【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
推荐试题
【单选题】
正常足月妊娠脐带的平均长度是___
A. 40cm
B. 30cm
C. 55cm
D. 60cm
E. 70cm
【单选题】
小儿听觉发育完善的年龄大约在___
A. 2个月
B. 6个月
C. 1岁
D. 2岁
E. 4岁
【单选题】
一氧化碳与血红蛋白的亲和力要比氧与血红蛋白的亲和力大___
A. 200~300倍
B. 350~400倍
C. 450~500倍
D. 550~600倍
E. 1000倍以上
【单选题】
患者,男性,67岁,2型糖尿病,未正规治疗,近1周来发现尿频、尿急、尿痛,伴腰痛、低热。可能的原因是___
A. 急性肾炎
B. 肾盂肾炎
C. 慢性肾炎
D. 输尿管结石
E. 肾病综合征
【单选题】
初产妇,23岁,第二产程破膜后突然呛咳,烦躁,呼吸困难,随即昏迷,血压50/30mmHg。该产妇可能发生了___
A. 先兆子宫破裂
B. 胎盘早剥
C. 产时子痫
D. 羊水栓塞
E. 左心衰竭
【单选题】
患者,女性,29岁,甲状腺功能亢进行甲状腺大部切除术,术后2小时突然窒息,面部青紫,颈部切口下肿胀,其原因是___
A. 出血
B. 舌后坠
C. 甲状腺危象
D. 气管塌陷
E. 喉下神经损伤
【单选题】
氨中毒学说:肝性脑病主要发病机制是氨干扰大脑的___
A. 血液循环
B. 电解质平衡
C. 血氧供给
D. 水盐代谢
E. 能量代谢
【单选题】
患者,女性,46岁,腰麻下行阑尾切除术,术后发生尿潴留,其主要原因是___
A. 手术部位疼痛
B. 尿路结石
C. 不习惯卧床排尿
D. 神经损伤
E. 麻醉反应
【单选题】
正常新生儿应在出生后多长时间内排尿___
A. 8小时
B. 10小时
C. 24小时
D. 32小时
E. 48小时
【单选题】
发生心肌梗死的主要病理基础是___
A. 心肌需血量增加
B. 冠状动脉供血不足
C. 冠状动脉严重狭窄
D. 血氧供给不足
E. 劳累
【单选题】
妊娠期贫血最常见为___
A. 妊娠期贫血
B. 缺铁性贫血
C. 低色素性贫血
D. 巨幼细胞贫血
E. 再生障碍性贫血
【单选题】
下列临床表现中,甲亢和糖尿病共有的是___
A. 多食消瘦
B. 大便次数增多
C. 幻觉和燥狂
D. 四肢麻木感
E. 收缩压增高
【单选题】
以下叙述错误的是___
A. 原发性痛经生殖器官无器质性病变
B. 痛经可能与前列腺素分泌有关
C. 痛经可持续1~2天
D. 痛经多发于无排卵型功血
E. 痛经者可用解痉药
【单选题】
继发性腹膜炎最常见的致病菌是___
A. 白色念珠菌
B. 拟杆菌
C. 溶血性链球菌
D. 大肠埃希菌
E. 铜绿假单胞菌
【单选题】
急性肾功能衰竭少尿或无尿期常见的致死原因是___
A. 高磷血症与低钙血症
B. 低钠血症
C. 低氯血症
D. 高镁血症
E. 高钾血症
【单选题】
第一产程潜伏期延长指超___
A. 4小时
B. 8小时
C. 10小时
D. 12小时
E. 16小时
【单选题】
鹅口疮的病原体为___
A. 大肠埃希菌
B. 铜绿假单胞菌
C. 肺炎双球菌
D. 白色念珠菌
E. 溶血性链球菌
【单选题】
慢性肺炎的病程为___
A. <3个月
B. >1个月
C. <1个月
D. >3个月
E. 1~3个月
【单选题】
对热衰竭发生机制描述正确的是___
A. 体温调节中枢受损
B. 大量出汗致血容量不足
C. 散热不足
D. 脑组织充血水肿
E. 电解质紊乱
【单选题】
下列关于低血钾的病因不正确的是___
A. 长期不能进食
B. 急性肾功能衰竭
C. 严重呕吐,持续胃肠减压
D. 大量注射葡萄糖并与胰岛素合用
E. 碱中毒
【单选题】
正常新生儿每日共需热能量约___
A. 318~410kJ/kg
B. 358~420kJ/kg
C. 378~442kJ/kg
D. 418~502kJ/kg
E. 458~552kJ/kg
【单选题】
胚胎期造血最早出现在___
A. 卵黄囊
B. 淋巴结
C. 胸腺
D. 肝脾
E. 骨髓
【单选题】
损伤平面以下同侧肢体的运动和深感觉丧失,对侧肢体的痛觉和温度觉丧失称为___
A. 脊髓断裂
B. 脊髓挫伤
C. 脊髓休克
D. 脊髓圆锥损伤
E. 脊髓半切征
【单选题】
不属肺癌的分类为___
A. 鳞癌
B. 腺癌
C. 大细胞癌
D. 未分化的小细胞癌
E. 鳞腺癌
【单选题】
胆汁内的主要成分为___
A. 胆盐、磷脂酰胆碱、胆红素
B. 胆盐、磷脂酰胆碱、胆固醇
C. 胆盐、胆红素、胆固醇
D. 磷脂酰胆碱、胆红素、钙盐
E. 磷脂酰胆碱、胆固醇、钙盐
【单选题】
气性坏疽是属于___
A. 毒血症
B. 菌血症
C. 脓血症
D. 败血症
E. 脓毒败血症
【单选题】
脑干损伤瞳孔表现常是___
A. 一侧瞳孔散大,对光反射减弱
B. 双侧瞳孔散大,对光反射减弱或消失
C. 双侧瞳孔时大时小,对光反射消失,伴眼球运动障碍
D. 一侧瞳孔缩小,对光反射减弱或消失
E. 双侧瞳孔缩小,对光反射正常
【单选题】
新生儿排胎便的时间为___
A. 生后1~2天
B. 生后6小时内
C. 生后24小时内
D. 生后2~3天
E. 生后12小时内
【单选题】
有关急性胰腺炎患者尿淀粉酶与血清淀粉酶描述正确的是___
A. 两者同时下降
B. 尿淀粉酶先增高
C. 血清淀粉酶先增高
D. 尿淀粉酶下降
E. 尿淀粉酶持续下降
【单选题】
初乳的颜色为___
A. 淡黄色
B. 混浊淡白色
C. 混浊淡黄色
D. 黄色
E. 白色
【单选题】
门静脉和腔静脉之间的交通支不包括___
A. 食道胃底静脉交通支
B. 直肠下段、肛管交通支
C. 前腹壁交通支
D. 腹膜后交通支
E. 下腔静脉交通支
【单选题】
白细胞计数的正常值是___
A. 3.0×10~9.0×10/L
B. 4.0×10~10.0×10/L
C. 4.0×10~9.0×10/L
D. 3.0×10~10.0×10/L
E. 40×10~110×10/L
【单选题】
局麻药中毒出现严重惊厥,处理时选哪项药物较好___
A. 吗啡
B. 地西泮(安定)
C. 哌替啶
D. 异丙嗪
E. 苯巴比妥钠
【单选题】
患者,20岁,平时月经不规律,摸到腹部包块而就诊,查尿妊娠反应阳性,可听到胎心,宫底在脐耻之间,估计孕周为___
A. 8周末
B. 12周末
C. 14周末
D. 16周末
E. 20周末
【单选题】
新生女婴阴道少量出血,常见的原因是___
A. 外阴损伤
B. 膀胱炎
C. 雌激素撤退
D. 孕激素撤退
E. 血友病
【单选题】
烧伤面积的计算,中国九分法头颈面积为___
A. 9%
B. 7%
C. 8%
D. 11%
E. 4%
【单选题】
下面属于毛细支气管炎的主要病原菌的是___
A. 冠状病毒
B. 流感副病毒
C. 支原体
D. 呼吸道合胞病毒
E. 腺病毒
【单选题】
急性感染性多发性神经根炎最严重的后果是___
A. 吞咽困难
B. 呼吸肌麻痹
C. 肺部感染
D. 心力衰竭
E. 心肌炎
【单选题】
急性腹膜炎发生休克的主要原因是___
A. 剧烈疼痛
B. 麻痹性肠梗阻肠腔内积液
C. 腹膜吸收大量毒素,血容量减少
【单选题】
发热的原因是___
A. 营养不良
B. 缺乏成熟中性粒细胞
C. 缺氧
D. 应激反应
E. 体温调节中枢功能障碍
