【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
推荐试题
【多选题】
基坑(槽)的排水方法可分为___。
A. 集水井法
B. 排水沟法
C. 集水井抽水法
D. 明排水法
E. 人工降低地下水位法
【多选题】
人工降低地下水位的方法有:___
A. 轻型井点
B. 喷射井点
C. 管井井点
D. 深井泵
E. 电渗井点
【多选题】
模板工程的实施必须经过___。
A. 支撑杆的设计计算
B. 绘制模板施工图
C. 制订相应的施工安全技术措施
D. 编制操作规程
E. 现场勘察
【多选题】
扣件式钢管脚手架的钢管规格、间距、扣件应符合设计要求,每根立杆底部应设置___。
A. 底座
B. 垫板
C. 砖块
D. 石板
E. 水泥块
【多选题】
多层悬挑结构模板的立柱应符合下列那些要求?___
A. 连续支撑
B. 不小于二层
C. 不少于三层
D. 不小于四层
E. 不小于五层
【多选题】
模板的安装应符合___的相应规定。
A. 建筑机械使用安全技术规程
B. 组合钢模板技术规范
C. 大模板多层住宅结构设计与施工规程
D. 液压滑动模板施工技术规范
E. 施工现场临时用电安全技术规范
【多选题】
模板支撑用钢管不得使用的疵病有:___。
A. 表面有划道
B. 严重锈蚀
C. 严重弯曲
D. 压扁
E. 裂纹
【多选题】
建筑工程模板承受的活荷载标准值的种类有:___。
A. 施工人员及设备荷载
B. 振捣混凝土时产生的荷载
C. 风荷载
D. 倾倒混凝土时对垂直面板产生的水平荷载
E. 模板及其支架自重
【多选题】
吊运散装模板时,应符合下列要求___。
A. 放置于运料平台上
B. 码放整齐
C. 吊运
D. 待捆绑牢固后方可起吊
E. 有防碰撞措施
【多选题】
安装独立梁模板时应设安全操作平台,严禁操作人员有下列哪些行为?___
A. 站在独立梁底模操作
B. 站在支柱架上操作
C. 站在柱模支架上操作
D. 站在扶梯上操作
E. 在底模、柱模支架上通行
【多选题】
各类模板拆除的顺序和方法,应根据模板设计的规定进行。如果模板设计无规定时,应符合下列那些规定?___
A. 先支的后拆,后支的先拆
B. 先支的先拆,后支的后拆
C. 先拆非承重的模板,后拆承重的模板及支架
D. 先拆承重的模板
E. 后拆非承重的模板及支架
【多选题】
下列关于模板拆除的规定哪些是正确的?___
A. 拆除的模板必须随拆随清理
B. 拆模区应设警戒线
C. 拆摸时下方不能有人
D. 拆除的模板向下运送传递,要上下呼应
E. 为提高工作效率,可采取大片塌落的方法拆除
【多选题】
钢丝绳按捻制方向可分为___
A. 同向捻
B. 交互捻
C. 混合捻
D. 反向捻
E. 一致捻
【多选题】
钢丝绳的破坏原因主要有___
A. 截面积减少
B. 质量发生变化
C. 变形
D. 突然损坏
E. 连接过长
【多选题】
在起重安装工程中,广泛使用滑轮与滑轮组配合___等进行设备的运输与吊装工作。
A. 卷扬机
B. 地锚
C. 吊具
D. 索具
E. 桅杆
【多选题】
卡环可分为___。
A. 销子式
B. 骑马式
C. U型
D. 螺旋式
E. C型
【多选题】
起重吊装作业中使用的吊钩、吊环,其表面要光滑,不能有___等缺陷。
A. 剥裂
B. 刻痕
C. 锐角
D. 接缝
E. 裂纹
【多选题】
电动卷扬机的固定方法有___
A. 拖拉绳固定法
B. 固定基础法
C. 平衡重法
D. 地锚法
E. 自重固定法
【多选题】
常用的几种特制吊具主要有___
A. 三角架吊具
B. 可调杠杆式吊具
C. 起吊平放物体吊具
D. 四杆式吊具
E. 四杆机构吊具
【多选题】
几台千斤顶同时作业时,应注意的事项有___。
A. 同步移动
B. 动作一致
C. 保证同步顶升
D. 保证同步降落
E. 局部同步
【多选题】
手拉葫芦的适用范围包括:___
A. 起吊轻型构件
B. 拉紧扒杆的缆风绳
C. 起吊重型设备
D. 小型设备或重物的短距离吊装
E. 构件或设备运输时拉紧捆绑的绳索
【多选题】
下列关于履带式起重机安全使用的叙述,哪些是正确的?___
A. 行走道路坚实平整
B. 禁止斜拉
C. 禁止斜吊
D. 严禁起吊埋设在地下的重物
E. 严禁起吊凝结在地面上的重物
【多选题】
用大型吊车双机抬吊时,除选同型号规格的两台主吊车外,还应注意___。
A. 吊臂伸出长度相等
B. 吊臂的工作半径相等
C. 所用提升滑轮组相同
D. 跑绳长度相等
E. 所用吊索长度相等
【多选题】
桅杆滑移法吊装过程中,为了确保安全,应监测以下哪些变化?___
A. 桅杆垂直度
B. 缆风绳和地锚
C. 工件本体及吊点处
D. 吊索具
E. 主卷扬
【多选题】
滑轮按使用方法可分为___。
A. 导向滑轮
B. 平衡滑轮
C. 定滑轮
D. 动滑轮
E. 滑轮组
【多选题】
在桅杆滑移法吊装试吊过程中,发现有那些现象时,应立即停止吊装或者使工件复位,判明原因妥善处理,经有关人员确认安全后,方可进行试吊?___
A. 地锚冒顶、位移
B. 钢丝绳抖动
C. 设备或机具有异常声响、变形、裂纹
D. 桅杆地基下沉
E. 其他异常情况
【多选题】
地锚一般用___等做埋件埋入地下做成。
A. 钢丝绳
B. 钢管
C. 钢筋混凝土预制件
D. 圆木
E. 螺纹钢
【多选题】
下列关于汽车吊使用中的注意事项的叙述,哪些是正确的?___
A. 不能超载使用
B. 按照额定的起重量工作
C. 支腿支完应将车身调平并锁住
D. 支腿处必须坚实,必要时应铺垫道木
E. 六级风以上停止工作
【多选题】
采用移动式龙门桅杆吊装,当龙门架采用卷扬机牵引行走时,应遵守下列哪些规定?___
A. 卷扬机型号相同
B. 卷扬机型号可以不同
C. 同一侧的牵引索具选用一根钢丝绳做串绕绳
D. 不同一侧的牵引索具选用一根钢丝绳做串绕绳
E. 龙门架行走时速度不能大于0.05m/s
【多选题】
建筑拆除工程一般可分为___。
A. 人工拆除
B. 机械拆除
C. 爆破拆除
D. 民用建筑拆除
E. 工用建筑拆除
【多选题】
人工拆除建筑的___等构件,应与建筑结构整体拆除进度相配合,不得先行拆除。
A. 栏杆
B. 门窗
C. 楼梯
D. 屋面板
E. 楼板
【多选题】
下列关于爆破拆除的规定,哪些是正确的?___
A. 从事爆破拆除工程的施工单位,必须持有所在地有关部门核发的《爆炸物品使用许可证》
B. 爆破拆除设计人员应具有承担爆破拆除作业范围和相应级别的爆破工程技术人员作业证
C. 运输爆破器材时,必须向所在地有关部门申请领取《爆破物品运输证》
D. 爆破拆除的预拆除施工应确保建筑安全和稳定
E. 爆破拆除工程的设计和施工,必须按照GB6722—2004《爆破安全规程》有关爆破实施操作的规定执行
【多选题】
遇有下列哪些恶劣的气候条件影响施工安全时,严禁拆除作业?___
A. 大雪
B. 大雨
C. 浓雾
D. 四级(含)以上大风
E. 六级(含)以上大风
【多选题】
下列关于拆除工程安全防护措施的叙述哪些是正确的?___
A. 拆除施工采用的脚手架、安全网,必须由专业人员搭设
B. 拆除施工严禁高处作业
C. 拆除工程开工前,应根据工程特点、构造情况、工程量及有关资料编制安全施工组织设计或方案
D. 进入施工现场的人员,必须配戴安全带
E. 特种作业人员必须持有效证件上岗作业
【多选题】
下列关于拆除工程临时用电规定的叙述哪些是正确的?___
A. 夜间施工必须有足够照明
B. 电动机械和电动工具必须装设漏电保护器
C. 电动机械和电动工具保护零线的电气连接应符合要求
D. 产生振动的设备,其保护零线的连接点不应少于1处
E. 产生振动的设备,其保护零线的连接点不应少于2处
【多选题】
下列关于拆除工程文明施工的叙述哪些是正确的?___
A. 施工现场清运渣土的车辆应封闭或采用苫布覆盖
B. 施工现场区域内地下的各类管线,施工单位应在地面上设置明显标志
C. 应保证充足的消防水源,现场消火拴控制范围不宜小于100 m
D. 当遇有易燃、可燃物及保温材料时,严禁明火作业
E. 施工现场应设置不小于3.5m宽的消防车道并保持畅通
【多选题】
铲运机作业前应检查___以及各部滑轮等。
A. 钢丝绳
B. 轮胎气压
C. 铲土斗
D. 驾驶室
E. 卸土板回位弹簧
【多选题】
铲运机下坡时___。
A. 应低速行驶
B. 不得空档滑行
C. 不得转弯
D. 不得制动
E. 不得在档位上滑行
【多选题】
打桩机工作时,严禁___等动作同时进行。
A. 吊桩
B. 回转
C. 吊锤
D. 行走
E. 吊送桩器
【多选题】
混凝土搅拌机作业中不得___。
A. 加料
B. 检修
C. 调整
D. 加油
E. 加水
