【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
推荐试题
【单选题】
通过旁分泌的方式抑制胰岛素分泌的激素是___
A. 抑胃肽
B. 肾上腺素
C. 生长抑素
D. 胰高血糖素
E. 皮质醇
【单选题】
胰高血糖素调节糖代谢的主要靶器官或靶组织是___
A. 肝
B. 肾
C. 骨骼肌
D. 脑组织
E. 心
【单选题】
下列哪种激素与水、钠代谢无关___
A. 氢化可的松
B. 醛固酮
C. 雌激素
D. 胰高血糖素
E. 抗利尿激素
【单选题】
调节胰高血糖素分泌最重要的因素是___
A. 血糖浓度
B. 血中氨基酸浓度
C. 胰岛素分泌量
D. 生长抑素分泌量
E. 生长激素分泌量
【单选题】
下列关于糖皮质激素作用的叙述错误的是___
A. 减弱机体对有害刺激的耐受
B. 促进蛋白质分解,抑制其合成
C. 分泌过多时可引起脂肪重新分布
D. 对保持血管对儿茶酚胺的正常反应有重要作用
E. 有一定的保钠排钾作用
【单选题】
糖皮质激素的作用有___
A. 促进肝组织蛋白质分解和葡萄糖的利用
B. 抑制肝内糖异生
C. 抑制脂肪分解
D. 使血糖降低
E. 使外周血液中红细胞、血小板和中性粒细胞增加,嗜酸性粒细胞和淋巴细胞减少
【单选题】
糖皮质激素升高血糖的机制是___
A. 减少糖异生
B. 抑制肝外组织的葡萄糖利用
C. 促进糖类转变为脂肪
D. 促进脂酸合成
E. 促进葡萄糖氧化
【单选题】
肾上腺皮质功能低下时出现的变化是___
A. 血容量减少
B. 血压升高
C. 血浆Na+浓度升高
D. 血浆K+浓度降低
E. 血容量增多
【单选题】
机体受到刺激而发生应激反应的系统是___
A. 下丘脑-腺垂体~肾上腺皮质系统
B. 下丘脑-神经垂体系统
C. 交感-肾上腺髓质系统
D. 迷走-胰岛素系统
E. 下丘脑-腺垂体-甲状腺系统
【单选题】
机体在发生应激反应时,血中浓度明显升高并起关键作用的激素是___
A. GHRH、GH
B. TSH、T3、T4
C. ACTH、 GC
D. 3 FSH、LH
E. ADH、OT
【单选题】
保钠排钾作用最强的肾上腺皮质激素是___
A. 皮质醇
B. 可的松
C. 皮质酮
D. 脱氧皮质酮
E. 醛固酮
【单选题】
下列有关醛固酮的叙话, 哪项是正确的___
A. 由肾上腺皮质束状带分泌的一种激素
B. 分泌调节的主要因素是AcTH
C. 肾素-血管紧张素系统对其分泌调节的作用极微
D. 血浆中Na+和K+浓度变化对其分泌的调节无作用
E. 作用是促进远曲 小管和集合管对Na+的主动重吸收,同时促进
【单选题】
引起醛固酮分泌的因素有___
A. 细胞外液渗透压升高
B. 严重失血后
C. 垂体功能低下
D. 垂体功能亢进
E. 血钾降低
【单选题】
关于ACTH分泌的调节,错误的是___
A. 受下丘脑促肾上腺皮质激素释放激素的调节
B. 受肾上腺皮质分泌糖皮质激素的反馈调节
C. 受醛固酮的反馈调节
D. 受下丘脑-垂体-肾上腺皮质轴调节
E. 有与光照无关的日周期变化
【单选题】
以IP3和 DG作为第二信使的激素是___
A. 肾上腺素
B. 醛固酮
C. 促肾上腺皮质激素
D. 甲状腺激素
E. 胰岛素
【单选题】
机体在遇到环境因素紧急变化时,即刻被调动的系统是___
A. 迷走-胰岛系统
B. 交感-肾上腺髓质系统
C. 下丘脑-神经垂体系统
D. 肾素-血管紧张素-醛固嗣系统
E. 下丘脑-腺垂体-甲状腺系统
【单选题】
关于肾上腺髓质的叙述,下列哪项是错误的___
A. 受交感神经节前纤维支配
B. 节前神经末梢释放乙酰胆碱
C. 神经递质作用于嗜铬细胞上的N型受体
D. 释放去甲肾上腺素为主
E. 在应急反应时激素释放增加
【单选题】
实验发现,糖皮质激素本身对血管平滑肌收缩并无直接影响,但缺乏糖皮质激素的动物注射去甲肾上腺素的缩血管效应显著低于正常对照动物。糖皮质激素与去甲肾上腺素之间的相互关系是___
A. 相加作用
B. 相减作用
C. 协同作用
D. 拮抗作用
E. 允许作用
【单选题】
女,40岁。闭经、溢乳半年,磁共振发现垂体1.5cmx1.0cm占位病变,需做激素检查。下列无助于诊断的检查是___
A. 泌乳素
B. 生长激素
C. 促肾上腺皮质激素
D. 血管升压素甲
E. 促甲状腺激素
【单选题】
26岁女性患者,因马术训练不慎跌落,导致头部严重挫伤,CT检查发现其垂体柄完全离断。推测其血浆中水平可能升高的激素是___
A. GH
B. OT
C. TSH
D. PRL
E.
F. SH
【单选题】
某患者因脑肿瘤浸润下丘脑室旁核,其所致分泌障碍的下列激素是___
A. LH
B. GH
C. PRL
D. ADH
E. ACTH
【单选题】
43岁男性患者就诊时发现,头、手、足均增大:呈鼻宽、唇厚、粗犷容貌;脊柱变形,体毛多并伴有乳房增大与泌乳现象。患者最可能发生病变的部位是___
A. 睾丸
B. 肾上腺
C. 腺垂体
D. 下丘脑
E. 神经垂体
【单选题】
9岁女童, 因确诊为体肿瘤而行放射性治疗,而后患儿的垂体功能完全丧失,其后将导致的功能显著变化将是___
A. 生长加速
B. 出现甲状腺肿
C. 性腺发育障碍
D. 血浆 ACTH水平升高
E. 血浆 TSH水平升高
【单选题】
25岁妇女就诊,主诉体重减轻,怕热,出汗过多和疲乏无力。体检发现甲状腺肿。化验检查,血中TSH和甲状腺激素浓度升高,但未检测到抗甲状腺抗体。推测符合这些症状的诊断很可能是___
A. Graves 病
B. 甲状腺激素抵抗
C. 甲状腺腺瘤
D. 5-脱碘酶缺乏
E. 分泌TSH的垂体瘤
【单选题】
女,27岁。多食、善饥、大便次数增多,体重下降1个月。经甲疏咪唑治疗1个月后。FT3、FT4 正常,TSH 0.01umol/ml。查体:P78次/分,BP120/60mmHg, 甲状腺Ⅲº肿大,左侧明显气管右偏。患者拟行甲状腺手术治疗,术前准备应选择的药物是___
A. 左甲状腺素钠
B. 普萘洛尔
C. 糖皮质激素
D. 丙硫氧嘧啶
E. 复方碘溶液
【单选题】
甲状腺切除术后半年,患者出现乏力、便秘、怕冷、体重增加,最可能需要的治疗药物是___
A. 左甲状素钠
B. 普萘洛尔
C. 糖皮质激素
D. 内硫氧嘧啶
E. 复方碘溶液
【单选题】
甲状腺功能减退症患者有严重的智力低下、聋哑,估计其甲状腺功能减退始于___
A. 胎儿期或新生儿期
B. 3~5岁
C. 6~10岁
D. 11~17岁
E. 18岁以后
【单选题】
某男性患者,因甲状腺手术不当损伤甲状旁腺十余天,其可能出现的变化是___
A. 低血钙、低血磷,全身僵直
B. 低血钙、低血磷,手足抽搐
C. 低血钙,肌兴奋增强,手足抽搐
D. 高血钙、高血磷,骨基质脱钙
E. 高血钙,肌兴奋增强,骨基质脱钙
【单选题】
符合甲状旁腺功能亢进症的实验室检查结果是___
A. 高血钙、高血磷和低尿钙
B. 高血钙、低血磷和低尿钙
C. 低血钙、低血磷和高尿钙
D. 高血钙、低血磷和高尿钙
E. 低血钙、高血磷和高尿钙
【单选题】
某患者低钙饮食约两月余,可能引起的变化是___
A. 减少小肠上皮细胞钙结合蛋白量
B. 促进24,25-二羟维生素D3合成
C. 提高血磷水平
D. 升高血浆降钙素水平
E. 刺激甲状旁腺激素分泌
【单选题】
女性,45岁。脸圆、变红1年,体重增加、月经稀发6个月。查体: BP160100mmHg,向心性肥胖,皮肤薄,面部痤疮较多,下颌小胡须,全身毳毛增多。腹部、大腿根部可见宽大紫纹。血钾3. 3mmol/L,空腹血糖15.4mmol/L. 该患者最可能的诊断是___
A. 原发性醛固酮增多症
B. 原发性高血压
C. 女性男性化
D. 库欣综合征
E. 糖尿病
【单选题】
66女性,45岁。脸圆、变红1年,体重增加、月经稀发6个月。查体: BP160100mmHg,向心性肥胖,皮肤薄,面部痤疮较多,下颌小胡须,全身毳毛增多。腹部、大腿根部可见宽大紫纹。血钾3. 3mmol/L,空腹血糖15.4mmol/L. 该患者最可能的诊断是库欣综合征,为明确诊断,该患者首先要做的检查是___
A. 促肾上腺皮质激素、皮质醇
B. 肾素、醛固酮
C. 催乳素
D. 尿绒毛膜促性腺激素
E. 肾上腺素
【单选题】
肾上腺皮质功能低下的患者,排除水分的能力大为减弱,可出现“水中毒”,补充下列哪种激素可缓解症状___
A. 胰岛素
B. 糖皮质激素
C. 醛固酮
D. 肾上腺素
E. 胰高血糖素
【单选题】
患者长期大量使用糖皮质激素时,下列哪种变化正确___
A. 血中CRH增加
B. 血中ACTH减少
C. 血中TSH增加
D. 血中GH减少
E. 血中 PRL增加
【单选题】
某人因肾病长期大量用糖皮质激素治疗,患者不会因此而出现___
A. 血糖升高
B. 蛋白质合成增加
C. 面部和躯干脂肪增加
D. 红细胞、血小板增多
E. 淋巴细胞减少
【单选题】
下列关于消化道平滑肌生理特性的叙述正确的是
A. 兴奋性比骨骼肌高
B. 收缩缓慢
C. 对化学刺激不敏感
D. 自律性频率较高且稳定
E. 没有伸展性
【单选题】
消化道平滑肌基本电节律的产生主要由于___
A. Ca2*的跨膜扩散
B. K*的跨膜扩散
C. Na*的跨膜扩散
D. 生电性钠泵周期性变化
E. H*的跨膜扩散
【单选题】
消化道平滑肌细胞的动作电位产生的离子基础是___
A. K*内流
B. Ca2*内流
C. Ca2*与K*内流
D. Na*与 K*内流
E. H*的内流
【单选题】
胃和小肠蠕动频率的决定性因素是___
A. 胃肠平滑肌动作电位频率
B. 胃肠平滑肌本身节律活动
C. 胃肠肌间神经丛活动水平
D. 胃肠平滑肌慢波节律
E. 胃肠平滑肌动作电位幅度
【单选题】
消化道平滑肌收缩的强度主要取决于___
A. 慢波频率
B. 慢波的幅度
C. 动作电位的幅度
D. 动作电位的频率
E. 阈电位
