【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
推荐试题
【单选题】
药物的鉴别实验是___
A. 判断药物真伪
B. 识别未知药物
C. 检查药物纯度
D. 验证药物疗效
【单选题】
对结构复杂.相互之间差异较小的药物进行区分,最适合采用的鉴别方法为___
A. UV
B. IR
C. TLC
D. HPLC
【单选题】
利用一般鉴别实验可以判断___
A. 一类药物的真伪
B. 一种药物的真伪
C. 药物的纯度
D. 药物的疗效
【单选题】
与吡啶-硫酸铜作用,生成绿色配位化合物的药物是___
A. 苯巴比妥
B. 异戊巴比妥
C. 司可巴比妥
D. 硫喷妥钠
【单选题】
巴比妥与吡啶硫酸铜作用,生成物的颜色为___
【单选题】
化学鉴别法是指供试品与规定为试剂发工化学反应,对药物进行定性分析,可观察的外观现象不包括的是___
A. 颜色
B. 沉淀
C. 产生气体或荧光
D. 固体熔化成液体
【单选题】
鉴别硫酸盐,下列不需要的试礼是___
A. 酷酸铅
B. 醋酸
C. 氯化钡
D. 氢氧化钠
【单选题】
药物中的杂质限量是指___
A. 药物中所含杂质的最小允许量
B. 药物中所含杂质的最大允许量
C. 药物中所含杂质的最佳容许量
D. 药物的杂质含量
【单选题】
药物中的重金属是指___
A. 在实验条件下能与硫代乙酰胺或硫化钠作用显色的金属杂质
B. 影响药物安全性和稳定性的金属离子
C. 原子量大的金属离子
D. Pb2+
【单选题】
重金属检查中,加入硫代乙酰胺时溶液控制最住的pH值是___
A. 1.5
B. 3.5
C. 7.5
D. 11.5
【单选题】
用古蔡氏法测定砷盐限量,对照管中加入标准砷溶液为___
A. 1ml
B. 2ml
C. 依限量大小决定
D. 依样品取用量及限量计算决定
【单选题】
检查某药品杂质限量时,称取供试品W(g),量取标准溶液V(m),标准溶夜浓度为C(g/ml),则该药的杂质限量(%)是___
A. VW/C×100%
B. CW/V×100%
C. VC/W×100%
D. W/CV×100%
【单选题】
中国药典检查药物中的残留有机溶剂采用的方法是___
A. 干燥失重测定法
B. 气相色谱法
C. 高效液相色谱法
D. 薄层色谱法
【单选题】
药典规定检查某药物中的砷盐时,取标准砷溶液2.0ml(每Iml相当于Iμg的As)制备标准砷斑,依规定方法进行检查,该药物中含砷量不得超过百万分之二,应称取该药物___
A. 2.0g
B. 1.0g
C. 0.5g
D. 1.5g
【单选题】
若炽灼残渣留作重金属检查,则炽灼温度应在___
A. 300℃~400℃
B. 400℃~500℃
C. 500℃~600℃
D. 700℃~800℃
【单选题】
对于易溶于水.稀酸和乙醇的药物,在检查其重金属限量时宜采用___
A. 第一法
B. 第二法
C. 第三法
D. 第四法
【单选题】
古蔡法检查砷盐时导气管中装入酷酸铅棉花是为了吸攻___
A. AsH3
B. SbH3
C. H2S
D. H2
【单选题】
对受热较稳定的药物进行干燥失重测定时,适宣选用的方法为___
A. 常压恒温干燥法
B. 干燥剂干燥法
C. 减压干燥法
D. 热分析法
【单选题】
药品质量标准中,收载外观.臭,味等内容的项目是___
A. 性状
B. 鉴别
C. 检查
D. 含量测定
【单选题】
测定某药物的比旋度,配制的供试品牵液的浓度是50.0mg/ml,样品管的长度为2dm,测得的旋光度为+4.25,则比旋度为___
A. +8.50
B. +42.5
C. +85.0
D. +16.25
【单选题】
溶解是指___
A. 溶质1g(ml)能在溶剂不到1ml中溶解
B. 溶质1g(ml)能在溶剂1~不到10ml中溶解
C. 溶质1g(ml)能在溶剂10~不到30ml中溶解
D. 溶质Ig(m1)能在溶剂30~不到100ml中溶解
【单选题】
药物性状其中常作为法定检利项目的是___
A. 溶解度
B. 嗅.味
C. 外观和物理常数
D. 一般稳定性
【单选题】
在同一个实验室,不同时间由不同分析人员用不同设备,对同一试样用同方法进行多次平行测定是验证___
A. 重复性
B. 准确度
C. 重现性
D. 中间精密度
【单选题】
在设计的范围内,测定响应值与试样中被测物浓度早比例关系的程度称为___
A. 准确度
B. 回收率
C. 精密度
D. 线性
【单选题】
反相高效液相色谱中,常用的固定相是___
A. 硅胶
B. 氧化铝
C. 十八烷基硅烷键合硅胶
D. 甲醇
【单选题】
中国药典旋光度测定法中,一般应在样品溶液配制后()内进行测定.___
A. 10分钟
B. 20分钟
C. 30分钟
D. 1小时
【单选题】
41对溶点低成受热分解的药物进行干燥失重测定时,适宜选用方法为___
A. 常圧恒温干燥法
B. 干燥剂干燥法
C. 减压干燥法
D. 热分析法
【单选题】
检查药物中的氯化物,以硝酸很作为沉定剂,加入稀销酸后,无法被消除干扰的离子是___
A. SO32
B. CO32
C. C2O42
D. Br-
【单选题】
用Asg0.试液作沉淀剂,检查药物中氯化物时,为了调整洛液适宜的酸度和排除某些阴离子的干扰,应加入一定量的___
A. 稀HNO3
B. Na0H试液
C. 稀H2S04
D. 稀HCI
【单选题】
检查重金属时,为消除供武液颜色的干扰,可加入___
A. 维生素C
B. 稀焦糖溶瘦
C. 碘化钾
D. 硫代硫酸钠
【单选题】
检查药物中重金属,Fe3+对第一怯有干扰,是因为在文验条件下Fe3+___
A. 与醋酸作用生成有色沉淀
B. 能还原H2S析出破沉淀
C. 水解生成氢氧化铁的红棕色沉淀
D. 能氧化H2S析出硫沉淀
【单选题】
《中国药典》(2015版)第法检查药物中的重金属杂质时,排除微量Fe3的方法是___
A. 加水稀释
B. 加入过量的H2S
C. 加碱使成Fe(OH)3沉淀
D. 加入维生素C
【单选题】
用古菜氏法检砷时,能与砷化氢气体产生砷斑的试纸是___
A. Pb(Ac)2试纸
B. HgBr2试纸
C. HgI2试纸
D. HgCl2试纸
【单选题】
古蔡氏检砷法中,加入氯化亚锡的目的是___
A. 防止碘化锌的氧化
B. 将As3+氧化为AS5+
C. 将As5+还原为As3+
D. 排除SO2气体的干扰
【单选题】
纯化水中检查酸碱度,采用的方法是___
A. 酸碱滴定法
B. 指示剂法
C. pH值测定法
D. 指示剂比色法
【单选题】
“恒重”是指供试品连续两次干燥或识灼后的重量差异小于或等于___
A. 0.04mg
B. 0.03mg
C. 0.3mg
D. 0.4mg
【单选题】
鉴别水杨酸及其盐类,最常用的试液是___
A. BaCl2
B. AgNO3
C. FeCl3
D. NaNO2
【单选题】
检查网司匹林中的游离水杨酸,《中国药典》现行成采用的方法是___
A. UV
B. TLC
C. FeCl3比色法
D. HPLC
