【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
推荐试题
【填空题】
43.HXD1电力机车微机网络控制系统可以实现___控制、牵引/电制动控制、机车速度控制、故障诊断保护等功能。
【填空题】
44.HXD1电力机车在牵引(速度大于10 km/h)时,扳动受电弓___开关将导致主断断开并降下受电弓。
【填空题】
45.HXD1电力机车受电弓已经升起且辅助气压变低,控制系统___启动辅助压缩机以阻止受电弓降下。
【填空题】
46.HXD1电力机车独立制动施加时,电制动力由___封锁。
【填空题】
47.HXD1电力机车停车制动由___制动器实现。
【填空题】
48.HXD1电力机车停车制动由位于司机室后墙的两个___的操作实现。
【填空题】
49.HXD1电力机车升弓截止阀带机械连锁只由___安全钥匙解锁。
【填空题】
50.HXD1电力机车通过空气管路与制动系统的___环节可实现两节或多台电力机车空气管路与制动系统重联。
【填空题】
51.HXD1电力机车主风源系统由主空气压缩机组、压力控制器、安全阀、主空气干燥器、油微过滤器、总风缸安全阀、总风缸、___、限流阀、折角塞门及连接管路组成。
【填空题】
52.HXD1电力机车主风源系统中的油微过滤器用于清除经空气干燥器处理过的压缩空气中较小的___,进一步提高空气质量。
【填空题】
53.空气干燥器由___个干燥塔、进气阀、排气阀、出气止回阀、电控器、离心式油水分离器及安装架等组成。
【填空题】
54.HXD1电力机车以CCBⅡ制动机为基础,并具备空电联合制动、空气制动___控制功能。
【填空题】
55.CCBⅡ制动机的20控制部分(2CP)向制动缸的___(BCEP)提供压力。
【填空题】
56.CCBⅡ制动机的13控制部分___包括(单缓)控制内部压力。
【填空题】
57.CCBⅡ制动机的DB三通阀(DBTV)提供制动缸___控制压力。
【填空题】
58.HXD1电力机CCBⅡ车制动系统具备自动制动、单独制动、紧急制动、___空气制动等功能。
【填空题】
59.CCBⅡ制动机后备制动时,空气制动阀在位置上的___决定了不同的列车管减压量。
【填空题】
60.HXD1电力机车压缩空气流经___[•03],截断塞门[•14],通过接口A4到高压隔离 开关。
【填空题】
61.HXD1电力机车压缩空气通过空气过滤器[•03],缩堵[U•12]和___到升弓电磁阀,再到受电弓。
【填空题】
62.HXD1电力机车转向架的传动装置采用抱轴驱动,主要由牵引电机、___、传动齿轮箱等组成。
【填空题】
63.如果HXD1电力机车主断路器没有断开,受电弓没有降下,决不能打开___柜。
【填空题】
64.CCBⅡ制动机“第三步闸”移至重联位:均衡风缸以___制动速率降为0。
【填空题】
65.CCBⅡ制动机“第四步闸”:单阀阶段制动,制动缸压力阶段上升,全制动制动缸压力___kPa。
【填空题】
66.CCBⅡ制动机“第四步闸”:单阀阶段缓解,制动缸压力___,运转位制动缸压力下降为0。
【填空题】
67.DK-2制动机制动控制器钥匙开关在___,自动制动控制器、单独制动控制器被锁定。
【填空题】
68.装有DK-2制动机机车牵引客、货物列车或单机运行时,机车以___模式运行。
【填空题】
69.前部挂有机车,只连接列车管而未连接平均管,装有DK-2制动机机车以___模式运行。
【填空题】
70.DK-2制动机后备制动需紧急制动时,可按压紧急按钮或者拉车长阀,并同时将后备制动阀手把移放___位。
【单选题】
我国经济已由高速增长阶段转向___发展阶段。
A. 高产出
B. 高端
C. 高质量
D. 高效益
【单选题】
张建民局长在2019年全国烟草工作会议的报告指出,2018年全行业经济运行总体平稳、稳中向好,呈现出许多新亮点,其中不包括___。
A. 税利总额稳定增长
B. 市场状态持续好转
C. 品牌培育实现新突破
D. 卷烟销量大幅增长
【单选题】
张建民局长在2019年全国烟草工作会议的报告指出,2018年全行业主要抓了几项重点工作,其中包括___。
A. 坚决限产压库,改善卷烟供求关系
B. 调减种收规模,推动烟叶生产转型升级
C. 聚焦品牌发展,提高烟草资源配置效率
D. 以上全都是
【单选题】
2018年全行业实现税利总额___亿元,同比增加411.1亿元,增长3.69%。
A. 11556.2
B. 4000.8
C. 6566.2
D. 23566.2
【单选题】
2018年全行业全年上缴国家财政总额___亿元。
A. 15556.2
B. 10000.8
C. 6856
D. 15466
【多选题】
张建民局长在2019年全国烟草工作会议的报告中指出,全行业推进改革创新,增强行业发展动力和活力,要推动___等新技术与烟草行业深度融合,促进传统烟草优化升级。
A. 互联网
B. 大数据
C. 图文识别技术
D. 人工智能
【多选题】
张建民局长在2019年全国烟草工作会议的报告中指出,当前烟草行业整体上呈现___、市场回暖的良好态势,成绩来之不易。
A. 产销协调
B. 结构提升
C. 库存下降
D. 效益增长
【多选题】
行业当前具备的哪些保持持续健康发展的坚实基础和有利条件,包括___、中式卷烟知名品牌的带动。
A. 党中央的坚强领导
B. 专卖专营体制的保障
C. 完整产业体系的支撑
D. 相对充裕的资金和相对领先的装备的支持
【多选题】
商务物流公司张文总经理在2019年全国烟草行业物流工作会议提出,推进深入推进精益管理要___。
A. 逐步完善精益物流体系建设
B. 继续保持理论研究先动优势
C. 积极借助各级各类平台资源
D. 要努力营造精益物流改善氛围
【多选题】
商务物流公司张文总经理在2019年全国烟草行业物流工作会议提出,不断精化费用核算要进一步___,全面提升物流费用管控水平。
A. 统一物流费用核算边界
B. 细化核算内容
C. 优化核算流程
D. 降低物流成本
【判断题】
2019年全国烟草工作会议的报告指出,商业企业要高度重视做好瘦身健体、控员增效工作。
【判断题】
2019年全国烟草工作会议的报告指出,树立全国烟草一盘棋、烟草产业一条龙思想,加快建设统一开放、竞争有序的烟草市场体系。
