【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
推荐试题
【单选题】
列车进路上的开始继电器KJ,在___后复原。
A. 第一个道岔区段解锁
B. 信号开放
C. 信号关闭
D. 最后一个道岔区段解锁
【单选题】
ZP.Y2-18型移频自动闭塞轨道电路在晴天做分路试验,用0.06Ω电阻线分路时,在接收盘的“接入”孔上测试,一般电压为几十毫伏,最大不应超过___。
A. 90mV
B. 100mV
C. 110mV
D. 120mV
【单选题】
___调车信号机按钮可兼做列车进路的变通按钮。
A. 单置、差置
B. 并置、差置
C. 并置
D. 单置、差置、并置
【单选题】
差置调车信号机ZJ的电路中1LJ和2LJ接点的作用是___。
A. 实现进路锁闭
B. 防止调车尾追列车
C. 检查敌对进路未建立
D. 防止同时向无岔区段调车
【单选题】
当出站信号机有两个发车方向且向主要线路发车时,___吸起。
A. ZXJ 主信号继电器.
B. XFJ 信号辅助继电器.
C. LXJ和ZXJ
D. ZXJ、XFJ、LXJ
【单选题】
DX组合的KJ为 ___继电器。
A. JWXC-1700
B. JWXC-H340
C. JWJXC-1700
D. JZXC-480
【单选题】
6502电气集中,调车进路辅助开始继电器FKJ和终端继电器ZJ的励磁顺序是___。
A. FKJ先吸起
B. ZJ先吸起
C. 进路左边的先吸起
D. 进路右边的先吸起
【单选题】
6502大站电气集中,进路在接近锁闭状态,应能办理人工解锁,待信号关闭后,接车进路和正线发车进路延时___解锁。
A. 10s
B. 30s
C. 1min
D. 3min
【单选题】
在8网络线上用串接___前接点来实现对另一咽喉区没有建立迎面敌对进路的检查。
A. GJJ
B. ZCJ
C. SJ
D. ZJ
【单选题】
检查信号机开放可能性的网络线是___。
【单选题】
在进路遇有超限绝缘时,应把检查条件加在___。
A. QJJ电路,由9线检查
B. XJ电路,由11线检查
C. XJJ电路,由8线检查
D. XJ电路,由7线检查
【单选题】
信号辅助继电器的工作网络是___网络线。
【单选题】
500型万用表表盘符号含义A-V-Ω表示可测量___。
A. 电压和电阻
B. 电流和电压
C. 电流、电压及电阻
D. 功率、电压及电阻
【单选题】
500型万用表表盘符号含义45-65-1000Hz表示___。
A. 使用频率范围为1000Hz以下,工作电压为45V~65V
B. 使用频率范围为1000Hz以上,工作电压为45V~65V
C. 使用频率范围为1000Hz以下,标准工频范围为45Hz~65Hz
D. 使用频率范围为1000Hz以上,标准工频范围为45Hz~65Hz
【单选题】
500型万用表表盘符号含义2000Ω/V/DC表示___。
A. 直流挡的量限为2000V
B. 交流挡的量限为2000V
C. 直流挡的灵敏度为2000Ω/V
D. 交流挡的灵敏度为2000Ω/V
【单选题】
对功率放大电路的最基本要求是___ 。
A. 输出信号电压大
B. 输出信号电流大
C. 输出信号电压和电流均大
D. 输出信号电压大,电流小
【单选题】
排进路过程中,道岔转换时,如有车辆驶入道岔区段,因道岔控制电路___的极性接点能保持不动,所以道岔能继续转换到底。
A. 1DQJ
B. 1DQJ保持吸起和2DQJ
C. 2DQJ
D. 1DCJ和2DCJ
【单选题】
场间联络线两端设接车进路信号机时,必须使股道上的发车进路信号机所防护的进路长度等于或大于___,否则不准设置接车进路信号机。
A. 400m
B. 800m
C. 1000m
D. 1200m
【单选题】
在SJ电路中,FDGJ接点的作用是___。
A. 防止闪白光带
B. 防止轻型车跳动时错误解锁
C. 检查QJJ电路完整
D. 实现区段锁闭
【单选题】
在有两个发车口的车站往主要发车口发车时,为了防止出站信号机开放一个绿灯前有先闪一下两个绿灯的现象,电路中采用的安全措施是___。
A. LXJ先于ZXJ吸起
B. LXJ先于XFJ吸起
C. ZXJ先于XFJ吸起
D. ZXJ先于LXJ吸起
【单选题】
排一条发车进路需按压___按钮。
A. 1个
B. 2个
C. 2至3个
D. 4个
【单选题】
6502电气集中在办理取消进路和人工解锁时,___在进路未解锁前一直保持吸起。
A. ZQJ
B. ZRJ
C. QJ
D. LAJ
【单选题】
6502电气集中在排列进路过程中,进路始端按钮表示灯在___熄灭。
A. 进路锁闭后
B. XJ吸起后
C. 方向电源无电后
D. 选路完毕后
【单选题】
6502电气集中调车XJJ在___时,XJJ1-2线圈自闭电路接在8网络线上。
A. JYJ落下、QJ吸起
B. JYJ吸起
C. XJ吸起
D. QJ落下
【单选题】
6502电气集中在12线上串接QJJ第二组接点其作用是___。
A. 防止提前解锁
B. 防止道岔中途转换
C. 防止迂回电流
D. 保证供电
【单选题】
办理人工解锁时,QJ的落下时机是___。
A. KF-ZQJ-Q无电→QJ↓
B. 1RJJ↑→QJ↓
C. XJJ↓→QJ↓
D. KZ-RJ-H无电→QJ↓
【单选题】
6502电气集中KJ复原的时机是___ 。
A. 进路内第一个道岔区段解锁后
B. 进路锁闭后
C. 信号开放后
D. 进路内所有的区段解锁后
【单选题】
接车方向的并置调车信号机作阻拦信号,此时ZJ吸起所检查的条件电源是 ___。
A. KF-DFJ-Q
B. KF-DJJ-Q
C. KF-列共-DJJ-Q
D. KF-共用-Q
【单选题】
用ZC-8型接地电阻测试仪测量接地电阻值时接线方式为___ 。
A. E端钮接5m导线,P端钮接20m线,C端钮接40m线
B. P端钮接5m导线,C端钮接20m线,E端钮接40m线
C. C端钮接5m导线,E端钮接20m线,P端钮接40m线
D. P端钮接5m导线,E端钮接20m线,C端钮接40m线
【单选题】
按压接车方向调车信号机按钮后可供下列电源中的___。
A. KZ-列共-Q
B. KZ-共用-Q
C. KF-DJJ-Q
D. KF-DFJ-Q
【单选题】
ZC-8型接地电阻测试仪测量接地电阻值时导线的另一端接线方式为___。
A. E、P、C端分别接被测物接地极Eˊ,电位探棒Pˊ和电流探棒Cˊ
B. E、P、C端分别接被电位探棒Eˊ,电流探棒Pˊ和测物接地极Cˊ
C. E、P、C端分别接被电流探棒Eˊ,电位探棒Pˊ和测物接地极Cˊ
D.
E. P、C端分别接被测物接地极Eˊ,电流探棒Pˊ和电位探棒Cˊ
【单选题】
进路排列表示灯电路中并接有四个方向继电器的第___接点。
【单选题】
ZPDJ型非电气化区段多信息移频轨道电路, 在调整状态下,受电端接收盒限入电压应不小于___,轨道电路应可靠工作。
A. 240mV
B. 250mV
C. 280mV
D. 290mV
【单选题】
5/72DCJ自动复原的条件是___ 。
A. 5/71SJ落下
B. 5/72SJ落下
C. KZ-ZQJ-H有电
D. KF-共用-Q有电
【单选题】
办理D3往IG的长调车进路时,有关的FKJ、KJ动作顺序应是___。
A. FKJ自左向右,KJ自右向左顺序吸起
B. FKJ、KJ均为自左向右顺序吸起
C. FKJ、KJ均为自右向左顺序吸起
D. FKJ自右向左,KJ自左向右顺序吸起
【单选题】
对于全波整流电路,整流系数为___。
A. 0.45
B. 0.65
C. 0.75
D. 0.9
【单选题】
变压器的满载测试是检验变压器的___。
A. 功率因数
B. 输出功率
C. 输出电压
D. 输出电流
【单选题】
___描述的只是空间每一点的磁场。
A. 磁感应强度
B. 磁通量
C. 磁场强度
D. 矫顽力
【单选题】
在振荡回路中,当外加电源的频率与回路固有振荡频率相同时所发生的现象,称为 ___ 。
