【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
推荐试题
【单选题】
2012年7月27日至8月12日,第30届夏季奥林匹克运动会在伦敦举行。此交运动会,位列金牌榜前三位国家依次是 ___
A. 美国、中国、英国
B. 中国、美国、英国
C. 美国、中国、俄罗斯
D. 中国、美国、俄罗斯
【单选题】
2013年3月26日至27日,第五届金砖国家峰会在南非德班举行,此次会议主题是 ___
A. 展望未来,共享繁荣
B. 金砖2013:挑战与机遇
C. 金砖国家致力于稳定、安全和繁荣的伙伴关系
D. 金砖国家与非洲:致力于发展、一体化和工业化的伙伴关系
【判断题】
坚持公有制为主体,促进非公有制经济发展,统一于社会主义现代化建设的进行中。
【简答题】
如何正确理解坚持党的领导、人民当家作主和依法治国的有机统一?
【简答题】
我国独立自主和平外交政策的基本原则有哪些?
【简答题】
试述无产阶级政党的群众观点和路线的内容及其理论基础,并说明坚持群众路线的重要意义。
【单选题】
哲学与各门具体科学的关系是___
A. 普遍性与特殊性的关系
B. 整体与部分的关系
C. 绝对性与相对性的关系
D. 内容与形式的关系
【单选题】
“元气是万物的本原”,这是一种___
A. 形而上学唯物主义观点
B. 庸俗唯物主义观点
C. 朴素唯物主义观点
D. 主观唯心主义观点
【单选题】
宋朝画家文与可一年四季观察住宅周围竹子的变化,因而画出的竹子生动逼真,有诗云:“与可画竹时,胸中有成竹”。这一事实体现的哲学道理是___
A. 意识是人脑的机能
B. 意识是物质长期发展的产物
C. 物质是不依赖于意识的客观实在
D. 意识是人脑对客观世界的能动反映
【单选题】
唯物辩证法的总特征是___
A. 对立统一
B. 辩证否定
C. 量变与质变
D. 联系与发展
【单选题】
下列选项中,包含矛盾双方相互转化观点的是___
A. 乐极生悲,苦尽甘来
B. 冬去春来,夏尽秋至
C. 千里之行,始于足下
D. 电闪雷鸣,风来雨至
【单选题】
对我国的历史文化遗产要批判地继承,这种态度体现的哲学道理是___
A. 世界的物质统一性原理
B. 辩证否定的原理
C. 内因和外因关系的原理
D. 原因和结果关系的原理
【单选题】
有人认为只有写到书本上的理论才是真实可靠的,从而不顾实际情况,照搬书本上的教条,这在认识论上犯了类似于___
A. 经验论的错误
B. 唯理论的错误
C. 唯心主义先验论的错误
D. 直观被动反映论的错误
【单选题】
历史唯物主义认为,人类社会发展的历史归根到底是___
A. 阶级斗争发展史
B. 政治制度演变史
C. 生产劳动发展史
D. 宗教信仰变迁史
【单选题】
下列各项属于社会意识形态的是___
A. 政治思想
B. 自然科学
C. 语言学
D. 逻辑学
【单选题】
社会革命和改革的最深刻根源在于___
A. 生产力和生产关系之间的矛盾
B. 人口众多和资源贫乏之间的矛盾
C. 广大群众和少数统治者之间的矛盾
D. 剥削阶级和被剥削阶级之间的矛盾
【单选题】
下列各项中,属于技术社会形态系列的是___
A. 原始社会
B. 奴隶社会
C. 封建社会
D. 工业社会
【单选题】
在半殖民地半封建的中国,人民革命第一个和最凶恶的敌人是___
A. 帝国主义
B. 地主阶级
C. 封建军阀
D. 资本主义
【单选题】
毛泽东指出:“中国社会是一个两头小中间大的社会,无产阶级和地主大资产阶级都只占少数,最广大的人民是农民、城市小资产阶级以及其他的中间阶级。”这种状况决定了中国革命必须___
A. 坚持武装斗争
B. 坚持党的领导
C. 建立广泛的统一战线
D. 建立农村革命根据地
【单选题】
我国人民民主专政的主要基础是___
A. 工农联盟
B. 工、农和小资产阶级联盟
C. 工、农和民族资产阶级联盟
D. 工、农、小资产阶级和民族资产阶级联盟
【单选题】
在新民主主义社会中,居于领导地位的经济成分是___
A. 个体经济
B. 国家资本主义经济
C. 国营经济
D. 合作社经济
【单选题】
党在过渡时期总路线的主体是实现___
A. 国家的社会主义工业化
B. 对个体农业的社会主义改造
C. 对个体手工业的社会主义改造
D. 对资本主义工商业的社会主义改造
【单选题】
中国共产党对当代中国基本国情的科学判断是,我国正处在___
A. 新民主主义阶段
B. 社会主义初级阶段
C. 社会主义发达阶段
D. 社会主义高级阶段
【单选题】
党的十六大正式提出了___
A. 全面建设小康社会的目标
B. 构建社会主义和谐社会的目标
C. 建设生态文明的目标
D. 实现社会主义文化大发展大繁荣的目标
【单选题】
改革、发展、稳定三者是内在统一的,其中发展是___
【单选题】
进入新世纪我国对外开放发展到一个新的阶段,其标志是___
A. 2001年中国加入世界贸易组织
B. 从引进外资到广泛的国际合作
C. 从兴办经济特区到扩大内地开放
D. 全方位、多层次、宽领域对外开放格局的形成
【单选题】
混合所有制经济中的国有成分和集体成分属于___
A. 民营经济
B. 私有制经济
C. 公有制经济
D. 国家资本主义经济
【单选题】
事关全面建设小康社会大局,必须始终作为全党工作重中之重的是解决好___
A. 教育问题
B. 人口问题
C. “三农”问题
D. 环境问题
【单选题】
人民当家作主和依法治国的根本保证是___
A. 社会主义核心价值体系
B. 人民民主专政
C. 基层群众自治
D. 党的领导
【单选题】
人民代表大会制度是我国的根本政治制度,其组织原则是___
A. 求同存异
B. 解放思想
C. 民主集中制
D. 和平共处
【单选题】
深化文化体制改革,要坚持___
A. 一手抓经济建设,一手抓民主法制
B. 一手抓改革开放,一手抓惩治腐败
C. 一手抓物质文明建设,一手抓精神文明建设
D. 一手抓公益性文化事业,一手抓经营性文化产业
【单选题】
在社会主义核心价值体系中,民族精神的核心是___
A. 集体主义
B. 爱国主义
C. 国际主义
D. 为人民服务
【单选题】
构建社会主义和谐社会的工作方针是___
A. 坚持以人为本
B. 坚持科学发展
C. 坚持改革开放
D. 坚持民主法治
【单选题】
建设人才资源强国,必须坚持我国教育的___
A. 服务性质
B. 产业性质
C. 公益性质
D. 大众性质
【单选题】
苏东剧变以来,世界政治格局的发展趋势是___
A. 单极化
B. 多极化
C. 两极化
D. 全球化
【单选题】
中国坚持独立自主的和平外交政策,放在第一位的必须是___
A. 发展中国家的愿望
B. 全人类的共同福祉
C. 国家的主权和安全
D. 国家之间一律平等
【单选题】
我国外交政策的宗旨是___
A. 取长补短、求同存异
B. 尊重差异、包容多样
C. 和平共处、互利共赢
D. 维护世界和平、促进共同发展
【单选题】
台湾问题是___
A. 中日甲午战争遗留下来的问题
B. 中国内战遗留下来的问题
C. 殖民主义侵略中国遗留下来的问题
D. 第二次世界大战遗留下来的问题
