【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
推荐试题
【单选题】
防水闸门来水侧15-25米处,应加设一道挡物___
【单选题】
采用___管理顶板时,支架(柱)应有足够的支护强度,采空区中所有支柱必须回净。
【单选题】
中国特色社会主义事业总体布局是___战略布局是(B)。
A. “四位一体”;“四个全面”
B. “五位一体”;“四个全面”
C. “五位一体”;“五个全面”
D. “四位一体”;“四个全面”
【单选题】
党的十九大报告指出,坚持全面从严治党,必须以党章为根本遵循,把___摆在首位,思想建党和制度治党同向发力,统筹推进党的各项建设。
A. 党的政治建设
B. 党的作风建设
C. 党的组织建设
D. 党的思想建设
【单选题】
坚持反腐败无禁区、全覆盖、零容忍,坚定不移“打虎”、“拍蝇”、“猎狐”,___的目标初步实现,的笼子越扎越牢,的堤坝正在构筑,反腐败斗争压倒性态势已经形成并巩固发展。
A. 不敢腐、不能腐、不想腐
B. 不能腐、不敢腐、不想腐
C. 不想腐、不敢腐、不能腐
D. 不敢腐、不想腐、不能腐
【单选题】
坚决防止和反对___,坚决防止和反对宗派主义、圈子文化、码头文化,坚决反对搞两面派、做两面人。
A. 个人主义、享乐主义、自由主义、本位主义、好人主义
B. 个人主义、分散主义、山头主义、本位主义、好人主义
C. 个人主义、分散主义、自由主义、本位主义、好人主义
D. 个人主义、分散主义、自由主义、本位主义、享乐主义
【单选题】
增强党自我净化能力,根本靠强化___。
A. 党的自我监督、舆论监督
B. 党的自我监督、群众监督
C. 党的自我监督、司法监督
D. 党的自我监督、民主监督
【单选题】
推进___,建设覆盖纪检监察系统的检举举报平台。强化不敢腐的震慑,扎牢不能腐的笼子,增强不想腐的自觉,通过不懈努力换来海晏河清、朗朗乾坤。
A. 监察领域国家立法
B. 预防腐败国家立法
C. 反腐败国家立法
D. 廉政国家立法
【单选题】
十九大报告提出,全面从严治军,推动___根本性转变,提高国防和军队建设法治化水平。
A. 治军方式
B. 强军方式
C. 强军路径
D. 治军路径
【单选题】
十九大报告指出,用新时代中国特色社会主义思想武装全党。要把___作为党的思想建设的首要任务。
A. 坚定理想信念
B. 树立马克思主义世界观
C. 树立无产阶级价值观
D. 树立无产阶级人生观
【单选题】
深刻认识党面临的___的尖锐性和严峻性,坚持问题导向,保持战略定力,推动全面从严治党向纵深发展。
A. 精神懈怠危险、能力不足危险、脱离群众危险、消极腐败危险
B. 精神懈怠危险、封闭僵化危险、脱离群众危险、消极腐败危险
C. 精神懈怠危险、能力不足危险、官僚主义危险、消极腐败危险
D. 精神懈怠危险、能力不足危险、脱离群众危险、腐化堕落危险
【单选题】
党的___是党的根本性建设,决定党的建设方向和效果。
A. 思想建设
B. 政治建设
C. 组织建设
D. 制度建设
【单选题】
要尊崇党章,严格执行新形势下党内政治生活若干准则,增强党内政治生活的___。
A. 政治性、时代性、原则性、战斗性
B. 思想性、政治性、时代性、原则性
C. 政治性、思想性、时代性、原则性
D. 政治性、思想性、时代性、战斗性
【单选题】
坚决防止和反对___,坚决防止和反对宗派主义、圈子文化、码头文化,坚决反对搞两面派、做两面人。
A. 个人主义、享乐主义、自由主义、本位主义、好人主义
B. 个人主义、分散主义、山头主义、本位主义、好人主义
C. 个人主义、分散主义、自由主义、本位主义、好人主义
D. 个人主义、分散主义、自由主义、本位主义、享乐主义
【单选题】
___是中国共产党人的精神支柱和政治灵魂,也是保持党的团结统一的思想基础。
A. 共产主义远大理想和新时代中国特色社会主义共同理想
B. 共产主义远大理想和中国特色社会主义共同理想
C. 共产主义崇高理想和新时代中国特色社会主义共同理想
D. 共产主义崇高理想和中国特色社会主义共同理想
【单选题】
要坚持党管干部原则,___,把好干部标准落到实处。
A. 坚持立场坚定、素质过硬,坚持五湖四海、任人唯贤,坚持事业为上、公道正派
B. 坚持德才兼备、以德为先,坚持立场坚定、素质过硬,坚持事业为上、公道正派
C. 坚持德才兼备、以德为先,坚持五湖四海、任人唯贤,坚持立场坚定、素质过硬
D. 坚持德才兼备、以德为先,坚持五湖四海、任人唯贤,坚持事业为上、公道正派
【单选题】
要坚持无禁区、全覆盖、零容忍,坚持___,坚持受贿行贿一起查,坚决防止党内形成利益集团。
A. 重预防、强高压、长震慑
B. 重遏制、强高压、长震慑
C. 重遏制、不减压、长震慑
D. 重遏制、强高压、长威慑
【单选题】
党章就是党的根本大法,是全党必须遵循的___。
A. 总准则
B. 总规矩
C. 总纪律
D. 以上都是
【单选题】
我们党是靠革命理想和铁的纪律组织起来的马克思主义政党,组织严密、___是党的光荣传统和政治优势。
A. 纪律严明
B. 遵纪守法
C. 作风严谨
D. 民主集中
【单选题】
党的纪律是多方面的,但___是最重要、最根本、最关键的纪律。
A. 组织纪律
B. 经济纪律
C. 政治纪律
D. 工作纪律
【单选题】
维护中央权威,贯彻落实党的理论和路线方针政策,是___。
A. 政治纪律
B. 工作纪律
C. 群众纪律
D. 以上都是
【单选题】
党内___和组织生活都要讲政治、讲原则、讲规矩,不能搞假大空、不能随意化、平淡化,更不能娱乐化、庸俗化。
A. 政治生活
B. 工作生活
C. 家庭生活
D. 组织生活
【单选题】
对党绝对忠诚要害在___两个字,就是唯一的、彻底的、无条件的、不掺任何杂质的、没有任何水分的忠诚。
A. “全新”
B. “唯一”
C. “彻底”
D. “绝对”
【单选题】
严肃党内生活,最根本的是认真执行党的___,着力解决发扬民主不够,正确集中不够、开展批评不够、严肃纪律不够等问题。
A. 民主集中制
B. 少数服从多数
C. 批评与自我批评
D. 下级服从上级
【单选题】
《习近平关于严明党的纪律和规矩论述摘编》提出,要完善党内法规制定体制机制,注重党内法规同国家法律的衔接和协调,构建以___为根本、若干配套党内法规为支撑的党内法规制度体系,提高党内法规执行力。
A. 党章
B. 党内法规
C. 制度
D. 以上都不是
【单选题】
《习近平关于严明党的纪律和规矩论述摘编》提出,党纪就是红线,处分就是___。
【单选题】
《习近平关于严明党的纪律和规矩论述摘编》强调,从严治党,最根本的就是要使全党各级组织和全体党员、干部都按照___和党的各项规定办事。
A. 宪法
B. 行政监察法
C. 党内政治生活准则
D. 纪律处分条例
【单选题】
我们把严明政治纪律,组织纪律作为重要任务,严肃查处有令不行、有禁不止的行为,在查办违纪案件中重点审查违反___的问题,坚决维护党的团结统一。
A. 工作纪律、廉洁纪律
B. 群众纪律、工作纪律
C. 廉洁纪律、群众纪律
D. 政治纪律、组织纪律
【单选题】
党员领导干部要做学习党章、遵守党章的模范。各级领导干部要把学习党章作为___,走上新的领导岗位的同志要把学习党章作为(D),带头遵守党章各项规定。
A. 人生课、第一课
B. 自选课、第一课
C. 重要课、第一课
D. 必修课、第一课
【单选题】
各级领导干部要带头依法办事,带头遵守法律,始终对宪法和法律保持敬畏之心,牢固确立___不能触碰,法律底线不能逾越的观念,不要去行使依法不该由自己行使的权利,更不能以言代法、以权压法、徇私枉法。
A. 纪律高线
B. 规矩高线
C. 规矩规定
D. 法律红线
【单选题】
《习近平关于严明党的纪律和规矩论述摘编》强调,鱼和熊掌不可兼得,当官的就不要___,发财的就不要当官,这是两股道上的车。
【单选题】
党的最高理想和最终目标是实现___。
A. 共产主义
B. 中华民族伟大复兴
C. 发展先进生产力
D. “中国梦”
【单选题】
马克思列宁主义揭示了___,它的基本原理是正确的,具有强大的生命力。
A. 共产党执政规律
B. 工人阶级发展规律
C. 社会主义建设规律
D. 人类社会历史发展规律
【单选题】
在现阶段,我国社会的主要矛盾是___。
A. 阶级矛盾
B. 人民内部矛盾
C. 物质文化需要同落后的社会生产之间的矛盾
D. 人民日益增长的美好生活需要和不平衡不充分的发展之间的矛盾
【单选题】
坚持社会主义道路、坚持人民民主专政、坚持___、坚持马克思列宁主义毛泽东思想这四项基本原则,是我们的立国之本。
A. 中国共产党的领导
B. 改革开放
C. 以经济建设为中心
D. 建设社会主义强国
【单选题】
中国共产党领导人民发展社会主义民主政治。坚持___、人民当家作主、依法治国有机统一,走中国特色社会主义政治发展道路。
A. 党的领导
B. 物质生产
C. 精神文明建设
D. 发展经济
【单选题】
要以改革创新精神全面推进党的建设新的伟大工程,以党的政治建设为纲领,全面推进党的思想建设、组织建设、作风建设、___、制度建设。
A. 先进性建设
B. 反腐倡廉建设
C. 纯洁性建设
D. 纪律建设
【单选题】
党章总纲强调,要全面提高党的建设___水平。
A. 规范化
B. 科学化
C. 制度化
D. 正规化
【单选题】
坚持解放思想,实事求是,与时俱进,___。党的思想路线是一切从实际出发,理论联系实际,实事求是,在实践中检验真理和发展真理。
A. 求真务实
B. 艰苦奋斗
C. 执政为民
D. 开拓创新
【单选题】
“一切为了群众,一切依靠群众,从群众中来,到群众中去,把党的正确主张变为群众的自觉行动。”这是党章对___的表述。
A. 党的思想路线
B. 党的政治路线
C. 党的群众路线
D. 党的民主路线