【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
推荐试题
【单选题】
极端个人主义就是___
A. 个人主义
B. 极端利己和狭隘功利思想
C. 个人利益优先性
D. 利己不损人
【单选题】
在社会主义初级阶段,我们所提倡的高尚的人生目的是___
A. “一切向钱看”的人生目的
B. 为个人求权力、求享乐的人生目的
C. “平生无大志,但求足温饱”的人生目的
D. 以天下为己任、服务人民、奉献社会的人生目的
【单选题】
合理调控情绪,应该___
A. 喝酒宣泄
B. 剧烈运动宣泄
C. 做危险活动、寻求刺激宣泄
D. 在合适场合找合适的人诉说
【单选题】
下列说法错误的是___
A. 大学生抽象的思维迅速发展但易带主观片面性
B. 大学生自我意识增强但还不成熟
C. 大学生缺乏依赖感、归属感
D. 情绪情感日益丰富但波动性较大
【单选题】
人生价值的根本内容是以___的关系为实际内容的人与人之间的价值关系
A. 自我与他人
B. 索取与享受
C. 劳动与创造
D. 贡献与索取
【单选题】
所谓享乐主义,主要表现为___
A. 有钱就花
B. 只管享乐,不管其他
C. 拒绝艰苦奋斗
D. 今朝有酒今朝醉
【单选题】
我们所提倡树立的正确的人生观目的是___
A. 大公无私,全心全意为人民服务的人生目的
B. 先公后私的人生目的
C. 主观为自己,客观为自己的人生目的
D. 自私自利的人生目的
【单选题】
人生观有三方面的内容,其中处于核心地位的是___
A. 人生目的
B. 人生态度
C. 人生价值
D. 价值尺度
【单选题】
人生价值的本质是___
A. 社会对个人的尊重和满足
B. 个人对社会的责任和贡献
C. 个人的自我完善
D. 个人实践对自身发展的积极意义
【单选题】
历史唯物主义认为,人生观是___
A. 主观自生的
B. 永恒不变的
C. 社会存在的反映
D. 永远有阶级性
【单选题】
合理利己主义___
A. 是一种正确的人生观
B. 在市场经济条件下应该提倡的一种人生观
C. “人不为己,天诛地灭”就是这种人生观的真实写照
D. 它的核心是利己,把利他作为利己的手段
【单选题】
为人民大众求解放谋幸福的人生目的___
A. 是只有在社会主义制度下才有的人生目的
B. 是只有在社会主义制度下才具有代表性的人生目的
C. 是任何社会制度下都具有代表性的人生目的
D. 是在社会主义制度下每个人都具有的人生目的
【单选题】
人的自我价值是指___
A. 个人实践对自身发展的积极意义
B. 个人实践对社会和他人的积极意义
C. 个人通过劳动创造为社会和个人做积极贡献
D. 将自我价值与社会价值相结合
【单选题】
我们反对拜金主义人生观的根本原因在于它___
A. 追逐利益
B. 是引发社会丑恶现象的思想根源
C. 容易导致思想犯罪
D. 容易引发通货膨胀
【单选题】
在我们社会中,处理自我与他人的关系应当遵循的原则是___
A. 人不为己,天诛地灭
B. 我为人人,人人为我
C. 主观为自己,客观为他人
D. 人人为自己,上帝为大家
【单选题】
下列有关人与金钱的说法中错误的是___
A. 金钱拜物教使人唯利是图,损人利己,应该反对
B. 人要做金钱的主人,不能做金钱的奴隶
C. 在商品经济时代,追求金钱是人生的最高的目的
D. 人需要金钱,但金钱只是人发展自我,造福社会的条件之一
【单选题】
在社会主义条件下,当你在为人民服务时,人民中的其他成员也在为社会包括为你服务,这反映出要建立和谐的社会关系,应为___
A. 平等互助关系
B. 张扬个性自由发展关系
C. 主观为自己,客观为他人关系
D. 竞争关系
【单选题】
拜金主义人、享乐主义、极端个人主义三种人生观是错误的,原因在于___
A. 只有剥削阶级才有的人生观
B. 它们过分张扬个性解放
C. 它们不能满足个人价值需要
D. 它们对个人健康成长和良好社会秩序都是不利的
【单选题】
正确的竞争与合作关系,应该是___
A. 一团和气,没有矛盾
B. 适者生存
C. 合作是环境,竞争是动力,辩证统一
D. 有竞争没合作,有合作没竞争
【单选题】
诚信原则,就是___
A. 为朋友两肋插刀
B. 抱着心诚意善的动机和态度与人交往
C. 永远不说谎言,相信别人
D. 心如止水,意如明镜,天真无邪
【单选题】
评价一个人人生价值的大小,主要看他___
A. 对社会的责任和贡献
B. 从社会上获得的尊重和满足
C. 是否选择了正确的人生价值目标
D. 从事创造性实践活动的思想动机
【单选题】
在我国现阶段,个人选择和确立人生目的,从一般原则上看,应当___
A. 放弃个人的利益和追求
B. 有利于个人私利的实现
C. 以利己为主又兼利他人
D. 符合人民群众的根本利益
【单选题】
从整个社会的发展来看,价值评价的客观标准只能是___
A. 个人利益
B. 阶级利益
C. 国家利益
D. 人类生存和发展的利益
【单选题】
宽容原则,就是___
A. 与己方便、与人方便
B. 容忍退让
C. 相互包容,各取所需
D. 大度容人,不计较非原则性的是非问题
【单选题】
在处理个人与社会的关系时,愿意多作贡献,少取报酬,在考虑个人利益时,能够先集体后个人,先他人后自己。做到这一点的人,一般具有___
A. 先公后私的人生目的
B. 图谋发大财、做大事的人生目的
C. 顺应时势、崛地而起的人生目的
D. 主观为自己,客观为他人的人生目的
【单选题】
___
A. 社会价值优先性
B. 个人价值优先性
C. 社会价值以个人价值为前提
D. 个人价值是社会价值的基础
【单选题】
个人与社会关系,应该是___
A. 索取和被索取的关系
B. 生存竞争的关系
C. 利用与被利用的关系
D. 个人利益与社会利益辩证统一的关系
【单选题】
人与自然的关系,应该是___
A. 索取和被索取的关系
B. 征服与被征服的关系
C. 利用与被利用的关系
D. 和谐统一的关系
【单选题】
世界观是___
A. 人们对整个世界最根本看法和观点的总和
B. 人们认识主观世界,改造客观世界的根本方法
C. 对人生目的,人生价值的根本看法
D. 科学的人生态度
【单选题】
一种社会形态中有多种人生观同时存在,这是由于人生观是___
A. 反映了时代的特征
B. 社会存在的反映
C. 在其发展中有它自身的历史继承性
D. 人生态度决定的
【单选题】
马克思说过,真正现实人的存在,就是他为别人的存在和别人为他的存在。这说明 ___
A. 人的价值就是人自身的存在
B. 人可以有受限制地创造出自己的价值
C. 人生价值的本质是社会对个人的尊重和满足
D. 人与自身的任何关系,只有通过人同其他人的关系才能得到实现和表现
【单选题】
人民群众是推动历史前进的真正动力,是历史的主人。这种群众史观反映到人生观上必然是___
A. 为人民服务
B. 为个人谋福利
C. 人生短暂,及时行乐
D. 主观为自己,客观为他人
【单选题】
增强节约意识,就是指___
A. 过穷日子
B. 买低档服装
C. 不浪费,不过度消费
D. 把钱储存起来
【单选题】
下面反映节约意识的行为是___
A. 吃饭时采取“光盘”行动
B. 步行回家,拒绝坐公交车
C. 拒绝买高档消费品
D. 把钱储存起来
【单选题】
下面反映环保意识的行为是___
A. 吃廉价饭菜
B. 步行回家,不坐车
C. 拒绝买低档消费品
D. 不到饭店吃饭
【单选题】
下面反映生态意识的行为是___
A. 拒绝向河里倒垃圾
B. 步行回家,不坐车
C. 拒绝买低档消费品
D. 拒绝收养流浪狗
【单选题】
下面追求个人利益的正确方式是___
A. 要饭,通过出卖灵魂挣钱
B. 通过卖肾赚钱
C. 合法劳动赚钱
D. 通过赌博赚钱
【单选题】
遇到心理问题,采取的正当方式是___
A. 上网聊天,麻醉自己
B. 饮酒作乐,消遣逃避
C. 聚众闹事,宣泄情绪
D. 找心理医生,疏导心结
【单选题】
人生应乐观,是指___
A. 看破红尘,逍遥快活
B. 面对困难,乐观向上
C. 今朝有酒今朝醉
D. 只看到胜利,看不到失败
【单选题】
人生须认真,是指___
A. 活命是第一位的
B. 人死之前,钱要花完
C. 对生命负责、对人生负责
D. 珍惜时光,享受青春
