【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
推荐试题
【判断题】
轨道车、接触网作业车柴油机的冷却系统常采用风冷式系统
【判断题】
轨道车(接触网作业车)柴油机在冬天应选择低粘度润滑油,夏天应选择高粘度润滑油
【判断题】
机械传动轨道车(接触网作业车)的传动系统主要由离合器、变速器、万向传动装置、换向箱、车轴齿轮箱等组成
【判断题】
液力传动轨道车(接触网作业车)的传动系统主要由液力传动箱、变速器、万向传动装置和车轴齿轮箱等组成
【判断题】
摩擦式离合器的常见传动故障有离合器起步发抖、离合器打滑和离合器分离不彻底
【判断题】
万向传动装置是由万向节和可伸缩的传动轴组成。前者解决轴距变化的问题;后者解决角变化的问题
【判断题】
在齿轮传动中,随着传动比的增大,所传递的转矩减小,转速增大
【判断题】
车轴齿轮箱的润滑采用油泵供油和齿轮飞溅润滑相结合的方式
【判断题】
机械传动轨道车(接触网作业车)每行驶1000km后,其换向箱应更换润滑油
【判断题】
液力变矩器既可传递转矩,又可以改变矩的大小
【判断题】
液力偶合器在正常工作时,泵轮转速总是小于涡轮转速
【判断题】
非紧急情况下,按一定的速率使列车管减压来降低轨道车(接触网作业车)运行速度或将其停在规定地点施行的制动为紧急制动
【判断题】
在JZ-7型空气制动机施行紧急制动以后至少要经7s才能充气缓解
【判断题】
在JZ-7型空气制动机中,中继阀受自动制动阀的控制,直接操纵列车管压力的变化
【判断题】
轨道车(接触网作业车)制动主要采用空气制动和手制动两种制动方式
【判断题】
JZ-7型空气制动机随着手柄在制动区从左至右移动,制动缸的压强逐渐降低
【判断题】
JZ-7型空气制动机的单独制动阀在单独缓解位时,司机的手离开手柄时,可自动恢复到运转位
【判断题】
JZ-7型空气制动机的单独制动阀主要用于机车的单独制动与缓解,与列车的制动无关
【判断题】
空气制动的基本作用有:充风作用、制动作用和缓解作用
【判断题】
人力制动机产生的制动力比空气制动时的制动力要小得多,制动过程也很缓慢
【判断题】
轨道车(接触网作业车)出车前,副司机应按规定对车辆走行部、车钩及牵引装置、基础制动装置等进行全面检查
【判断题】
轨道车(接触网作业车)出车前,应由副司机按规定向轨道车运行控制设备(GYK)输入参数及运行揭示命令
【判断题】
轨道车(接触网作业车)运行中遇危及行车安全情况时,应使用紧急制动
【判断题】
连挂车辆时,相互连挂的两个车钩必须都处于全开位置
【判断题】
检查车钩高度时,车钩中心水平线距钢轨项面的高度应在815~890mm范围内
【判断题】
轨道车(接触网作业车)出车前,副司机应按规定对车辆走行部、车钩及牵引装置、基础制动装置等进行全面检查
【判断题】
轨道车(接触网作业车)未停稳前,严禁转换运行方向
【判断题】
轨道车(接触网作业车)收车后,应检查各部有无漏水、漏油、漏电和漏气现象,有无机件丢失
【判断题】
轨道车(接触网作业车)运行中,司机、副司机呼唤应答时,伸出大拇指和小指,表示正线通过
【判断题】
轨道车(接触网作业车)换端操纵时,需做自动制动机全部试验
【判断题】
目前,国内的轨道车与接触网作业车脱轨以后使用的复轨器主要为机械式复轨器
【判断题】
轨道车使用紧急制动后,必须检查轨道车及平车是否损坏,如存在危及行车安全的情况不能运行时,应立即设置防护并请求救援
【判断题】
机械传动轨道车运行中,司机需正确使用变速操纵,及时换挡,一般情况下不用低速挡高速行车
【判断题】
轨道车日常保养时,还应进行车钩三态作用试验,检查钩舌、钩销是否良好,大钩固定螺栓是否紧固
【判断题】
平车装载与加固中常见的“三重、一超、一落”事故是指超重、偏重、集重、超限、坠落
【判断题】
旁路制动按钮为自复位式按钮,按下该按钮,车辆实施制动;松开按钮,车辆缓解
【判断题】
作业车严禁长时间使用电热玻璃,以免蓄电池亏电,造成发动机下次启动困难
【判断题】
当柴油机或液力传动箱发生故障或车辆超速时,蜂鸣器将会发出声光报警信号,提醒司机注意
【判断题】
微机控制系统控制软件的主要功能包括数据采集、发动机转速控制、自动换档控制、安全防护、数据分析及重联控制等功能