【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
推荐试题
【判断题】
压缩气体和液化气体仓库应阴凉通风,远离热源、火种,防止日光暴晒,严禁受热,库内照明应采用防爆照明灯,库房周围不得堆放任何可燃材料。
【判断题】
危险化学品仓库的建筑屋架可以根据所存危险化学品的类别和危险等级采用木结构、钢结构或装配式钢筋混凝土结构。
【判断题】
储存剧毒化学品以及重大危险源的其他危险化学品的单位,应当将储存剧毒化学品以及重大危险源的其他危险化学品的数量、地点以及管理人员的情况,报公安部门和负责危险化学品安全监督管理综合工作的部门备案。
【判断题】
压缩气体如正丁烷、乙炔等发生着火时,应迅速灭火,然后切断气源。
【判断题】
压缩气体和液化气体的特点是压力大、温度高。
【判断题】
在职业安全健康管理体系中绩效测量和监测中被动测量是一种预防机制。
【判断题】
从事危险化学品零售业务的店面内危险化学品的摆设应布局合理,禁忌物料可混合存放。
【判断题】
搞好危险化学品安全生产管理,是全面落实科学发展观的必然要求,是建设和谐社会的迫切需要,是各级政府和生产经营单位做好安全生产工作的基础。
【判断题】
安全管理原理是现代企业安全科学管理的基础、战略和纲领。
【判断题】
危险化学品仓库应有专职或义务消防、警卫队伍。如果是义务消防、警卫队伍,不必制定灭火预案和进行消防演练。但专职消防队伍必须制定灭火预案并经常进行消防演练。
【判断题】
有毒物品应储存在阴凉、通风、干燥的场所,不要露天存放,不要接近酸类物质。
【判断题】
在管理中必须把人的因素放在首位,体现以人为本的指导思想,这就是安全第一原则。
【判断题】
从事危险化学品批发业务的企业,所经营的危险化学品可以存放在业务经营场所。
【判断题】
在同一建筑物或同一区域内,用隔板或墙,将禁忌物料分开的储存方式叫隔离储存。
【判断题】
危险化学品经营许可证是从事危险化学品的采购、调拨、销售活动的合法凭证。
【判断题】
危险化学品经营销售实行许可制度只适用于中华人民共和国境内国有企业,不适用于个人或私有企业。
【判断题】
事故发生后,危险区域人员首先要做好自救互救,在医护人员到达时,要听从医护人员的指挥,采取切实可行的救助办法,以达到减少人员伤亡的目的。
【判断题】
单位或者个人违反《中华人民共和国突发事件应对法》,不服从所在地人民政府及其有关部门发布的决定、命令或者不配合其依法采取的措施,构成违反治安管理行为的,由公安机关依法给予处罚。
【判断题】
生产经营单位风险种类多、可能发生多种事故类型的,可以不用编制本单位的综合应急预案。
【判断题】
《中华人民共和国突发事件应对法》所称突发事件,是指突然发生,造成社会危害,需要采取应急措施的事件。
【判断题】
属于易制毒化学品中的危险化学品可以使用现金或者实物进行交易。
【判断题】
危险化学品生产企业必须向用户提供化学事故应急咨询服务,为化学事故应急救援提供技术指导和必要的协助。
【判断题】
从事危险化学品经营的单位应有符合国家规定的危险化学品事故应急预案,并配备必要的应急救援器材、设备。
【判断题】
直流电流与交流电流相比,容易摆脱,其室颤电流也比较小,因而,直流电击事故很少。
【判断题】
感知电流一般不会对人体构成伤害,但有可能导致二次事故。
【判断题】
锅炉包括两大部分:盛装水、汽的“锅”和进行燃烧加热的“炉”。
【判断题】
《压力容器安全技术监察规程》规定,压力容器运行操作人员,应加强对液面计的维护管理,保持完好和清晰。
【判断题】
劳动者因某种原因未接受离岗时职业健康检查,用人单位可以解除或者终止与其订立的劳动合同。
【判断题】
建设项目职业病防护设施建设期间,建设单位应当对其进行经常性的检查,对发现的问题及时进行整改。
【判断题】
《使用有毒物品作业场所劳动保护条例》规定,使用单位应将危险化学品的有关安全卫生资料向职工公开,教育职工识别安全标签、了解安全技术说明书、掌握必要的应急处理方法和自救措施,经常对职工进行工作场所安全使用化学品的教育和培训。
【判断题】
存在高毒作业的危险化学品建设项目的防护设施、设计,未经卫生行政部门审查同意,可进行施工操作。
【判断题】
《常用危险化学品分类标志》规定,氧化剂包括含有过氧基的无机物,其本身不一定可燃,但能导致可燃物的燃烧。
【判断题】
加油站邻近单位发生火灾时,可继续营业但应向上级报告。
【判断题】
不是任一个点火源都能引燃每一种可燃物。
【判断题】
有些自燃物品遇火或受潮后能分解引起自燃或爆炸。
【判断题】
爆炸品与其他非爆炸品严禁混储混运,点火器材、起爆器材与炸药、爆炸性药品以及发射药、烟火等其他爆炸品可以共同储存和运输。
【判断题】
氧化性物质的危险性是通过与其他物质作用或自身发生化学变化的结果表现出来的。
【判断题】
氧化剂的特点是其本身不一定可燃,但能导致可燃物的燃烧。
