【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
推荐试题
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,高压线路工作票许可分为调度直接许可和调度间接许可两种许可方式
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,经本单位批准允许单独巡视高压设备的人员,巡视高压设备时,可以进行其他工作,移开或越过遮栏
【单选题】
1. 驾驶舱及客舱温度由哪里调节___
【单选题】
前乘务员面板上有一个控制面板可调节每个区域温度,通常为多少度___
【单选题】
空气循环器失效时,什么可以使引气由相应的热交换器冷却?___
【单选题】
两个空调组件失效时,什么可以保证驾驶舱和客舱通风?___
A. 紧急冲压空气入口
B. 热空气活门
C. 调节空气活门
【单选题】
组件流量控制活门是:___
A. 气动操作电动控制
B. 电动操作气动控制
C. 自动控制
D. 人工控制
【单选题】
什么控制调节空气活门___
A. 组件控制器电动
B. 区域控制器气动
C. 区域控制器电动
【单选题】
温度调节是___
A. 由两个区域控制器及两个组件控制器控制
B. 由两个区域控制器及一个组件控制器控制
C. 由一个区域控制器及两个组件控制器控制
【单选题】
起飞和着陆期间冲压空气入口和出口折流板会关闭,下面哪种陈述正确___
A. 在起飞时自动关闭
B. 当推力手柄在或高于爬升卡位且轮速大于70kts
C. 着陆后速度低于70kts后15秒
【单选题】
区域控制器的通道1或2失效时___
A. 对区域温度调节没有影响
B. 对区域温度调节有影响
C. 区域温度控制在18度
D. 对应的区域温度调节丧失。
【单选题】
区域控制器的通道1和2失效时___
A. 温度调节在18度
B. 固定温度调节在24度
C. 固定温度在20度
【单选题】
组件控制器通道1和2失效时___
A. 组件出口温度由相应的防冰活门控制在1度到15度之间
B. 组件出口温度由相应的排气活门控制在12度±3度
C. 组件出口温度由相应的引气活门控制在12度±3度
【单选题】
增压系统是全自动的,由两个排气活门组成___
A. 每个活门有2个马达(一个自动,一个人工)
B. 每个活门有3个马达(两个自动,一个人工)
C. 每个活门有3个马达(一个自动,两个人工)
【单选题】
关于座舱压力控制的陈述哪个是正确的___
A. 在自动控制方式中一个控制器主用,另一个备用
B. 它使用两个完全不同的,独立的自动控制器
C. 它们进行自动座舱压力控制并为FCU产生信号
【单选题】
当冲压空气按钮调到ON位后,若压差小于1PSI时___
A. 排气活门驱动全开
B. 排气活门驱动至大约50%开
C. 排气活门驱动全关
【单选题】
自动增压控制如何工作___
A. 两套控制器一起工作
B. 一次只有一个控制器工作
【单选题】
着陆后多少秒排气活门完全打开以确保无剩余压差___
【单选题】
如果切断排气活门,应急冲压空气入口,电子设备通风舱外活门及组件流量控制活门,可以___
A. 按压水上迫降按钮
B. 按压冲压空气按钮
C. 按压排气活门按钮
【单选题】
客舱压差何时会出现琥珀色显示___
A. 压差小于等于0.3PSI或大于等于8.6PSI时
B. 压差小于等于-0.26PSI或大于等于8.85PSI时
C. 压差小于等于1PSI或大于等于8.9PSI时
【单选题】
若座舱高度在8800英尺和9550英尺之间,ECAM座舱压力页面会出现___
A. 数字显示闪亮
B. 指针和数字为琥珀色
C. 指针和数字为红色
【单选题】
安全活门何时打开___
A. 压差小于8.75PSI时
B. 压差小于等于8.6PSI时
C. 压差在8.75PSI和8.95PSI之间时
D. 压差超过8.95PSI时。
【单选题】
通风系统为哪些系统通风___
A. 航空电子设备和电瓶
B. 卫生间及厨房,组件舱
C. 以上A和B
【单选题】
货舱通风控制器有两个通道___
A. 通道1主用,通道2备用
B. 通道1备用,通道2主用
C. 1,2通道都主用
【单选题】
如空气循环机失效,组件以何种方式工作___
A. 热交换器冷却的方式工作
B. 没有影响正常工作
C. 由调节活门来工作
【单选题】
冲压空气开关何时使用___
A. 任何时候
B. 只有压差小于1PSI时
C. 只有压差大于1PSI时
【单选题】
空调组件流量按钮在ON时两套组件如何工作___
A. 自动且各自独立
B. 人工且各自独立
C. 自动,空调组件1主动,组件2随动
【单选题】
最大正常客舱高度为___
A. 8000英尺
B. 9550英尺
C. 14000英尺
【单选题】
冲压空气按钮设ON位,冲压空气活门将在哪种情况下打开___
A. 任何情况下
B. 假定未选择水上迫降
C. 压差小于1PSI,且未选择水上迫降
【单选题】
混合装置与谁连接___
A. 空调组件,应急冲压空气入口和低压地面空气入口
B. 空调组件和客舱空气
C. 空调组件,客舱空气,应急冲压空气入口和低压地面空气入口
【单选题】
当客舱冲压空气按钮设在ON位时,放气活门将___
A. 关闭
B. 每次都打开
C. 当压差小于1PSI时50%打开
D. 当压差小于1PSI时全部打开
【单选题】
当组件控制器1和2都失效,空调组件的出口温度由谁控制___
A. 空调组件旁通活门
B. 空调组件防冰活门
C. 空调组件流量控制活门
【单选题】
温度调节是由谁控制的___
A. 由一个区域控制器及两个组件控制器控制
B. 由一个区域控制器控制
C. 由两个组件控制器控制
【单选题】
经调节后的空气分配给___
A. 驾驶舱,货舱和客舱
B. 驾驶舱和客舱
C. 驾驶舱,航空电子舱和客舱
【单选题】
要看排气活门的位置,在ECAM的___
A. 空调页面
B. 引气页面
C. 客舱压力页面
【单选题】
着陆标高设置在自动位时,着陆标高数据从何处送至控制器___
A. 飞行控制组件
B. 大气数据惯性基准系统
C. 飞行管理引导系统
【单选题】
在ECAM客舱压力页面上,前排气活门何时变成琥珀色___
A. 飞行中打开超过95%
B. 在自动控制时失效
C. 以上A和B