【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
推荐试题
【判断题】
第678题:稀释蒸汽液面指示不准的危害为稀释蒸汽带液,夹带钠离子等杂质,破坏炉管
【判断题】
第670题:安全标志包括禁止标志、警告标志、指令标志和提示标志等
【判断题】
第680题:劳动防护用品是指由生产经营单位为从业人员配备的,使其在劳动过程中免遭或者减轻事故伤害及职业危害的个人防护装备
【判断题】
第681题:使用听诊棒时主要通过感受设备的振动从而来判断设备工况
【判断题】
第682题:裂解炉不烧焦的情况下降温炉管部分或全部堵塞的机会是很小的
【判断题】
第684题:润滑油可以倒入含油污水沟内不必回收
【判断题】
第685题:为使压缩机充分预热,开车前必须对透平长时间低速暖机
【判断题】
第686题:企业要充分利用国家对安全生产专用设备所得税优惠、安全生产费用税前扣除等财税支持政策。在年度预算中必须保证应急救援装备、设施和演练、宣传、培训、教育等投入,提高救护队员的工资福利及其他相关待遇
【判断题】
第687题:进入受限空间作业时电焊机、变压器、气瓶应放置在受限空间内
【判断题】
第688题:使用中的原料罐氮封停用的危害为可燃气从呼吸阀外漏,达到爆炸极限,遇明火爆炸
【判断题】
第689題:为了有利于裂解气的分离裂解气压缩机出口压力越高越好
【判断题】
第690题:用人单位应当按照规定对从事使用高毒物品作业的劳动者进行岗位轮换
【判断题】
第691题:应急组织指挥体系或者职责已经调整的生产经营单位应急预案,可三年后修订
【判断题】
第692题:可燃气体与空气形成混合物遇到明火就爆炸
【判断题】
第693题:单位应当对消防档案分级保管、备查
【判断题】
第694题:生产经营单位可以以货币或者其他物品替代应当按规定配备的劳动防护用品
【判断题】
第695题:佩戴空气呼吸器作业时,当空气呼吸器罐内压力低于5MPa.发出报警声时,必须撤离危险区
【判断题】
第696题:实行承包、租赁或者委托经营、管理时消防车通道、涉及公共消防安全的旒散设施和其他建筑消防设施应当由产权单位或者委托管理的单位统一管理
【判断题】
第697題:阻聚剂有毒对皮肤有刺激性。如接触皮肤,可用凊水、肥皂或洗涤剂冼净
【判断题】
第698题:乙炔加氢反应是吸热反应,因此裂解气进入反应器前需要用低压蒸汽加热
【判断题】
第699题:滤毒罐存放有效期为2年,超过期限要重新鉴定
【判断题】
第700题:压力容器运行操作时应保持平稳,禁止超负荷、骤然升降温度或压力
【判断题】
可燃烧气体或蒸汽的危险程度与它们的爆炸下限成正比
【判断题】
进入气体分析不合格的容器内作业应佩戴隔绝式呼吸保护装备
【判断题】
硫化氢是强烈的神经毒物,有臭鸡蛋气味,臭味的增强与浓度的升高成正比
【判断题】
如果误食了甲醛要立刻吐出来,在医生到达之前每隔15min喝一杯含有一茶匙小苏打的水
【判断题】
应急预案的编制可以应急准备代替应急保障措施,也能满足本地区、本部门、本单位的应急工作要求
【判断题】
除矿山、建筑施工单位和易燃易爆物品、危险化学品、放射性物品等危险物品的生产、经营、储存单位和中型规模以上的其他生产单位以外,其他生产经营单位应当对本单位编制的应急预案进行论证
【判断题】
裂解炉烧嘴结焦或燃料气带液都可能造成烧嘴烧蚀
【判断题】
身上着火,可就地打滚或用厚重衣物覆盖,压灭火苗
【判断题】
工作人员进入反应器内部之前,应分析氧含量达19.5%~23.5%,有毒有害气体含量符合标准,设备外部有专人监护,并要求监护人与之保持经常的联系
【判断题】
佩戴空气呼吸器作业时,当空气呼吸器罐内压力低于2MPa,必须撤离危险区
【判断题】
生产经营单位制定的应急预案应当至少每三年修订一次,预案修订情况应有记录并归档
【判断题】
高心泵产生汽蚀时,除过済部件表面受到机械性质的破坏财以外,如果液体汽化时放出的气体有腐蚀作用.还会产生一定的化学性质破坏
【判断题】
有些裂解工艺产生的单体会自聚或爆炸,需要向生产的单体中加阻聚剂或稀释剂等
【判断题】
生产经营单位未制定应急預案,导致事故救援不力或者造成严重后果的由县级以上安全生产监督管理部门依照有关法律、法规和规章的规定,责令停停产停业整顿,并依法给予行政处罚
【判断题】
发生人员中毒、窒息的紧急情况抢救人员必须佩戴隔离式防护面具进入受限空间并至少有1人在受限空间外部负责联络工作
【判断题】
乙烯装置各系统在投用前要仔细检查导淋阀、安全阀的旁路是否已全部关闭