【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
推荐试题
【单选题】
“动中有静,静中有动”这句话说明了 ___
A. 物质和运动的统一
B. 绝对运动与相对静止的统一
C. 有限性与无限性的统一
D. 唯物主义与唯物主义的统一
【单选题】
关于意识的本质,唯心主义的错误在于 ___
A. 否认意识对物质的反作用
B. 夸大物质对意识的决定作用
C. 强调意识对物质的依赖关系
D. 否认意识对物质的依赖性
【单选题】
世界物质统一原理要求我们想问题、办事情必须 ___
A. 一切从群众意愿出发
B. 一切从已获得的经验出发
C. 一切从客观实际出发
D. 一切从理论原则出发
【单选题】
区别新旧事物的根本标志在于 ___
A. 是否受到多数人的拥护
B. 是否同历史发展的必然趋势相符合
C. 在形式上是否新奇
D. 出现时间的先后
【单选题】
矛盾的普遍性原理认为 ___
A. 事物发展过程的开始阶段只有差异,后来才有矛盾
B. 矛盾解决意味着矛盾终止
C. 矛盾只存在于事物发展的一定阶段
D. 矛盾存在于一切事物,贯穿于于一切事物发展过程的始终
【单选题】
辩证的否定是 ___
A. 事物的自我否定
B. 绝对的否定
C. 外力强加于事物的否定
D. 对事物的任意否定
【单选题】
矛盾是 ___
A. 事物内部或事物之间既对立又统一的关系
B. 对立面之间相互联系和转化的关系
C. 对立面之间的相互排斥、相互否定的关系
D. 主体和客体之间相互作用的关系
【单选题】
对立统一规律揭示了事物发展的 ___
A. 辩证形式
B. 趋势和道路
C. 不同状态和形式
D. 源泉和动力
【单选题】
质量互变规律揭示了事物发展的 ___
A. 辩证形式
B. 趋势和道路
C. 两种基本的状态和形式
D. 源泉和动力
【单选题】
“不积跬步,无以至千里,不积细流,无以成江河。”这段话说明了 ___
A. 质变是由量变引起的
B. 量变是由质变引起的
C. 质变和量变是相互渗透的
D. 量变在事物发展中是不起作用的
【单选题】
一个非常不错的成绩,然而,在一项环环相扣的连续不断的工作中,如果每个环节都打点折扣,最终得出的成绩就是不及格。”这里蕴含的辩证法道理是___
A. 肯定中包含否定
B. 量变引起质变
C. 必然性通过偶然性开辟道路
D. 可能和现实是相互转化的
【单选题】
“一刀切”的工作方法是 ___
A. 形而上学的方法
B. 相对主义的方法
C. 抓中心带动全盘的方法
D. 庸俗进化论的方法
【单选题】
“任何事物的存在和发展都是有条件的,一切以时间、地点、条件为转移。”这是一种___
A. 唯条件论观点
B. 外因论观点
C. 形而上学不变论观点
D. 唯物辩证法观点
【单选题】
发展的实质是 ___
A. 事物数量的增加或减少
B. 事物的简单重复和循环
C. 新事物的产生和旧事物的灭亡
D. 物体的位置移动或场所的变更
【单选题】
在量变过程中,事物呈现为 ___
A. 显著变化状态
B. 绝对静止状态
C. 相对静止状态
D. 飞跃状态
【单选题】
事物发展的两种基本状态是 ___
A. 肯定和否定
B. 量变和质变
C. 运动和静止
D. 同一和斗争
【单选题】
唯物辩证法和形而上学的根本分歧在于是否承认 ___
A. 事物之间的联系
B. 事物在联系中运动变化
C. 事物内部的矛盾性
D. 事物的客观实在性
【单选题】
辩证的否定就是扬弃,它是指 ___
A. 新的全盘抛弃旧的
B. 事物发展的连续性
C. 新事物对旧事物既批判又继承
D. 新事物对旧事物全盘继承
【单选题】
唯物辩证法的总观点和总特征是 ___
A. 运动变化的观点
B. 矛盾双方对立统一的观点
C. 联系和发展的观点
D. 运动和静止辩证统一的观点
【单选题】
唯物辩证法的实质和核心是 ___
A. 对立统一规律
B. 质量互变规律
C. 否定之否定规律
D. 普遍联系的规律
【单选题】
唯物辩证法认为,否定之否定的过程是 ___
A. 事物经过两次否定重新回到原来出发点的运动
B. 甲变乙,乙变丙,丙变丁的无穷发展
C. 事物经过两次否定达到自我发展、自我完善的过程
D. 事物在原有基础上的周而复始的循环
【单选题】
中国古代哲学家荀子说:“心不使焉,则白黑在前而目不见,雷鼓在侧而耳不闻。”这段话表明意识具有 ___
A. 客观性
B. 能动性
C. 对象性
D. 任意性
【单选题】
矛盾的基本属性是 ___
A. 普遍性和特殊性
B. 斗争性和同一性
C. 绝对性和相对性
D. 变动性和稳定性
【单选题】
“一把钥匙开一把锁”,这句话强调的是 ___
A. 要承认事物的客观性
B. 要承认事物运动的规律性
C. 要注重分析矛盾的普遍性
D. 要注重分析矛盾的特殊性
【单选题】
全盘否定中国传统文化的历史虚无主义,在哲学上是犯了 ___
A. 唯心主义先验论的错误
B. 经验论的错误
C. 形而上学否定观的错误
D. 激变论的错误
【单选题】
“旧唯物主义是半截子的唯物主义”,这是指 ___
A. 旧唯物主义是形而上学的唯物主义
B. 旧唯物主义在社会历史观上是唯心主义
C. 旧唯物主义是机械唯物主义
D. 旧唯物主义是割裂了运动与静止的辩证法
【单选题】
既是自然界与人类社会分化统一的历史前提,又是自然界与人类社会统一起来的现实基础,这指的是 ___
A. 运动
B. 实践
C. 精神生产
D. 物质生产
【单选题】
“沉舟侧畔千帆过,病树前头万木春。”“芳林新叶催陈叶,流水前波让后波。”这两句诗包含的哲学道理是 ___
A. 矛盾是事物发展的动力
B. 事物是本质和现象的统一
C. 事物的发展是量变和质变的统一
D. 新事物代替旧事物是事物发展的总趋势
【单选题】
度是 ___
A. 事物的质量和数量的界限
B. 事物保持其质的稳定性的数量界限
C. 事物保持其量的稳定性的范围
D. 事物发生变化的关节点
【单选题】
唯物主义哲学发展的三个基本历史形态是 ___
A. 形而上学唯物主义、庸俗唯物主义、辩证唯物主义
B. 古代朴素唯物主义、形而上学唯物主义、辩证唯物主义
C. 奴隶社会时期的唯物主义、封建社会时期的唯物主义、资本主义时期的唯物主义
D. 机械唯物主义、形而上学唯物主义、辩证唯物主义
【单选题】
哲学是 ___
A. 人们对各种具体事物的看法
B. 科学的世界观和方法论
C. 理论化、系统化的世界观
D. 辩证唯物主义和历史唯物主义义观点
【单选题】
哲学上的两大阵营是指 ___
A. 唯物主义和唯心主义
B. 辩证法和形而上学
C. 一元论和二元论
D. 可知论和不可知论
【单选题】
历史唯物主义的创立,使马克思主义哲学在内容上实现了 ___
A. 唯物主义和辩证法的统一
B. 唯物辩证的自然观和历史观的统一
C. 世界观和方法论的统一 D.理论和实践的统一
【单选题】
“人有多大胆,地有多大产;不怕办不到,就怕想不到;只要想得到,就能办得到。”这种说法从哲学上看是 ___
A. 坚持主观唯心主义的表现
B. 坚持客观唯心主义的表现
C. 坚持唯物辩证法的表现
D. 坚持形而上学否定观的表现
【单选题】
对哲学基本问题第一个方面内容的不同回答是 ___
A. 划分唯物主义和唯心主义的标准
B. 划分辩证法和形而上学的标准
C. 划分可知论和不可知论的标准
D. 划分辩证唯物主义和形而上学唯物主义的标准
【单选题】
对哲学基本问题第二个方面内容的不同回答是划分 ___
A. 唯物主义和唯心主义的标准
B. 辩证法和形而上学的标准
C. 可知论和不可知论的标准
D. 辩证唯物主义和形而上学唯物主义的标准
【单选题】
马克思主义认为,从实践的活动机制看,实践是___
A. 主体与客体通过中介相互作用的过程
B. 道德行为和政治活动
C. 科学实验
D. 生活、行为、现实、实事等感性活动
【单选题】
实践的主体是___
A. 绝对精神
B. 具有一定的主体能力、从事现实社会实践活动的人
C. 人
D. 人的意识
【单选题】
实践的客体是___
A. 绝对精神的对象化
B. 客观物质世界
C. 人的意识的创造物
D. 实践活动所指向的对象
【单选题】
“从群众中来,到群众中去”的过程,从认识论上看,就是___
A. 感性认识-理性认识-感性认识的过程
B. 认识-实践-认识的过程
C. 实践-认识-实践的过程
D. 理性认识-感性认识-理性认识的过程
