【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
推荐试题
【单选题】
装配尺寸链的封闭环是( )。___
A. 精度要求最高的环
B. 要保证的装配精度
C. 尺寸最小的环
D. 基本尺寸为零的环
【单选题】
普通高速钢是()。___
A. 9W18Cr4V
B. W18Cr4V
C. W12Cr4V4Mo
D. W12Mo3Cr4V3N
【单选题】
宽V形块可以限制( )个自由度。___
【单选题】
机械加工工艺过程由工序、工步、工位、走刀和( )组成。___
【单选题】
在制造一个形状较复杂的箱体时,常采用的毛坯是( )。___
【单选题】
金刚石刀具非常适合切削()材料。___
A. 45钢
B. 低碳钢
C. 铸铁
D. 非金属材料
【单选题】
轴承座零件高度方向的主要基准通常选用( )。___
A. 底面
B. 轴承孔轴线
C. 上平面
D. 中间凸台面
【单选题】
对于形状复杂、重、大的铸锻件毛坯,往往进行( )。___
A. 直接找正
B. 划线找正
C. 夹具定位
D. 吸盘定位
【单选题】
刀具寿命最小的材料是()。___
A. 陶瓷
B. 硬质合金
C. 高速钢
D. 金刚石
【单选题】
夹具中确定夹紧力方向时,最好状况是力( )。___
A. 尽可能的大
B. 尽可能的小
C. 大小应适应
D. 无所谓
【单选题】
普通高速钢是()。___
A. 9W18Cr4V
B. W18Cr4V
C. W12Cr4V4Mo
D. W12Mo3Cr4V3N
【单选题】
()垂直于基面,与切削速度方向一致。___
A. 摩擦力
B. 背向力
C. 进给力
D. 主切削力
【单选题】
车刀的几何角度中,前角、后角、主偏角和( )是主切削刃上四个最基本的角度。___
A. 副偏角
B. 刃倾角
C. 刀尖角
D. 导程角
【单选题】
铣削速度取15m/min,刀具直径为80mm,则主轴转速应该为( )。___
A. ≈60r/min
B. ≈100r/min
C. ≈160r/min
D. ≈200r/min
【单选题】
铸件在加工后出现变形的原因是( )___
A. 热影响变形
B. 受力变形
C. 内应力消除变形
D. 系统变形
【单选题】
钢经加热淬火后获得的是( )组织。___
A. 马氏体
B. 奥氏体
C. 渗碳体
D. 珠光体
【单选题】
刃倾角可以用来控制切屑的( )。___
【单选题】
背吃刀量一般指工件上( )间的垂直距离。___
A. 待加工表面和过渡表面
B. 过渡表面和已加工表面
C. 已加工表面和待加工表面
D. 过渡表面中点和已加工表面
【单选题】
数控机床的主机(机械部件)包括:床身、主轴箱、刀架、尾座和( )。___
A. 进给机构
B. 液压系统
C. 冷却系统
D. 排屑系统
【单选题】
不可提高零件表面质量的方法是()___
A. 合理选择刀具材料
B. 合理选择刀具主偏角
C. 增大刀具的楔角
D. 合理选择切削液
【单选题】
在车削中,以两顶尖装夹工件,可以限制工件的( )自由度。___
【单选题】
碳素工具钢的含碳量是在( )之间。___
A. 0.65%~1.3%
B. 0.065%~0.13%
C. 6.5%~13%
D. 0.65‰~1.3‰
【单选题】
将若干个( )组合起来,就成为一个传动系统,称为传动链。___
A. 传动副
B. 机构
C. 齿轮传动
D. 带传动
【单选题】
把合理的工艺过程中的各项内容编写成文件用来指导生产,这种文件称为( )。___
A. 生产过程
B. 工艺规程
C. 工序
D. 工步
【单选题】
零件尺寸不要形成封闭的尺寸链。以下( )是选择开囗环的依据。___
A. 精度要求不高的
B. 简洁
C. 美观
D. 对称
【单选题】
旋转表面可以采用( )加工方案。___
【单选题】
( )不能通过改变工艺装备的方式加以改善。___
A. 加工精度
B. 加工误差
C. 制造成本
D. 经济精度
【单选题】
夹具中确定夹紧力方向时,最好状况是力( )。___
A. 尽可能的大
B. 尽可能的小
C. 大小应适应
D. 无所谓
【单选题】
切削层公称( )是指在给定瞬间,作用于主切削刃截型上2个极限点间的距离,单位为mm。___
A. 横截面积
B. 宽度
C. 厚度
D. 深度
【单选题】
切削加工中,( )指工件上已加工表面和待加工表面间的垂直距离。___
A. 背吃刀量
B. 切削速度
C. 进给速度
D. 切削层宽度
【单选题】
辅助支承是每加工( )工件要调整一次。___
【单选题】
金属材料在载荷作用下抵抗变形和破坏的能力叫( )。___
【单选题】
可以提高表面质量的方法是()。___
A. 减小副偏角
B. 减小前角
C. 增加刀尖圆弧半径
D. 减小主偏角
【单选题】
常用的夹紧机构中,对工件尺寸公差要求高的是( )机构。___
【单选题】
轴承座零件高度方向的主要基准通常选用( )。___
A. 底面
B. 轴承孔轴线
C. 上平面
D. 中间凸台面
【单选题】
以下刀具材料中,耐热性最高的是( )。___
A. 合金工具钢
B. 人造金刚石
C. 碳素工具钢
D. 陶瓷
【单选题】
退火用于( )钢铁在铸造、锻压和焊接过程中形成的残余应力以及开裂等各种组织缺陷。___
A. 改变
B. 改善或消除
C. 改善
D. 消除
【单选题】
尺寸链组成环中,由于该环减小使封闭环增大的环称为( )。___
【单选题】
成批生产中,夹具的使用特征是( )。___
A. 采用通用夹具
B. 广泛采用专用夹具
C. 广泛采用高生产率夹具
D. 极少采用专用夹具