【单选题】
某婴儿出生时体重为3.5kg,生后5个月体重应是___
A. 5kg
B. 6kg
C. 7kg
D. 8kg
E. 9kg
【单选题】
关于疫苗接种的操作正确的是___
A. 所有小儿都应按时按量接种疫苗
B. 接受免疫抑制剂、发热、腹泻和急性传染病期间忌服脊髓灰质炎疫苗
C. 脊髓灰质炎糖丸可以用温开水服用
D. 接种前应用碘附消毒注射部位的皮肤
E. 过敏性皮疹属于接种疫苗的正常反应
【单选题】
关于骨盆组成的描述,正确的是___
A. 由2块髂骨、1块坐骨和1块尾骨组成
B. 由2块髋骨、1块骶骨和1块尾骨组成
C. 由2块髂骨、1块骶骨和1块尾骨组成
D. 由2块髋骨、1块坐骨和1块尾骨组成
E. 由1块坐骨、耻骨联合和1块尾骨组成
【单选题】
子宫收缩起始于两侧宫角部,迅速向子宫底中线集中,再向子宫下段扩散,并均匀协调地遍及整个子宫。这种特性称为子宫收缩的___
A. 极性
B. 节律性
C. 对称性
D. 缩复作用
E. 间歇性
【单选题】
目前诊断肝癌和微小肝癌的最佳方法是___
A. 甲胎蛋白检查
B. 超声检查
C. 肝穿刺活检
D. CT
E. 腹腔镜检查
【单选题】
泌尿系统常见的恶性肿瘤是___
A. 肾癌
B. 肾母细胞瘤
C. 肾盂肿瘤
D. 膀胱癌
E. 前列腺癌
【单选题】
诊断风湿性疾病的重要标志___
A. 血常规
B. 尿常规
C. 细菌学检查
D. 关节X线检查
E. 自身抗体检查
【单选题】
新生儿肺透明膜病出现呼吸困难的时间一般为___
A. 出生后即刻
B. 生后24~36小时
C. 生后12小时内
D. 生后12~24小时
E. 生后36~72小时内
【单选题】
体重2kg的早产儿,出生三天,暖箱设定的温度是___
A. 31℃
B. 32℃
C. 33℃
D. 34℃
E. 35℃
【单选题】
引起产褥感染最常见的病原菌是___
A. 产气荚膜杆菌
B. 大肠杆菌
C. 厌氧菌
D. 金黄色葡萄球菌
E. 阴道杆菌
【单选题】
有机磷农药中毒症状消失后多长时间可发生迟发性神经病___
A. 3d
B. 5d
C. 7d
D. 9d
E. 4~45d
【单选题】
糖尿病出现多尿的原因是___
A. 量过多
B. 尿渗透压增高
C. 药物副作用
D. 尿路感染
E. 糖尿病性肾病
【单选题】
腹膜刺激征是指___
A. 压痛、肌紧张、反跳痛
B. 反射性呕吐、恶心、腹泻
C. 肠呜音亢进、压痛、反跳痛
D. 肠鸣音消失、腹痛、腹泻
E. 板状腹、压痛、腹泻
【单选题】
与急性胰腺炎发病无关的是___
A. 胆总管梗阻
B. 酒精中毒
C. 暴饮暴食
D. 低钙血症
E. 病毒感染
【单选题】
下列属于继发性不孕的情况是___
A. 育龄妇女,未避孕,婚后性生活正常,未避孕,同居2年未孕者
B. 育龄妇女,婚后性生活正常,未避孕,同居1年未孕者
C. 夫妇同居,性生活正常,曾有自然流产一次,未避孕,2年未孕者
D. 夫妇同居,性生活正常,曾有自然流产一次,后未避孕,1年未孕者
E. 夫妇同居后1年未孕,一方有无法纠正的解剖生理缺陷者
