【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
推荐试题
【单选题】
资本主义经济危机的实质是___
A. 生产过剩的经济危机
B. 生产不足的经济危机
C. 生产相对过剩的经济危机
D. 生产严重短缺的经济危机
【单选题】
资本主义经济危机的根源在于___
A. 货币的流通手段职能
B. 货币的支付手段职能
C. 资本主义基本矛盾
D. 人口过剩与资本过剩的矛盾
【单选题】
产业资本在其循环运动中所采取的三种职能形式是___
A. 固定资本、流动资本、货币资本
B. 不变资本、可变资本、商品资本
C. 产业资本、商业资本、借贷资本
D. 货币资本、生产资本、商品资本
【单选题】
资本的周转时间包括___
A. 劳动时间和产品的销售时间
B. 产品的购买时间和生产时间
C. 生产时间和流通时间
D. 劳动时间和购买时间
【单选题】
把生产资料区分为固定资本和流动资本,其依据是___
A. 在生产过程中不同的价值周转方式
B. 在生产过程中不同的物质存在形态
C. 不同部分在剩余价值生产中的不同作用
D. 不同部分的不同运动速度
【单选题】
商品价值量是由生产商品的社会必要劳动时间决定,它是在___
A. 同类商品的生产者之间的竞争中实现的
B. 不同部门之间的竞争实现的
C. 商品的生产者和消费者之间的竞争中实现的
D. 商品的生产者和销售者之间的竞争中实现的
【单选题】
生产要素按贡献参与分配的经济依据是___
A. 抽象劳动是价值的唯一源泉
B. 生产要素所有权在经济上的实现
C. 生产要素都创造了价值
D. 生产要素不创造价值但可以参与分配
【单选题】
资本主义生产方式的绝对规律是___
A. 生产剩余价值或赚钱
B. 生产使用价值或商品
C. 生产价值
D. 生产和再生产劳动力供资本家使用
【单选题】
下列选项中属于不变资本又属于固定资本的是___
A. 原料
B. 燃料
C. 辅助材料
D. 机器、设备
【单选题】
利润本质上是___
A. 成本价格的产物
B. 所费资本的产物
C. 全部预付资本的产物
D. 剩余价值
【单选题】
商品的使用价值和价值的关系是___
A. 完全对立的关系
B. 对立统一的关系
C. 完全统一的关系
D. 没有关系
【单选题】
利润率是___
A. 剩余价值与可变资本的比率
B. 剩余价值与不变资本的比率
C. 剩余价值与所费资本的比率
D. 剩余价值与预付总资本的比率
【单选题】
平均利润率的形成是___
A. 不同部门的资本家之间竞争的结果
B. 同一部门内部的资本家之间竞争的结果
C. 同一部门资本家追求超额利润的结果
D. 资本有机构成提高的结果
【单选题】
把剩余价值看成是全部预付资本的产物,就转化为___
A. 成本价格
B. 生产价格
C. 利润
D. 利息
【单选题】
商品的二因素之所以是使用价值和价值,而不是使用价值和交换价值,是因为 ___
A. 商品的二因素是由生产商品的劳动二重性决定的
B. 价值是交换价值的内容和基础,交换价值是价值的表现形式
C. 使用价值是价值的物质承担者
D. 价值是一般人类劳动的凝结
【单选题】
马克思在研究商品时,之所以考察使用价值,因为使用价值是___
A. 构成财富的物质内容
B. 人类生存、发展的物质条件
C. 满足人们需要的物质实体
D. 商品交换价值的物质承担者
【单选题】
马克思指出:“如果物没有用,那么其中包含的劳动也就没有用,不能算作劳动。因此不形成价值。”这段话说明___
A. 价值的存在以物的有用性为前提
B. 价值的存在与物的有用性互为前提
C. 只要物是有用的,它就有价值
D. 物越是有用就越有价值
【单选题】
商品二因素中的价值是___
A. 商品的自然属性
B. 商品的社会属性
C. 交换价值的物质承担者
D. 交换价值的表现形式
【单选题】
理解马克思主义政治经济学的枢纽是___
A. 剩余价值学说
B. 生产价格理论
C. 劳动二重性学说
D. 劳动力商品理论
【单选题】
货币具有五种职能___
A. 价值尺度、流通手段、贮藏手段、支付手段、世界货币
B. 价值尺度、流通手段、贮藏手段、支付手段、协调手段
C. 世界货币、流通手段、贮藏手段、支付手段、协调手段
D. 价值尺度、流通手段、贮藏手段、支付手段、干预手段
【单选题】
生产商品的劳动二重性是指___
A. 简单劳动和复杂劳动
B. 私人劳动和社会劳动
C. 具体劳动和抽象劳动
D. 生产劳动和非生产劳动
【单选题】
商品生产者要获得更多的收益,必须使生产商品的个别劳动时间___
A. 大大高于社会必要劳动时间
B. 低于社会必要劳动时间
C. 等于社会必要劳动时间
D. 略高于社会必要劳动时间
【单选题】
资本家改进技术提高劳动生产率的直接目的是___
A. 提高产品的质量
B. 减轻劳动强度
C. 获取相对剩余价值
D. 获取超额剩余价值
【单选题】
相对剩余价值的获得是___
A. 延长工人劳动时间的结果
B. 社会普遍提高劳动生产率的结果
C. 普遍提高工人劳动强度的结果
D. 个别资本家提高劳动生产率的结果
【单选题】
当代资本主义国家政治制度的核心内容是___
A. 政党制度
B. 国家制度
C. 文官制度
D. 议会制度
【单选题】
资产阶级意识形态的核心是___
A. 利己主义
B. 利他主义
C. 集体主义
D. 享乐主义
【单选题】
马克思说:“一切商品对它们的所有者是非使用价值,对它们的非所有者是使用价值。”对这句话应理解为___
A. 商品不可能既有使用价值又有价值
B. 商品所有者同时获得使用价值和价值
C. 使用价值是商品的本质属性
D. 商品的使用价值和价值是相互排斥的
【单选题】
某工厂原工作日为八小时,必要劳动时间和剩余劳动时间各为四小时,若采用绝对剩余价值生产方法,增加剩余劳动时间二小时,则剩余价值率为___
A. 120%
B. 150%
C. 180%
D. 200%
【单选题】
某工厂原工作日为八小时,必要劳动时间和剩余劳动时间各为四小时,若采用相对剩余价值生产方法,增加剩余劳动时间二小时,则剩余价值率为___
A. 100%
B. 300%
C. 200%
D. 250%
【单选题】
在简单商品经济中,价值规律作用的表现形式是___
A. 商品价格与价值经常保持一致
B. 商品价格围绕价值上下波动
C. 商品价格围绕生产价格上下波动
D. 商品价格围绕垄断价格上下波动
【单选题】
资本主义扩大再生产的重要源泉是___
A. 剩余价值
B. 可变资本
C. 资本积累
D. 剩余劳动
【单选题】
货币的本质是___
A. 价值符号
B. 流通手段
C. 支付手段
D. 固定充当一般等价物的特殊商品
【单选题】
资本的有机构成可表示为___
A. c∶v
B. m∶c
C. c∶m
D. m∶v
【单选题】
马克思主义政治经济学的直接理论来源是___
A. 重商主义
B. 古典政治经济学
C. 庸俗政治经济学
D. 空想社会主义的经济理论
【单选题】
解决商品内在使用价值和价值矛盾的关键是___
A. 货币的出现
B. 私人劳动与社会劳动的划分
C. 商品交换的实现
D. 社会分工的不断发展
【单选题】
形成商品价值量的劳动,是以___
A. 社会劳动为尺度
B. 私人劳动为尺度
C. 简单劳动为尺度
D. 抽象劳动为尺度
【单选题】
价值规律在对经济活动进行自发调节时,产生的消极后果,不包括___
A. 导致社会资源浪费
B. 阻碍技术的进步
C. 导致收入两极分化
D. 自发的刺激生产力的发展
【单选题】
货币是在长期的交换过程中形成的固定充当___的商品
A. 一般等价物
B. 等价交换
C. 交换价值
D. 使用价值
【单选题】
资本主义社会中工人的工资是___
A. 工人全部劳动的报酬
B. 劳动价值或价格的转化形式
C. 劳动力价值或价格的转化形式
D. 工人在剩余劳动时间内创造的新价值
【单选题】
社会生产过程包括的环节是___
A. 购买、生产和销售
B. 生产、分配、交换和消费
C. 循环、周转和社会资本再生产
D. 危机、萧条、复苏和高涨
