【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
推荐试题
【判断题】
闸板防喷器在2MPa低压试验时,其目的是检查闸板上部与壳体的密封。
【判断题】
手动锁紧装置只能关闭闸板而不能打开闸板。
【判断题】
环形防喷器只能封闭不同尺寸、圆形断面的钻具
【单选题】
液压闸板防喷器开井操作完毕后,应到___检查闸板是否全部打开。
A. 井口
B. 远程控制台
C. 司钻控制台
D. 控制箱
【单选题】
闸板防喷器手动锁紧后,___回旋1/4-1/2圈。
A. 不用
B. 必须
C. 无所谓
D. 看情况
【单选题】
在2SFZ35-35/70中,SF表示___。
A. 公称通径35cm
B. 额定工作压力35MPa
C. 手动防喷器
D. 下法兰规格70MPa
【单选题】
闸板防喷器的井压助封是指关闭闸板形成初始密封后,井压将分别对闸板总成产生___的推力,使密封效果更加良好。
A. 向下和向井口中心方向
B. 向上
C. 向井口中心方向
D. 向上和向井口中心方向
【单选题】
闸板防喷器的解锁过程:防喷器打开前,___旋转防喷器两侧顶丝达规定圈数(现场以实际测量圈数为准),直至解锁到位。
A. 顺时针
B. 逆时针
C. 先顺时针后逆时针
D. 先逆时针后顺时针
【单选题】
液压闸板防喷器的液控装置发生故障,无法进行关井时,可采用___关井。
【单选题】
环形防喷器按其胶芯的形状可分为___种。
【单选题】
环形防喷器能够密封___的管柱。
A. 不同尺寸、不同断面
B. 一定尺寸、不同断面
C. 不同尺寸、一定断面
D. 一定尺寸、一定断面
【单选题】
环形防喷器的开、关井动作是靠___是实现的。
A. 手动
B. 液压
C. 井压
D. 井压、液压
【单选题】
环形防喷器开井动作时,胶芯是靠自身___恢复原形、打开井口的。
A. 液压
B. 井压
C. 弹性
D. 液压、井压
【单选题】
环形防喷器在进行强行起下钻时能通过___度坡度对焊钻杆接头。
【单选题】
可进行封空井,又可封环空,并能起下钻的是___防喷器。
A. 单闸板式
B. 双闸板式
C. 液压闸板
D. 环形
【单选题】
环形防喷器处于封井状态时,___。
A. 只允许转动钻具而不许上下活动钻具
B. 只允许上下活动钻具而不许转动钻具
C. 既允许上下活动钻具也允许转动钻具
D. 既不允许上下活动钻具也不允许转动钻具
【单选题】
环形防喷器开启时,高压油从壳体上部油口进入活塞___开启腔,推动活塞下行实现开井。
【单选题】
FH28—35环形防喷器关井时间___秒。
A. 3-8
B. 5
C. 大于30
D. 小于30
【单选题】
___不宜长时间关井;为延长胶芯寿命,防喷演习时不进行封零。
A. 半封闸板防喷器
B. 全封闸板防喷器
C. 环形防喷器
D. 剪切闸板防喷器
【单选题】
在FH35–35/70中,前面的35表示___。
A. 公称通径346.1mm
B. 额定工作压力35MPa
C. 下法兰规格70MPa
D. 环形防喷器
【单选题】
在FH35–35/70中,后面的35表示___。
A. 公称通径346.1mm
B. 额定工作压力35MPa
C. 下法兰规格70MPa
D. 环形防喷器
【单选题】
远程控制台是制备储存液压油并控制液压油流动方向的装置。它由油泵、蓄能器、___、输油管线、油箱等元件组成。
A. 平板阀
B. 油嘴
C. 三位五通换向阀
D. 控制阀件
【单选题】
防喷器控制装置出厂时间满___年的要强制报废。
【单选题】
当远程控制台三位四通阀处于___位时,油箱管路与防喷器关闭油腔管路相通。
【单选题】
远程控制台储能器额定工作压力是___。
A. 7MPa
B. 10.5MPa
C. 21MPa
D. 35MPa
【单选题】
___摆放在距井口25m以远的地方。
A. 除气器
B. 远程控制台
C. 液控箱
D. 压井管汇
【单选题】
待命工况时远程控制台上控制环形防喷器的三位四通换向阀处于___。
A. 开位
B. 关位
C. 中位
D. 半开半关位
【单选题】
待命工况时远程控制台上控制半封闸板的三位四通换向阀处于___。
A. 开位
B. 关位
C. 中位
D. 半开半关位
【单选题】
___在系统中起着储存能量,稳定压力,减少功率消耗,补偿漏渗,吸收压力脉动、缓和冲击力等多种作用。
A. 三位四通换向阀
B. 压力控制器
C. 手动调压阀
D. 储能器
【单选题】
当远程控制台上的电泵气泵均发生故障,需要关井时可以用___,为液压系统充油。
A. 手压泵
B. 电动泵
C. 气动泵
D. 储备的氮气压力
【单选题】
如果远程制台蓄能器压力压力低于___MPa,压力控制器将自动启动电动油泵。
A. 17.5
B. 18.5
C. 10.5
D. 21
【单选题】
如果远程制台蓄能器压力压力达到___MPa时,压力控制器自动切断电源,使电动油泵停止供油。
A. 17.5
B. 18.5
C. 10.5
D. 21
【单选题】
3000psi是___MPa。
A. 17.5
B. 18.5
C. 10.5
D. 21
【单选题】
2500psi是___MPa。
A. 17.5
B. 18.5
C. 10.5
D. 21
【单选题】
远程控制装置压力继电器的调定值应为___MPa。
A. 17.5-21
B. 10.5-21
C. 8.4-2l
D. 7-21
【单选题】
远程控制装置三位四通换向阀所谓中位卸压,卸的是所对应的___压力。
A. 防喷器
B. 控制对象和液控管线
C. 蓄能器
D. 防喷器和控制管汇
【单选题】
远程控制装置通常___处于关位,当需要高于10.5MPa的压力油去控制防喷器时,才将其搬至开位。
A. 三位四通换向阀
B. 泄压阀
C. 旁通阀
D. 截止阀
【单选题】
远程控制装置中当三位四通阀处于___位时,液压油管路与防喷器的开油腔管路相通。
【单选题】
远程控制装置上的___用来将蓄能器与液压闸板防喷器供油管路直接连通或切断。
A. 安全阀
B. 泄压阀
C. 旁通阀
D. 三位四通转阀
【单选题】
___用来将蓄能器的高压油降低为防喷器所需的合理油压。
A. 安全阀
B. 泄压阀
C. 旁通阀
D. 减压阀
