【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
推荐试题
【单选题】
对党在社会主义初级阶段的基本路线作出明确概括的是___
A. 党的十二大
B. 党的十三大
C. 党的十四大
D. 党的十五大
【单选题】
中国共产党对社会主义初级阶段基本路线的简明概括是___
A. 四项基本原则
B. 改革开放
C. 一个中心,两个基本点
D. 四个现代化
【单选题】
"一个中心,两个基本点"之中,改革开放是___
A. 强国之路
B. 兴国之要
C. 力量之源
D. 执政之基
【单选题】
把建立社会主义市场经济体制确立为经济体制改革的目标是在党的___
A. 十二大
B. 十三大
C. 十四大
D. 十五大
【单选题】
邓小平第一次提出"建设有中国特色的社会主义"的命题是在___
A. 党的十二大
B. 党的十三大
C. 党的十四大
D. 党的十五大
【单选题】
实现社会主义现代化奋斗目标的基本途径是___
A. 解放生产力,发展生产力
B. 坚持"一个中心,两个基本点"
C. 进行全方位的改革和对外开放
D. 建立社会主义市场经济体制
【单选题】
党在社会主义初级阶段的奋斗目标是___
A. 建设高度发达、民主的社会主义国家
B. 建设和谐民主的社会主义国家
C. 建设富强民主文明和谐美丽的社会主义现代化强国
D. 建设中国特色社会主义
【单选题】
坚持四项基本原则和改革开放两个基本点的统一,必须旗帜鲜明地反对___
A. 教条主义的错误
B. 狭隘经验论的错误
C. 机会主义的错误
D. 资产阶级自由化的错误
【单选题】
党的十五大第一次提出了党在社会主义初级阶段的___
A. 基本纲领
B. 基本路线
C. 基本方针
D. 基本政策
【单选题】
党在社会主义初级阶段的基本纲领规定,建设有中国特色社会主义经济的基本目标是___
A. 实现国民经济又好又快发展,保证人民共享改革和发展成果
B. 实行对外开放,积极参与国际合作和竞争
C. 保证国民经济持续快速健康发展,人民共享经济繁荣成果
D. 在社会主义条件下发展市场经济,不断解放和发展生产力
【单选题】
把社会主义初级阶段发展战略的第三步进一步具体化,提出了三个阶段性目标的是党的___
A. 十四大
B. 十五大
C. 十六大
D. 十七大
【单选题】
党的十七大报告指出,促进国民经济又好又快发展,必须加快转变___
A. 经济增长方式
B. 经济发展方式
C. 生产发展方式
D. 生产运作方式
【单选题】
毛泽东思想和中国特色社会主义理论体系作为马克思主义中国化的两大理论成果,它们有着共同的"根",这个"根"就是___
A. 马克思列宁主义
B. 求真务实
C. 与时俱进
D. 科学发展观
【单选题】
毛泽东思想达到成熟的主要标志是创立了___
A. 革命军队建设的理论
B. 新民主主义革命理论
C. 统一战线理论
D. 思想政治工作和文化工作理论
【单选题】
中国特色社会主义理论体系产生的时代背景是___
A. 和平与发展
B. 冷战与对抗
C. 战争与革命
D. 暴力与抗争
【单选题】
第一次比较系统地初步回答了在中国这样的经济文化比较落后的国家如何建设社会主义、如何巩固和发展社会主义的理论是___
A. 毛泽东思想
B. 邓小平理论
C. "三个代表"重要思想
D. 科学发展观
【单选题】
社会主义的根本任务是___
A. 解放和发展生产力
B. 消灭剥削
C. 消除两极分化
D. 最终达到共同富裕
【单选题】
党在改革开放以来的不同时期,分别突出强调了解放思想、与时俱进、求真务实等,其目的和归宿都是___
A. 群众路线
B. 以人为本
C. 实事求是
D. 独立自主
【单选题】
当代中国最大的国情是___
A. 我国环境污染严重
B. 我国市场经济体制不健全
C. 我国正处于并将长期处于社会主义初级阶段
D. 我国腐败问题严重
【单选题】
重新确立了实事求是的思想路线,开启了改革开放历史新时期的会议是___
A. 十一届三中全会
B. 十二大
C. 十三大
D. 十四大
【单选题】
毛泽东的著作中不包括下列哪一项___
A. 《关于正确处理人民内部矛盾的问题》
B. 《论十大关系》
C. 《少年中国说》
D. 《反对本本主义》
【单选题】
既是当代中国最鲜明的特色,同时又是决定当代中国命运的关键抉择是___
A. 市场经济
B. 改革开放
C. 依法治国
D. 共同富裕
【单选题】
在社会主义建设时期,( )提出了使社会主义经济既有计划性又有多样性和灵活性的主张___
A. 毛泽东
B. 周恩来
C. 刘少奇
D. 任弼时
【单选题】
毛泽东思想形成的实践基础是___
A. 中国共产党领导的革命和建设的实践
B. 对国际形势和时代特征的科学把握
C. 社会主义正反两方面经验的科学总结
D. 社会主义现代化建设的生动实践
【单选题】
对毛泽东和毛泽东思想的历史地位作出了科学的、符合客观实际评价的是党的十一届六中全会通过的___
A. 《解放思想、实事求是,团结一致向前看》
B. 《中国共产党章程》
C. 《关于建国以来党的若干历史问题的决议》
D. 《实践是检验真理的唯一标准》
【单选题】
正式使用"邓小平理论"概念,并将其作为党的指导思想写入党章的会议是___
A. 十五大
B. 十六大
C. 十七大
D. 十八大
【单选题】
新民主主义革命的领导阶级是___
A. 民族资产阶级
B. 无产阶级
C. 小资产阶级
D. 农民阶级
【单选题】
新民主主义革命总路线内容的完整表述,是在___
A. 抗日战争时期
B. 解放战争时期
C. 社会主义改造时期
D. 社会主义革命时期
【单选题】
新民主主义革命的主力军是___
A. 工人阶级
B. 农民阶级
C. 小资产阶级
D. 民族资产阶级
【单选题】
新民主主义革命的最基本的动力是___
A. 无产阶级
B. 农民阶级
C. 城市小资产阶级
D. 民族资产阶级
【单选题】
毛泽东第一次提出"新民主主义革命"的科学概念是在___
A. 《中国革命和中国共产党》一文中
B. 《在晋绥干部会议上的讲话》中
C. 中共六届六中全会上
D. 《反对本本主义》一文中
【单选题】
新民主主义革命的主要内容是___
A. 没收封建地主阶级的土地归新民主主义国家所有
B. 没收官僚垄断资本归新民主主义国家所有
C. 没收封建地主阶级的土地归农民所有
D. 保护民族工商业
【单选题】
近代中国社会最主要的矛盾是___
A. 农民与地主之间的矛盾
B. 帝国主义与中华民族之间的矛盾
C. 封建主义与人民大众之间的矛盾
D. 民族资本主义与帝国主义之间的矛盾
【单选题】
中国革命的主要斗争形式是___
A. 武装斗争
B. 议会斗争
C. 合法斗争
D. 地下斗争
【单选题】
中国新民主主义革命的动力不包括___
A. 城市小资产阶级
B. 大资产阶级
C. 民族资产阶级
D. 农民阶级
【单选题】
毛泽东论述新民主主义革命三大法宝的著作是___
A. 《中国革命和中国共产党》
B. 《共产党人发刊词》
C. 《新民主主义论》
D. 《论持久战》
【单选题】
在对资本主义工商业实行社会主义改造的过程中,在利润分配上采取的政策是___
A. 统筹兼顾
B. 劳资两利
C. 公私兼顾
D. 四马分肥
【单选题】
在我国剥削制度被消灭的标志是___
A. 中华人民共和国的建立
B. 全国大陆的统一
C. 三大改造的基本完成
D. 土地改革的完成
【单选题】
党在过渡时期总路线的主要内容被概括为"一化三改".其中"一化"是指逐步实现国家的社会主义___
A. 工业化
B. 现代化
C. 城市化
D. 信息化
【单选题】
社会主义改造的基本完成,标志着社会主义基本制度在中国的确立.这一基本制度的确立,为当代中国的一切发展进步奠定了___
A. 物质基础
B. 思想基础
C. 文化基础
D. 制度基础
