【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
推荐试题
【单选题】
电缆及电容器接地前应逐相充分放电,星形接线电容器的中性点应接地,串联电容器及与整组电容器脱离的电容器应___。
A. 全部接地
B. 单只接地
C. 充分放电
D. 逐个充分放电
【单选题】
___及电容器接地前应逐相充分放电。
A. 避雷器
B. 电缆
C. 导线
D. 变压器
【单选题】
接地线截面积应满足装设地点短路电流的要求,且高压接地线的截面积不得小于___mm2。
【单选题】
成套接地线应由有___的多股软铜线和专用线夹组成。
A. 绝缘护套
B. 护套
C. 透明护套
D. 橡胶护套
【单选题】
低压接地线和个人保安线的截面积不得小于___mm2。
【单选题】
接地线应使用专用的线夹固定在导体上,禁止用___的方法接地或短路。
【单选题】
杆塔无接地引下线时,可采用截面积大于190mm2(如φ16mm圆钢)、地下深度大于___m的临时接地体。
A. 0.6
B. 0.8
C. 1.0
D. 1.2
【单选题】
若由于设备原因,接地刀闸与检修设备之间连有断路器(开关),在接地刀闸和断路器(开关)合上后,应有保证断路器(开关)不会___的措施。
【单选题】
在工作地点或检修的配电设备上悬挂___标示牌;
A. “在此工作!”
B. “从此进出!”
C. “禁止合闸,有人工作!”
D. “止步,高压危险!”
【单选题】
工作地点有可能误登、误碰的邻近带电设备,应根据设备运行环境悬挂___等标示牌。
A. “禁止攀登,高压危险!”
B. “在此工作!”
C. “止步,高压危险!”
D. “当心触电!”
【单选题】
配电设备检修,若无法保证安全距离或因工作特殊需要,可用与带电部分直接接触的___隔板代替临时遮栏。
【单选题】
城区、___或交通道口和通行道路上施工时,工作场所周围应装设遮栏(围栏),并在相应部位装设警告标示牌。
A. 山区
B. 郊区
C. 有人区域
D. 人口密集区
【单选题】
单独巡视人员应经___批准并公布。
A. 公司领导
B. 工区领导
C. 工区
D. 安质部门
【单选题】
正常巡视应___。
A. 穿绝缘鞋
B. 穿纯棉工作服
C. 穿绝缘靴
D. 戴手套
【单选题】
夜间巡线应携带足够的___。
A. 干粮
B. 照明用具
C. 急救药品
D. 防身器材
【单选题】
灾害发生后,若需对配电线路、设备进行巡视,应得到___批准。
A. 设备运维管理单位领导
B. 设备运维管理单位
C. 工作负责人
D. 值班调控人员
【单选题】
巡视中发现高压配电线路、设备接地或高压导线、电缆断落地面、悬挂空中时,室内人员应距离故障点___m以外。
【单选题】
进入SF6配电装置室,应___。
A. 先检测
B. 先通风
C. 使用防护用品
D. 先散热
【单选题】
配电站、开闭所、箱式变电站等的钥匙至少应有___。
【单选题】
具备条件的设备可进行___操作,即应用可编程计算机进行的自动化操作。
【单选题】
检修人员操作的设备和接、发令程序及安全要求应由___批准,并报相关部门和调度控制中心备案。
A. 公司
B. 工区
C. 设备运维管理单位
D. 安质部
【单选题】
配电设备的防误操作闭锁装置不得随意退出运行,停用防误操作闭锁装置应经___批准。
A. 工区领导
B. 工作负责人
C. 公司
D. 工区
【单选题】
设备检修时,回路中所有___刀闸的操作手柄,应加挂机械锁。 配电《安规》
A. 来电侧
B. 受电侧
C. 两侧
D. 负荷侧
【单选题】
停电拉闸操作应按照___的顺序依次进行,送电合闸操作应按与上述相反的顺序进行。禁止带负荷拉合隔离开关(刀闸)。
A. 断路器(开关)—负荷侧隔离开关(刀闸)—电源侧隔离开关(刀闸)
B. 负荷侧隔离开关(刀闸)——断路器(开关)——电源侧隔离开关(刀闸)
C. 断路器(开关)—电源侧隔离开关(刀闸)—负荷侧隔离开关(刀闸)
D. 负荷侧隔离开关(刀闸)——电源侧隔离开关(刀闸)——断路器(开关)
【单选题】
用间接方法判断操作后的设备位置时,至少应有两个___指示发生对应变化,且所有这些确定的指示均已同时发生对应变化,方可确认该设备已操作到位。
A. 非同样构造或非同源的
B. 同样原理或同源的
C. 非同样原理或非同源的
D. 非同样原理或非同期的
【单选题】
___时,禁止就地倒闸操作和更换熔丝。
【单选题】
装设柱上开关(包括柱上断路器、柱上负荷开关)的配电线路停电,应___。送电操作顺序与此相反。
A. 先断开柱上开关,后拉开隔离开关(刀闸)
B. 先拉开隔离开关(刀闸),后断开柱上开关
C. 先停主线开关,后停支线柱上开关
D. 先停支线柱上开关,后停主线开关
【单选题】
配电变压器停电,应___。送电操作顺序与此相反。
A. 先拉开高压侧熔断器,后拉开低压侧开关(刀闸)
B. 先拉开低压侧开关(刀闸),后拉开高压侧熔断器
C. 先拉开低压侧分路开关,后拉开低压侧总开关
D. 先拉开低压侧总开关,后拉开低压侧分路开关
【单选题】
摘挂跌落式熔断器的熔管,应使用___,并派人监护。
A. 绝缘棒
B. 验电器
C. 操作杆
D. 专用工具
【单选题】
砍剪靠近带电线路的树木,___应在工作开始前,向全体作业人员说明电力线路有电。
A. 工作负责人
B. 工作许可人
C. 工作票签发人
D. 专业室领导
【单选题】
砍剪靠近带电线路的树木,工作负责人应在工作开始前,向全体作业人员说明电力线路有电;人员、树木、绳索应与导线保持10kV___m规定的安全距离。
A. 0.7
B. 1.0
C. 1.5
D. 3.0
【单选题】
为防止树木(树枝)倒落在线路上,应使用绝缘绳索将其拉向与线路___的方向,绳索应有足够的长度和强度,以免拉绳的人员被倒落的树木砸伤。
A. 相反
B. 60度
C. 90度
D. 相同
【单选题】
上树时,应使用安全带,安全带不得系在待砍剪树枝的___附近或以上。不得攀抓脆弱和枯死的树枝;不得攀登已经锯过或砍过的未断树木。
【单选题】
挖坑前,应与有关地下管道、电缆等设施的___取得联系,明确地下设施的确切位置,做好防护措施。
A. 主管单位
B. 运行单位
C. 维护单位
D. 建设单位
【单选题】
在超过___m深的基坑内作业时,向坑外抛掷土石应防止土石回落坑内,并做好防止土层塌方的临边防护措施。
【单选题】
不得站在___传递土石或放置传土工具;禁止由下部掏挖土层。
A. 挡板上
B. 撑木上
C. 挡板、撑木上
D. 脚手架上
【单选题】
在下水道、煤气管线、潮湿地、垃圾堆或有腐质物等附近挖坑时,应设___。
A. 工作负责人
B. 工作许可人
C. 监护人
D. 工作班成员
【单选题】
在下水道、煤气管线、潮湿地、垃圾堆或有腐质物等附近挖坑时,应设监护人。在挖深超过___m的坑内工作时,应采取安全措施,如戴防毒面具、向坑中送风和持续检测等。
【单选题】
在居民区及交通道路附近开挖的基坑,应设坑盖或可靠遮栏,加挂警告标示牌,夜间挂___。
【单选题】
攀登杆塔过程中应检查___和金具锈蚀情况。
A. 纵向裂纹
B. 横向裂纹
C. 裂纹
D. 绝缘子污染