【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
推荐试题
【单选题】
如没及时有效除气,让气侵井液重新泵入井内,而且继续受到进一步气侵,则___,终将会失去平衡,导致井喷。
A. 井底液柱压力不发生变化
B. 井底液柱压力将不断下降
C. 井底压力将不断上升
D. 井底液柱压力将不断上升
【单选题】
向井内泵入适当密度的液体,使液柱压力平衡地层压力,阻止地层流体继续进入井筒,恢复或重建井内压力平衡的工艺,称为___。
【单选题】
压井中途一般不宜停泵,出口要适当控制排量,做到压井液既不漏又不被___。
【单选题】
___提供的正确与否是正确选择压井液密度的关键。
A. 地层压力
B. 液柱压力
C. 井底压力
D. 井口压力
【单选题】
压井过程中始终保持___不变,控制地层流体不再进入井内。
A. 液柱压力
B. 地层压力
C. 井底压力
D. 井口压力
【单选题】
当溢流为天然气时,在压井过程中,套压达到最大时,作用于井底的压力___。
A. 达到最大
B. 达到最小
C. 不发生变化
D. 为零
【单选题】
在压井过程中,泵排量始终保持为压井排量,其目的是___。
A. 加快压井速度
B. 保持井底压力不变
C. 减小立压
D. 减小套压
【单选题】
发现溢流迅速关井的优点之一,是保持井内有较多的修井液,减小关井和压井时___压力值。
A. 地层
B. 立管
C. 井底压力
D. 波动
【单选题】
某井油层中部深度2000m,测得地层静压30MPa,若附加量取15%,则应选用相对密度为___g/cm3的压井液。
A. 1.33
B. 1.56
C. 1.68
D. 1.95
【单选题】
正循环压井中,当压井液到达压井管柱底部时,停稳泵关井,此时关井油管压力大于零,说明了___。
A. 压井排量偏低
B. 压井泵压偏低
C. 压井液粘度偏低
D. 压井液密度偏低
【单选题】
某修井队用密度1.20g/cm3的泥浆加深修井到井深2000m处发生溢流,关井套压3MPa,关井油压2MPa,压井液附加压力4MPa,计算压井泥浆密度___g/cm3。
A. 1.62
B. 1.72
C. 1.82
D. 1.92
【单选题】
某井用密度1.50g/cm3的泥浆钻到井深5000m处发生溢流,关井立、套压分别为2MPa和3.7MPa,溢流量1.8m3,环空平均单位容积12L/m,判断溢流种类是___。
【单选题】
某位于井深3400m处的产层压力梯度为17.65KPa/m,计算该产层压力是___MPa。
【单选题】
井下作业压井液密度应根据地质设计提供的___当量密度值为基准。
A. 最高地层孔隙压力
B. 地层破裂压力
C. 地层漏失压力
D. 上覆岩层压力
【单选题】
井下作业设计压井液对于地层硫化氢含量大于___g/m3的井应储备压井液或加重材料。
【单选题】
压井液密度具体选择附加值时应综合考虑下列___选项。①地层压力②液柱压力③地层破裂压力④地层流体中有毒有害气体的含量
A. ①②③④
B. ①③④
C. ②③④
D. ①②④
【单选题】
压井液性能被破坏的主要原因是“四侵”,即___。
A. Fe3+侵、水泥侵、泥浆侵、淡水侵
B. 硫化氢侵、Fe2+侵、盐水钙侵、水泥侵
C. 水侵、气侵、钙侵、盐水侵
D. 氮气侵、Fe3+侵、Mg2+侵、CA2+侵
【单选题】
无论是司钻法还是工程师法压井应遵循的原则是:始终保持___不变,并且满足稍大于或等于地层压力。
A. 井底压力
B. 液柱压力
C. 井口压力
D. 泵压
【单选题】
循环法是将密度___的压井液用泵泵入井内并进行循环,密度较小的原压井液(或油、气及水)被压井用的压井液替出井筒达到压井目的的方法。
【单选题】
挤注法压井的液体注入深度,应控制在油层顶部以上___m处。
【单选题】
循环法压井的关键是确定压井液的密度和控制适当的___。
【单选题】
若重复压井,必须将前次压井液排净,排除量应大于井筒容积的___倍。
A. 1-2
B. 1.5-2
C. 2-3
D. 1.2-1.5
【单选题】
由于环形空间内受气侵的压井液密度低于管柱内压井液密度,通常关井套压___油管压力。
【单选题】
在压力高、气油比大的油气井中压井应采用___法。
A. 灌注
B. 挤注法
C. 反循环
D. 正循环
【单选题】
气井和高压、高油气比井的共同特点是井口___。
A. 压力高、气量大
B. 压力低、气量大
C. 压力高、气量低
D. 压力低、气量低
【单选题】
初始循环压力是指压井修井液___的立管压力。
A. 刚开始泵入钻柱时
B. 进入钻柱过程中
C. 进入环空过程中
D. 返到地面时
【单选题】
终了循环压力是指压井修井液___的立管压力。
A. 进入管柱过程中
B. 进入环空过程中
C. 到达套管鞋处
D. 到达井底时
【多选题】
洗井作业施工设计中应该有___要求。
A. 地面管线安装、固定、试压
B. 采油树使用、保养
C. 防火、防爆、防污染
D. 防盗
【多选题】
洗井施工前作业队应做好___工作。
A. 按设计要求储备足够洗井液
B. 按洗井方式连接地面流程并固定、试压合格
C. 装好采油树或作业井口
D. 做好防污染工作
【多选题】
井下作业施工前,作业队应做的工作有___。
A. 向全队职工进行地质、工程和井下等方面的技术措施交底
B. 并明确班组各岗位分工
C. 对施工现场的井控装备、配备的防喷工具进行检查,使之处于完好状态
D. 按设计要求备足修井液
【多选题】
洗井施工中为防止井喷的发生应做的工作有___。
A. 按施工设计的管柱结构要求,将洗井管柱下至预定深度
B. 地面管线试压至设计施工泵压的1.5倍,经5min后不刺不漏为合格
C. 洗井时要注意观察泵压变化,泵压不能超过油层漏失压力
D. 严重漏失井采用有效堵漏措施后,再进行洗井施工
【多选题】
洗井施工中发生溢流的表现有___。
A. 出口密度降低
B. 泵压下降
C. 出口排量增加
D. 泵压增高
【多选题】
洗井时泵压低于正常泵压,出口很快与进口液性一致,分析原因有___。
A. 油管挂密封胶圈损坏
B. 上部油管有破损
C. 靠近井口油管脱落
D. 采油树闸门损坏
【多选题】
起下管柱作业应按以下要求执行___。
A. 在起下封隔器等大直径工具时,应控制起下钻速度,防止产生抽汲或压力激动
B. 在起管柱过程中,应及时向井内补灌压井液,保持液柱压力平衡
C. 起下管柱作业出现溢流时,可以观察情况,根据情况决定什么时候关井
D. 起下管柱过程中,要有防止井内管柱顶出的措施,以免增加井喷处理难度
【多选题】
施工设计的井控要求中,制定具体的预防和应急措施,应包括但不限于___、防喷器的规格、组合及示意图、四种作业工况时,应有具体的井控预防措施等内容。
A. 压井液要求
B. 井架高度
C. 井控装置的现场安装、调试与试压要求等
D. 发生溢流时的关井方法的确定
【多选题】
井下作业的地质设计、工程设计、施工设计中必须有相应的井控要求或明确的井控设计,主要包括:满足井控安全的各种资料数据,___、符合部颁标准的井控装备系统、有关法规及应急计划等。
A. 施工前准备工作
B. 合理的井场布置
C. 适合地层特性的修井液类型
D. 合理的修井液密度
【多选题】
检泵作业施工工序主要有___和下泵等。
A. 压井
B. 起抽油杆
C. 安装防喷器并试压
D. 起泵
【多选题】
对于施工井场布置的相关要求,以下说法正确的是___。
A. 作业井施工现场的电路布置、设备安装等都要确保作业正常施工
B. 工具房、值班房、爬犁等摆放整齐距井口和易燃物品的距离不得小于25m
C. 上岗人员懂防火知识,可以不用定期检查保养消防器材
D. 照明灯采用防爆低压安全探照灯或防爆探照灯,距井口不少于10m
【多选题】
起下管柱操作时应做好的防喷措施有___。
A. 防喷器、远程控制台和井控管汇的安装、试压要符合相关规定
B. 中途停工必须装好井口或关闭防喷装置
C. 起下作业前,在井口附近应准备好简易防喷工具或防喷单根
D. 允许边喷边作业,起完管柱应立即关闭防喷装置
【多选题】
起下作业前,在井口附近应准备好___等防喷工具。
A. 简易防喷工具
B. 管钳
C. 提升短节
D. 防喷单根