【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
推荐试题
【判断题】
在预计水压大于0.1MPA的地点探水时,要预先固结套管,套管口安装闸阀。
【判断题】
煤炭企业、煤矿应当编制本单位防治水中长期规划(5年)和年度计划,并组织实施。煤矿防治水应当做到“一矿一策、一面一策”,确保安全技术措施的科学性、针对性和有效性。
【判断题】
原则上不在煤层中探放水压高于1MP A的陷落柱水。
【判断题】
水文地质类型复杂、极复杂的煤矿,还应当设立专门的防治水机构、配备防治水副总工程师。
【判断题】
小型煤矿发生60m3/h以上的突水,应当将突水情况及时上报所在地煤矿安全监察机构和地方人民政府煤炭行业主管部门。
【判断题】
当矿井水文地质条件尚未查清时,应当进行水文地质补充勘探工作。在水害隐患情况未查明或者未消除之前,可以进行采掘活动。
【判断题】
煤炭企业、煤矿应当对井下职工进行防治水知识的教育和培训,对防治水专业人员进行新技术、新方法的再教育,提高防治水工作技能和有效处置水灾的应急能力。
【判断题】
矿井应当建立水文地质信息管理系统,实现矿井水文地质文字资料收集、数据采集、台账编制、图件绘制、计算评价和水害预测预报一体化。
【单选题】
《中华人民共和国中华人民共和国公务员法》于___年施行。
A. 1993
B. 2005
C. 2006
D. 1995
【单选题】
《中华人民共和国公务员法》于___年经全国人民代表大会常务委员会通过颁布。
A. 1993
B. 2005
C. 2006
D. 1995
【单选题】
根据《中华人民共和国公务员法》第十六条规定,公务员职务分为领导职务和非领导职务。其中综合管理类领导职务层次有___个。
【单选题】
《中华人民共和国公务员法》规定,公务员非领导职务层次在___以下设置。
A. 省部级
B. 厅局级
C. 县处级
D. 乡科级
【单选题】
在行政执法过程中,公务员的各类行为必须有法律依据,依照规定的___认真履行职责,努力提高工作效率。
A. 权力
B. 程序
C. 权限
D. 权限和程序
【单选题】
公务员的职务应当对应相应的级别,目前我国公务员级别有___个。
【单选题】
根据《中华人民共和国公务员法》,___有权对具有职位特殊性,需要单独管理的,可以增设其他职位类别。
A. 全国人大
B. 国务院
C. 全国政协
D. 中共中央
【单选题】
国家根据公务员___设置公务员职务序列。
A. 级别层次
B. 职位类别
C. 领导与非领导职务
D. 职能要求
【单选题】
划分行政执法类职位,有利于为基层执法公务员提供职业发展空间。这个职业发展主要有职务晋升和___晋升两条通道。
A. 级别
B. 工资档次
C. 行政级别
D. 非领导职务
【单选题】
下列哪个部门不属于公务员主管部门。___
A. 上海市人力资源和社会保障局
B. 上海市委组织部
C. 上海市人力资源和社会保障局组织人事处
D. 上海市公务员局
【单选题】
___
A. 王斌,28周岁,研究生学历,患精神分裂症
B. 徐红梅,17周岁,身体健康,具有良好品行
C. 张华华,美籍华人,拥护中华人民共和国宪法
D. 赵小琴,22周岁,身体健康,大专毕业
【单选题】
根据《中华人民共和国公务员法》规定,新考试录用的行政执法类公务员试用期为___。试用期满合格的,予以任职;不合格的,取消录用。
A. 半年
B. 1年
C. 1.5年
D. 三个月
【单选题】
对行政执法类公务员的考核,要全面考核公务员的德.能.勤.绩.廉,重点考核___
【单选题】
对于行政执法类公务员考核可以分为平时考核和定期考核,定期考核的结果分为___
A. 优秀.良好.合格.基本合格和不及格
B. 优秀.良好.称职.基本称职和不称职
C. 优秀.合格.基本合格和不合格
D. 优秀.称职.基本称职和不称职
【单选题】
小王在某市一个行政执法部门工作,你认为下列哪项不属于他所享受的权利___
A. 小王不满上级给予的处分,提出申诉和控告
B. 非因法定事由.法定程序不被免职.降职.辞退或处分
C. 小李因个人原因向所在单位申请辞职
D. 公务员非经所在地人大许可不受公安机关逮捕
【单选题】
行政执法类公务员晋升职务,特别优秀的或者工作特殊需要的,可以按照规定___
A. 逐级晋升
B. 破格晋升职务
C. 破格或者越一级晋升职务
D. 越一级晋升职务
【单选题】
初任培训是对新录用公务员进行的培训,培训内容主要包括政治理论.依法行政.公务员法和公务员行为规范.机关工作方式方法等基本知识和技能,重点提高新录用公务员适应机关工作的能力。初任培训应当在试用期内完成,时间不少于___
A. 10天
B. 12天
C. 15天
D. 20天
【单选题】
我国《公务员培训规定(试行)》规定,下列说法正确的是___
A. 没有参加初任培训或培训考试.考核不合格的新录用公务员,不能任职定级
B. 任职培训应当在公务员任职前或任职后半年内进行
C. 专业性较强的机关不可以自行组织初任培训
D. 政府人事部门主管本辖区公务员培训工作
【单选题】
机关内设机构___以下领导职务出现空缺时,可以在本机关或者本系统内通过竞争上岗的方式,产生任职人选。
A. 乡科级正职
B. 县处级正职
C. 厅局级正职
D. 厅局级副职
【单选题】
行政执法类公务员在定期考核中被确定为不称职的,按照规定程序___
A. 暂缓晋职
B. 维持原职务层次任职,但降低一级工资档次
C. 视情况确定降级或者降职
D. 降低一个职务层次任职
【单选题】
行政执法类公务员定期考核的结果应当以___通知公务员本人。
A. 书面方式
B. 口头方式
C. 书面或口头方式
D. 公示方式
【单选题】
根据《中华人民共和国公务员法》规定,行政执法类公务员的最高奖励是___
A. 嘉奖
B. 记一等功
C. 记三等功
D. 授予荣誉称号
【单选题】
行政执法类公务员受降级.撤职的期限是___
A. 24个月
B. 12个月
C. 18个月
D. 降级18个月,撤职24个月
【单选题】
机关根据公务员工作职责的要求和提高公务员素质的需要,对公务员进行分级分类培训。机关对新录用人员在试用期内进行的培训是___
A. 专门业务培训
B. 任职培训
C. 初任培训
D. 更新知识培训
【单选题】
国家实行公务员交流制度。公务员可以在公务员队伍内部交流,也可以外部交流。下列哪个部门中从事公务的人员交流不属于公务员交流范围___
A. 国有企业
B. 事业单位
C. 群众团体
D. 私有企业
【单选题】
公务员对机关的交流决定___
A. 应当服从
B. 可提出异议
C. 可申请复议
D. 可拒绝执行
【单选题】
公务员在不同职位之间转任应当具备拟任职位所要求的资格条件,在规定的___内进行。
A. 职位范围
B. 编制限额和职数
C. 职位空缺
D. 编制限额
【单选题】
公务员工资制度贯彻按劳分配原则,体现工作职责.工作能力.工作实绩.资历等因素,保持不同职务.级别之间的合理工资差距。与其他类别公务员一样,我国行政执法类公务员实行___工资制度。
A. 职务
B. 级别
C. 职务与级别相结合
D. 指数
【单选题】
国家应根据___提高公务员的福利待遇。
A. 社会进步情况
B. 社会进步和经济发展情况
C. 市场经济发展情况
D. 经济社会发展水平
【单选题】
国家实行___,定期进行公务员和企业相当人员工资水平的调查比较,并将工资调查比较结果作为调整公务员工资水平的依据。
A. 工资调查制度
B. 工资评定制度
C. 工资调整制度
D. 工资制定制度
