【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
推荐试题
【多选题】
坚持法律面前人人平等,对于坚持走社会主义法治道路具有十分重要的意义,体现在___
A. 可以使人民在依法治国中的主体地位得到尊重和保障,从而有利于增强人民群众的主人翁意识和责任感
B. 鲜明地反对法外特权、法外开恩,有利于预防特权思想和各种潜规则的侵蚀
C. 鲜明地反对法律适用上的各种歧视,有利于贯彻执行“以事实为依据、以法律为准绳”的司法原则
D. 它要求人人都严格依法办事,既充分享有法律规定的各项权利,又切实履行法律规定的各项义务,有利于维护法律权威、健全社会主义法治
【多选题】
关于法治和德治,下列叙述正确的是___
A. 对国家和社会治理而言,法治和德治都非常重要且不可或缺
B. 法治和德治,是治国理政不可或缺的两种方式
C. 法治是治国理政的主要方式,德治是辅助方式
D. 法治和德治对社会成员都具有约束作用
【多选题】
德治发挥作用主要通过人们的___等进行道德教化。
A. 内心信念
B. 传统习俗
C. 社会舆论
D. 法律意识
【多选题】
推动法治和德治的相互促进,需要___
A. 强化道德对法治的支撑作用
B. 把道德要求贯彻到法治建设中
C. 将法治作为推动法治的主要方式,德治作为辅助方式
D. 运用法治手段解决道德领域突出问题
【多选题】
关于法治思维,说法正确的是___
A. 法治思维以法治价值和法治精神为指导,蕴含着公正、平等、民主、人权等法治理念
B. 法治思维以法律原则和法律规则为依据来指导人们的社会行为
C. 法治思维以法律手段与法律方法为依托分析问题、处理问题、解决纠纷
D. 法治思维是一种符合规律、尊重事实的科学思维
【多选题】
法治思维与人治思维的区别集中体现在___
A. 依据不同
B. 方式不同
C. 价值不同
D. 标准不同
【多选题】
下列属于法治思维基本内容的有___
A. 法律至上
B. 权利制约
C. 公平正义
D. 依宪执政
【多选题】
法治思维的内涵丰富、外延宽广,主要表现为___
A. 价值取向
B. 人权保障
C. 正当程序
D. 规则意识
【多选题】
法律至上具体表现为___
A. 法律的普遍适用性
B. 法律的优先适用性
C. 法律的科学性
D. 法律的不可违抗性
【多选题】
权力制约是指国家机关的权力必须受到法律的规制和约束,它要求___
A. 权力由法定
B. 有权必有责
C. 用权受监督
D. 违法受追究
【多选题】
一般来讲,公平正义主要包括 ___
A. 权利公平
B. 机会公平
C. 规则公平
D. 救济公平
【多选题】
权利公平包括三重含义___
A. 权利主体平等,国家对每个权利主体“不偏袒”、“非歧视”
B. 享有的权利特别是基本权利平等
C. 制定法律的权利平等
D. 权利保护和权利救济平等
【多选题】
下列说法属于规则公平内容的是___
A. 法律规则面前人人平等
B. 法律内容面前人人平等
C. 法律制定面前人人平等
D. 法律保护面前人人平等
【多选题】
救济公平是指为权利受到侵害或处于弱势地位的公民提供平等有效的救济,包括___
A. 司法救济公平
B. 行政救济公平
C. 社会救济公平
D. 财产救济公平
【多选题】
权利保障主要是指对公民权利的法律保障,具体包括公民权利___
A. 宪法保障
B. 立法保障
C. 行政保护
D. 司法保障
【多选题】
程序的正当,表现在程序的___
A. 合法性
B. 中立性
C. 参与性
D. 公开性
【多选题】
法律是否具有权威,取决的基本要素是___
A. 法律在国家和社会治理体系中的地位和作用
B. 法律本身的科学程度
C. 法律在实践中的实施程度
D. 法律被社会成员尊崇或信仰的程度
【多选题】
就大学生而言,作为一个公民,要在尊重法律权威方面要___
A. 信仰法律
B. 遵守法律
C. 服从法律
D. 维护法律
【多选题】
培养法治思维的途径很多,大学生可以通过各种机会和途径___
A. 学习法律知识
B. 掌握法律方法
C. 参与法律实践
D. 养成守法习惯
【多选题】
现在,人们参与法律实践的方式和途径越来越多,主要包括 ___
A. 参与立法讨论
B. 依法行使监督权
C. 旁听司法审判
D. 参与模拟法庭
【多选题】
关于尊重法律权威的重要意义,正确的说法是___
A. 尊重法律权威是社会主义法治观念的核心要求和建设社会主义法治国家的前提条件
B. 尊重法律权威对于推进国家治理体系和治理能力现代化、实现国家的长治久安极为重要
C. 尊重法律权威是实现人民意志、维护人民利益、保障人民权利的基本途径
D. 尊重法律权威维护个人合法权益的根本保障
【多选题】
法律权利具有以下特征___
A. 法律权利的内容、种类和实现程度受社会物质生活条件的制约
B. 法律权利的内容、分配和实现方式因社会制度和国家法律的不同而存在差异
C. 法律权利不仅由法律规定或认可,而且受法律维护或保障,具有不可侵犯性
D. 法律权利必须依法行使,不能不择手段地行使法律权利
【多选题】
法律义务的履行表现为两种形式___
A. 思维逻辑推理
B. 作为
C. 不作为
D. 思维归纳
【多选题】
法律义务具有以下特点___
A. 法律义务是历史的
B. 法律义务源于现实需要
C. 法律义务必须依法设定
D. 法律义务可能发生变化
【多选题】
在法治国家中,不存在纯粹的权利主体,也不存在纯粹的义务主体。正确理解法律权利与法律义务的关系___
A. 法律权利与法律义务是各自独立的
B. 有些法律权利和法律义务具有复合性的关系,即一个行为可以同时是权利行为和义务行为
C. 法律权利与法律义务是目的与手段的关系
D. 法律权利和法律义务是相互依存的关系
【多选题】
法律权利与法律义务平等,是现代法治的基本原则,是社会公平正义的重要方面。表现为___
A. 法律面前人人平等被确立为基本原则
B. 在法律权利和法律义务的具体设定上要平等
C. 权利与义务的实现要体现平等
D. 法律权利与法律义务不可能平等
【多选题】
我国宪法法律规定了公民享有一系列权利, 主要包括___
A. 政治权利、人身权利
B. 财产权利、社会经济权利
C. 宗教信仰
D. 文化权利
【多选题】
政治权利包括___
A. 选举权、被选举权
B. 人身自由权
C. 民主管理权
D. 监督权
【多选题】
选举权利包括___
A. 任命权
B. 选举权
C. 被选举权
D. 自荐权
【多选题】
人身权利包括___
A. 生命健康权
B. 人身自由权
C. 人格尊严权
D. 住宅安全权
E. 通信自由权
【多选题】
人身自由是人们一切行动和生活的前提条件,包括___
A. 人的身体不受拘束
B. 人的行动自由
C. 人身自由不受非法限制和剥夺
D. 无限制的自由
【多选题】
人格尊严的基本内容包括___
A. 姓名权
B. 肖像权。
C. 名誉权和荣誉权
D. 隐私权
【多选题】
法律上的“住宅” 包括___
A. 休息的地方
B. 固定居住的住宅
C. 临时性的住所
D. 公共办公的地方
【多选题】
财产权主要包括___
A. 住宅安全权
B. 私有财产权
C. 继承权
D. 抚养权
【多选题】
社会经济权利主要包括___
A. 劳动权
B. 休息权
C. 社会保障权
D. 物质帮助权
【多选题】
文化权利分为___
A. 个人的文化权利
B. 国家的文化权利
C. 民族的文化权利
D. 集体的文化权利
【多选题】
依法行使法律权利要求公民行使权利时应严格依据法律进行。权利行使的方式分为___
A. 口头方式
B. 书面方式
C. 表达方式
D. 行为方式
【多选题】
下列属于我国宪法规定公民的基本义务有___等。
A. 维护国家统一和民族团结
B. 遵守宪法和法律
C. 维护祖国安全、荣誉和利益
D. 依法服兵役
【多选题】
我国宪法规定了公民遵守宪法和法律的义务,还规定了若干具体义务,包括___
A. 保守国家秘密
B. 爱护公共财产
C. 遵守劳动纪律
D. 遵守公共秩序
E. 尊重社会公德
【多选题】
公民未能依法履行义务,根据情节轻重,应当承担相应的法律责任。具体的法律责任主要___。
A. 民事责任
B. 商事责任
C. 行政责任
D. 刑事责任
