【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
推荐试题
【单选题】
运载超长、超高或重大物件时,( )基本一致,超长物件尾部应设标志。___
A. 物件重心应与车厢承重中心
B. 物件重心应与车厢前轮
C. 物件重心应与车厢后轮
D. 物件中心应与车厢承重中心
【单选题】
使用机械牵引杆件上山时,应将杆身绑牢,钢丝绳不得触磨岩石或坚硬地面,牵引路线两侧( )m以内,不得有人逗留或通过。___
【单选题】
用管子滚动搬运应由专人负责指挥。管子承受重物后两端应各露出约( )Cm,以便调节转向。___
【单选题】
用管子滚动搬运物体,手动调节管子时,应注意防止( )。___
A. 物体滚落
B. 压伤手指
C. 倾斜滑脱
D. 重物下滑
【单选题】
凡在坠落高度基准面( )m及以上的高处进行的作业,都应视作高处作业。___
【单选题】
凡参加高处作业的人员,应每( )进行一次体检。___
【单选题】
低温或高温环境下的高处作业,应采取( )措施,作业时间不宜过长。___
A. 保暖或防暑降温
B. 保暖
C. 防暑降温
D. 专人监护
【单选题】
峭壁、陡坡的工作场地或人行道上,冰雪、碎石、泥土应经常清理,靠外面一侧应设1050~1200mm高的栏杆,栏杆内侧设( )mm高的侧板。___
A. 180
B. 150
C. 120
D. 210
【单选题】
高处作业,除有关人员外,他人不得在工作地点的下面通行或逗留,工作地点下面应( )。___
A. 有遮栏(围栏)或装设其他保护装置
B. 有遮栏
C. 有围栏
D. 装设其他保护装置
【单选题】
在电焊作业或其他有火花、熔融源等的场所使用的安全带或安全绳应有( )。___
A. 绝缘护套
B. 塑料护套
C. 隔热防磨套
D. 保护套
【单选题】
安全带和专作固定安全带的绳索在使用前应进行( )。安全带应按附录O定期检验,不合格的不得使用。___
A. 全面检查
B. 质量检测
C. 外观检查
D. 应力试验
【单选题】
保险带、绳使用长度在3m以上的应( )。___
A. 缠绕使用
B. 加缓冲器
C. 禁止使用
D. 采取减少长度的措施
【单选题】
腰带和保险带、绳应有足够的机械强度,材质应耐磨,卡环(钩)应具有保险装置,操作应灵活。保险带、绳使用长度在( )m以上的应加缓冲器。___
【单选题】
在没有脚手架或者在没有栏杆的脚手架上高处工作,高度超过( )m时,应使用安全带,或采取其他可靠的安全措施。___
【单选题】
单梯的横档应嵌在支柱上,并在距梯顶( )m处设限高标志。___
A. 1
B. 1.2
C. 1.5
D. 1.8
【单选题】
使用单梯工作时,梯与地面的斜角度约为( )。___
A. 60°
B. 40°
C. 30°
D. 45°
【单选题】
紧急救护时,发现伤员意识不清、瞳孔扩大无反应、呼吸、心跳停止时,应立即在现场就地抢救,用( )支持呼吸和循环,对脑、心重要脏器供氧。___
A. 心脏按压法
B. 口对口呼吸法
C. 口对鼻呼吸法
D. 心肺复苏法
【单选题】
触电急救,在医务人员( )前,不得放弃现场抢救,更不能只根据没有呼吸或脉搏的表现,擅自判定伤员死亡,放弃抢救。___
A. 未到达
B. 未接替救治
C. 作出死亡诊断
D. 判断呼吸或脉搏表现
【单选题】
触电急救应分秒必争,一经明确心跳、呼吸停止的,立即就地迅速用( )进行抢救,并坚持不断地进行,同时及早与医疗急救中心(医疗部门)联系,争取医务人员接替救治。___
A. 心脏按压法
B. 口对口呼吸法
C. 口对鼻呼吸法
D. 心肺复苏法
【单选题】
伤员脱离电源后,判断伤员有无意识应在( )s以内完成。___
【单选题】
触电伤员脱离电源后,正确的抢救体位是( )。___
A. 左侧卧位
B. 右侧卧位
C. 仰卧位
D. 俯卧位
【单选题】
触电急救,当采用胸外心脏按压法进行急救时,伤员应仰卧于( )上。___
A. 柔软床垫
B. 硬板床或地
C. 担架
D. 弹簧床
【单选题】
触电急救,胸外心脏按压频率应保持在( )次/min。___
A. 60
B. 80
C. 100
D. 120
【单选题】
进行心肺复苏法时,如有担架搬运伤员,应该持续做心肺复苏,中断时间不超过( )s。___
【单选题】
被电击伤并经过心肺复苏抢救成功的电击伤员,都应让其充分休息,并在医务人员指导下进行不少于( )h的心脏监护。___
【单选题】
烧伤急救时,强酸或碱灼伤应迅速脱去被溅染衣物,现场立即用大量清水彻底冲洗,要彻底,然后用适当的药物给予中和;冲洗时间不少于( )min。___
【单选题】
犬咬伤后应立即用浓肥皂水或清水冲洗伤口至少( )min,同时用挤压法自上而下将残留伤口内唾液挤出,然后再用碘酒涂搽伤口。___
【判断题】
作业人员在发现直接危及人身、电网和设备安全的紧急情况时,有权停止作业或者在采取可能的紧急措施后撤离作业场所,并立即报告
【判断题】
在试验和推广新技术、新工艺、新设备、新材料的同时,应制定相应的安全措施,经本单位分管生产的领导(总工程师)批准后执行
【判断题】
高压电气设备电压等级为在1000V以上
【判断题】
工作人员禁止擅自开启直接封闭带电部分的高压配电设备柜门、箱盖、封板等
【判断题】
新参加电气工作的人员、实习人员和临时参加劳动的人员(管理人员、非全日制用工等),应经过安全生产知识教育后,方可下现场单独工作
【判断题】
在绝缘导线所有电源侧及适当位置(如支接点、耐张杆处等)、柱上变压器高压引线处,应装设验电接地环或其他验电、接地装置
【判断题】
柜式配电设备的母线侧封板应使用专用螺丝和工具,专用工具应妥善保存,柜内有电时禁止开启
【判断题】
配电设备的操作机构上应有中文操作说明和状态指示
【判断题】
经常有人工作的场所及施工车辆上应配备急救箱,存放急救用品,并应指定专人定期检查、补充或更换
【判断题】
装有SF6设备的配电站,应装设强力通风装置,风口应设置在室内底部,其电源开关应装设在门内
