【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
推荐试题
【单选题】
在中国最早比较系统地介绍马克思主义,第一次举起社会主义大旗的人物是 ___
A. 陈独秀
B. 李大钊
C. 毛泽东
D. 蔡元培
【单选题】
五四运动以后,新文化运动的主流是 ___
A. 资产阶级思想文化的传播
B. 民主、平等思想的传播
C. 资产阶级改良主义的传播
D. 马克思主义的传播
【单选题】
在马克思主义传播的基础上,各地共产主义小组先后建立。中国最早建立的共产主义小组是 ___
A. 北京小组
B. 上海小组
C. 武汉小组
D. 长沙小组
【单选题】
1921年7月出席中共一大的长沙代表是 ___
A. 李达、李汉俊
B. 毛泽东、李达
C. 毛泽东、何叔衡
D. 毛泽东、董必武
【单选题】
马克思主义与中国工人运动相结合的产物是 ___
A. 毛泽东思想
B. 邓小平理论
C. “三个代表”重要思想
D. 中国共产党
【单选题】
下列不属于中共二大通过的党纲内容是 ___
A. 消除内乱,打倒军阀
B. 推翻帝国主义压迫
C. 联合第三国际
D. 统一中国为真正的民主共和国
【单选题】
中国工人运动第一次高潮的起点是 ___
A. 香港海员工人罢工
B. 京汉铁路工人大罢工
C. 广州沙面工人罢工
D. 省港工人大罢工
【单选题】
第一次工人运动由高潮转向低潮的转折点是 ___
A. 长辛店工人罢工
B. 京汉铁路大罢工
C. 上海工人罢工
D. 二七惨案
【单选题】
中国共产党的民主革命纲领即最低纲领的制定是在___
A. 中共一大
B. 中共二大
C. 国民党一大
D. 中共三大
【单选题】
下列各项,不是中国共产党第三次全国代表大会决议内容的是 ___
A. 加入共产国际
B. 同国民党合作建立革命统一战线
C. 帮助改组国民党
D. 共产党员以个人身份加入国民党
【单选题】
国共两党实现第一次合作的政治基础是 ___
A. 三民主义
B. 反帝反封建
C. 新三民主义
D. 共产党民主革命纲领
【单选题】
第一次国共合作形成的标志是 ___
A. 中共杭州西湖会议的召开
B. 中共三大的召开
C. 《中国国民党改组宣言》的发表
D. 国民党一大的召开
【单选题】
曾任黄埔军校政治部主任的是 ___
A. 蒋介石
B. 廖仲恺
C. 周恩来
D. 李大钊
【单选题】
国民革命时期,全国范围的大革命高潮的起点是 ___
A. 省港大罢工
B. 五卅运动
C. 青岛日资纱厂工人罢工
D. 安源路矿工人大罢工
【单选题】
国共合作以后,在全国反帝斗争的大浪潮中,影响最深、规模最大、时间最长的罢工是___
A. 广州沙面罢工
B. 香港海员大罢工
C. 省港大罢工
D. 开滦工人罢工
【单选题】
1924年到1927年7月,中国国民党的性质是 ___
A. 民族资产阶级政党
B. 有工人阶级参加的民族资产阶级政党
C. 工人、农民、小资产阶级和民族资产阶级联盟的政党
D. 大地主、大资产阶级的政党
【单选题】
第一次国共合作的组织形式是 ___
A. 中国共产党
B. 国民党
C. 中华革命党
D. 改组后的中国国民党
【单选题】
新旧三民主义比较,新三民主义增加的最重要的内容是 ___
A. 创立民国
B. 节制资本
C. 反对满清政府
D. 反帝
【单选题】
关于国民革命失败的原因,以下错误的表述是 ___
A. 帝国主义与国内封建主义、买办势力勾结,反革命力量强大
B. 国民党右派叛变革命
C. 中共党不善于把马克思主义理论与中国实际结合
D. 中共中央出现“左”倾教条主义错误
【单选题】
新文化运动的基本口号是___
A. 反对旧文学提倡新文学
B. 反对旧道德提倡新道德
C. 民主与科学
D. 民主与法制
【单选题】
中国先进分子真正了解马克思主义是在___
A. 俄国十月革命后
B. 五四爱国运动后
C. 新文化运动兴起
D. 中国共产党成立后
【单选题】
中国共产党组织领导的第一个农民协会是___
A. 衙前村农民协会
B. 海陆丰农民协会
C. 汕头农民协会
D. 井冈山农民协会
【单选题】
共产党早期组织领导的第一个工会是___
A. 上海机器工会
B. 长辛店铁路工会
C. 天津机械工会
D. 上海印刷工会
【单选题】
中共创立时期主要领导人是___
A. 李达
B. 张国焘
C. 毛泽东
D. 陈独秀
【单选题】
大革命时期中国人民反帝斗争的最大成果是___
A. 五卅运动掀起了反帝高潮
B. 上海工人第三次武装起义胜利
C. 收回汉口、九江英租借
D. 国民政府由广州迁到武汉
【单选题】
37中国共产党第一次代表大会确定党成立后的中心任务是___
A. 推翻资产阶级专政
B. 打到封建军阀
C. 宣传马克思主义
D. 组织和领导工人运动
【单选题】
“开天辟地”的大事变是指___
A. 早期新文化运动
B. 五四运动
C. 中国共产党成立
D. 辛亥革命
【单选题】
最早将《共产党宣言》全文翻译成中文的是___
A. 戴季陶
B. 陈望道
C. 陈独秀
D. 李达
【单选题】
提出“改良文学从八事入手”的新文化运动的代表人物是___
【单选题】
1927年国民革命失败后,中国社会的性质是 ___
A. 封建社会
B. 半殖民地半封建社会
C. 资本主义社会
D. 新民主主义社会
【单选题】
1928年12月,宣布东北三省“遵守三民主义,服从国民政府,改旗易帜”的是 ___
A. 张作霖
B. 郭松龄
C. 张学良
D. 张作相
【单选题】
以蒋介石为代表的南京国民党政府的性质是 ___
A. 资产阶级政权
B. 小资产阶级政权
C. 大地主大资产阶级政权
D. 封建君主专制政权
【单选题】
中共八七会议确定的总方针是 ___
A. 反对右倾投降主义
B. 走农村包围城市的革命道路
C. 创建井冈山革命根据地
D. 土地革命和武装反抗国民党反动派
【单选题】
中国共产党独立领导革命战争、创建人民军队和武装夺取政权的开端是 ___
A. 南昌起义
B. 秋收起义
C. 广州起义
D. 五卅运动
【单选题】
毛泽东提出“以后要非常注意军事,须知政权是由枪杆子中取得的”的重要论断是在___
A. 北京特别会议
B. 八七会议
C. 遵义会议
D. 古田会议
【单选题】
1927年9月9日,毛泽东领导的著名起义是 ___
A. 湘赣边界秋收起义
B. 赣南秋收起义
C. 湘南秋收起义
D. 广州起义
【单选题】
国民革命失败后,以毛泽东为代表的中国共产党人逐步将革命的重心 ___
A. 由乡村转移到城市
B. 由城市转移到乡村
C. 由大城市转向小城市
D. 由南方转向北方
【单选题】
毛泽东提出“工农武装割据”思想的著作是 ___
A. 《战争和战略问题》
B. 《星星之火,可以燎原》
C. 《中国的红色政权为什么能够存在?》
D. 《反对本本主义》
【单选题】
中国共产党认识和把握中国革命发展的客观规律,最终要靠 ___
A. 马克思列宁主义基本原理与中国实际相结合
B. 马克思主义本本
C. 听从共产国际的指挥
D. 照搬苏联经验
