【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
推荐试题
【单选题】
对不可知论最有力的驳斥是指出___
A. 外部世界是可以被人感知的
B. 人们能够透过现象揭示本质
C. 实践的成功能够证明认识正确
D. 感性认识可以上升到理性认识
【单选题】
马克思指出:“搬运夫和哲学家之间的原始差别要比家犬和猎犬之间的差别小得多,它们之间的鸿沟是分工掘成的。”这表明___
A. 人的聪明才智无先天区别
B. 人的聪明才智的大小主要取决于主观努力的程度
C. 人的聪明才智主要来源于后天实践
D. 人的聪明才智由人的社会政治地位决定
【单选题】
真理和谬误的界限在于___
A. 是否符合人的利益和愿望
B. 是否符合马克思主义
C. 是否正确地反映了客观事物的本质和规律
D. 是否为大多数人所接受
【单选题】
真理观上的相对主义,错误在于___
A. 夸大真理的相对性,否认真理的绝对性
B. 夸大真理的绝对性,否认真理的相对性
C. 只讲真理的客观性,否认真理的相对性
D. 认为关于同一对象真理性的认识只有一个
【单选题】
那种主张“天赋的才能”、“天生的心灵禀赋”的观点属于___
A. 唯心主义先验论
B. 旧唯物论的直观反映论
C. 唯物主义反映论
D. 辩证唯物论的能动反映论
【单选题】
在真理问题上坚持辩证法,就是要承认任何真理都是___
A. 客观性和主观性的统一
B. 主观性和相对性的统一
C. 客观性和绝对性的统一
D. 绝对性和相对性的统一
【单选题】
马克思主义认识论认为,真理的发展是一个___
A. 从主观真理走向客观真理的过程
B. 从局部真理走向全面真理的过程
C. 从相对真理走向绝对真理的过程
D. 从具体真理走向抽象真理的过程
【单选题】
人们认识世界的目的在于___
A. 发展个人的兴趣爱好
B. 实现对自身能力的改造
C. 满足人类的求知欲望
D. 实现对客观世界的改造
【单选题】
下列各项中,强调认识来源于实践的是___
A. 不积跬步,无以至千里
B. 蝉噪林愈静,鸟鸣山更幽
C. 不积小流,无以成江海
D. 近水知鱼性,近山识鸟音
【单选题】
马克思主义哲学认为,人们追求符合客观实际的科学认识,归根到底是为了___
A. 把握事物现象
B. 揭示事物本质
C. 追求自我实现
D. 改造客观世界
【单选题】
能动反映论区别于机械反映论的根本标志是___
A. 肯定思维能正确地反映存在
B. 认为认识过程是纯粹的观念创造
C. 肯定思维对存在的决定作用
D. 认为认识过程是反映和创造的统一
【单选题】
毛泽东在《实践论》中有一句话:“感觉只解决现象问题,理论才解决本质问题”,这句话说明___
A. 感性认识是微不足道的
B. 感性认识有待于发展到理性认识
C. 理性认识是唯一可靠的
D. 理性认识有待于深化为感性认识
【单选题】
在真理标准问题上坚持辩证法,就是要承认实践标准___
A. 既是抽象的又是具体的
B. 既是必然的又是偶然的
C. 既是普遍的又是特殊的
D. 既是绝对的又是相对的
【单选题】
“哲学家们只是用不同的方式解释世界,问题在于改变世界”的提出者是___
A. 黑格尔
B. 费尔巴哈
C. 马克思
D. 恩格斯
【单选题】
马克思主义认识论认为,认识的本质是___
A. 主体对客体的直观反映
B. 主体对客体的自由创造
C. 主体对客体的能动反映
D. 主体对客体的简单摹写
【单选题】
党的思想路线的核心是___
A. 一切从实际出发
B. 理论联系实际
C. 实事求是
D. 实践是检验真理的唯一标准
【单选题】
人类认识发展的根本动力是___
A. 兴趣爱好
B. 社会实践
C. 求知欲望
D. 好奇心理
【单选题】
任何真理都是具体的,包罗万象的真理是不存在的,这是因为真理具有___
A. 绝对性
B. 相对性
C. 全面性
D. 片面性
【单选题】
真理是没有阶级性的,在真理面前人人平等。这是因为___
A. 真理是绝对正确的,与人的阶级地位无关
B. 真理具有客观性,包含着不依赖于人和人的意识的客观内容
C. 真理具有相对性,是不断发展的
D. 真理是具体的,都有其适用的条件和范围
【单选题】
16世纪末,伽利略通过在比萨斜塔所做的自由落体实验,推翻了亚里士多德关于物体的降落速度与物体的重量成正比的说法。这件事说明___
A. 真理是对事物及其规律的正确反映
B. 真理是由相对真理走向绝对真理的过程
C. 实践是认识发展的动力
D. 实践是检验认识是否正确的唯一标准
【单选题】
与辩证唯物主义认识论相比较,旧唯物主义认识论有两个缺陷,一个是缺乏辩证法的观点,另一个是___
A. 缺乏实践的观点
B. 缺乏反映论的观点
C. 缺乏一元论的观点
D. 缺乏可知论的观点
【单选题】
与理性认识相比较,感性认识有两个特点,一个是直接性,另一个是___
A. 客观性
B. 能动性
C. 抽象性
D. 形象性
【单选题】
辩证唯物主义认识论首要的和基本的观点是___
A. 唯物论的观点
B. 辩证法的观点
C. 实践的观点
D. 可知论的观点
【单选题】
“感觉到了的东西,我们不能立刻理解它,只有理解了的东西才能更深刻地感觉它”,这句话表明___
A. 感性认识是微不足道的
B. 感性认识是认识的高级阶段
C. 理性认识是唯一可靠的
D. 理性认识是认识的高级阶段
【单选题】
一个完整的认识过程,需要经过两次飞跃。下列选项中属于第二次飞跃的是___
A. 调查研究,了解情况
B. 深入思考,形成理论
C. 精心安排,制定策略
D. 执行计划,付诸实践
【单选题】
一个完整的认识过程是___
A. 感觉—知觉—表象
B. 概念—判断—推理
C. 认识—实践—认识
D. 实践—认识—实践
【单选题】
作为真理的马克思主义是发展的、与时俱进的,这是因为真理具有___
A. 相对性
B. 能动性
C. 绝对性
D. 普遍性
【单选题】
检验认识的真理性,就是要检验人们的认识是否___
A. 与多数人的愿望和要求相符合
B. 与已被实践证明的理论相符合
C. 与客观事物及其规律相符合
D. 与党的路线方针政策相符合
【单选题】
感觉、知觉、表象是___
A. 感性认识的三种形式
B. 理性认识的三种形式
C. 社会心理的三种形式
D. 思想体系的三种形式
【单选题】
有人认为只有写到书本上的理论才是真实可靠的,从而不顾实际情况,死搬书本上的教条。这在认识论上犯了类似于___
A. 唯心主义先验论的错误
B. 直观被动反映论的错误
C. 唯理论的错误
D. 经验论的错误
【单选题】
一个完整的认识过程包括两次飞跃,其中第二次飞跃是___
A. 从概念到判断的过程
B. 从认识到实践的过程
C. 从判断到推理的过程
D. 从感觉到概念的过程
【单选题】
一个正确的认识需要多次反复才能完成,并且认识是永无止境的发展过程。这说明人类的认识是___
A. 感性和理性的统一
B. 理论和实践的统一
C. 正确和错误的统一
D. 有限和无限的统一
【单选题】
实践之所以成为检验真理的唯一标准是由___
A. 真理的主观性和实践的客观性所要求的
B. 真理的相对性和实践的决定性所预设的
C. 真理的属性和实践的功能所规定的
D. 真理的本性和实践的特点所决定的
【单选题】
爱迪生在发明电灯之前做了两千多实验,有个年轻的记者曾经问他为什么遭遇这么多次失败。爱迪生回答:“我一次都没有失败。我发明了电灯。这只是一段经历了两千步的历程。”爱迪生之所以说“我一次都没有失败”,是因为他把每一次实验都看作___
A. 认识中所获得的相对真理
B. 整个实践过程中的一部分
C. 对事物规律的正确反映
D. 实践中可以忽略不计的偶然挫折
【单选题】
中国工程院院士袁隆平曾结合自己的科研经历,语重心长地对年轻人说:“书本知识非常重要,电脑技术也很重要,但是书本电脑里面种不出水稻来,只有在田里才能种出水稻来。”这表明___
A. 实践是人类知识的基础和来源
B. 实践水平的提高有赖于认识水平的提高
C. 理论对实践的指导作用没有正确与错误之分
D. 由实践到认识的第一次飞跃比认识到实践的第二次飞跃更重要
【单选题】
霍金以其“黑洞理论”闻名于世,但他并未因此获诺贝尔奖。有诺贝尔委员会委员认为,原因在于霍金这一理论还没有得到验证;霍金也承认是因为他的黑洞蒸发还没有被观测或者被实验所证实。这说明___
A. 真理是具体的有条件的
B. 实践是认识的目的
C. 认识的真理性必须由实践检验
D. 世界是可以被认识的
【单选题】
太空科技助力“健康中国”。“天舟一号”上开展的太空干细胞实验,旨在更细致地解释人体干细胞定向分化为骨细胞的过程,该研究有助于老年人骨质疏松的治疗。医学科技的探索不局限于地球表面,也能在太空中开展,这表明___
A. 人类意识来源于客观对象,它不是无缘无故产生的
B. 真理最基本的属性是主观性,但需要依赖于客观实践
C. 实践是认识的基础,实践发展能为认识深化提供新条件
D. 掌握和运用系统优化的方法,才能促成认识的发展
【单选题】
“手推磨产生的是封建主的社会,蒸汽磨产生的是工业资本家的社会”,这句话揭示了___
A. 物质资料的生产方式是人类社会存在和发展的基础
B. 生产力决定生产关系,生产关系一定要适合生产力状况
C. 生产关系决定生产力,生产力一定要适应生产关系状况
D. 上层建筑一定要适应经济基础
【单选题】
社会历史观的基本问题是___
A. 生产力和生产关系的问题
B. 社会规律的客观性和主观能动性的关系问题
C. 社会存在和社会意识的关系问题
D. 唯物主义和唯心主义的斗争问题
