【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
推荐试题
【单选题】
(203) 生物圈的范围为___
A. 大气圈、水圈和岩石圈的全部
B. 大气圈和水圈的全部、岩石圈的上部
C. 大气圈的底部、水圈和岩石圈的全部
D. 大气圈的底部、水圈的全部和岩石圈的上部
【单选题】
(204) 地球上最大的生态系统是 ___
A. 森林生态系统
B. 生物圈
C. 海洋生态系统
D. 城市生态系统
【单选题】
(205) 被称为地球之“肺”的是:___
A. 草原
B. 针叶林
C. 沼泽地
D. 热带雨林
【单选题】
(207) 地球的表面积总共达到5.1亿平方千米,其中海陆各占的比例大致是 ___
A. 三分海洋七分陆
B. 七分海洋三分陆
C. 四分海洋六分陆
D. 六分海洋四分陆
【单选题】
(208) 地球的表面积约为5.1亿平方千米,表面起伏不平,凸出来的地方成为陆地和山脉,而大片大片下凹的部分经过亿万年的积累,被液态海水所淹没而变成了海洋,海洋面积占地球表面积的近___。
A. 2%
B. 51%
C. 71%
D. 91%
【单选题】
(209) 关于我国地形特点的叙述,不正确的是___
A. 地形多种多样
B. 山地面积广大
C. 地势平坦,起伏和缓
D. 西高东低 呈阶梯状
【单选题】
(210) 我国山区面积广大,其劣势是___
A. 森林资源不足
B. 耕地资源不足
C. 水能资源不足
D. 动植物资源不足
【单选题】
(212) 我国少数民族主要分布在___
A. 西北和东北
B. 东北和东南
C. 西南和西北
D. 东南和西南
【单选题】
(213) 我国水资源的空间分布特点是___
A. 南丰北缺
B. 东北地区缺水最严重
C. 冬春季节少,夏秋季节多
D. 绝大部分地区水资源丰富
【单选题】
(216) 下列叙述中,叙说天气的是___
A. 山前桃花山后雪
B. 塔里木盆地终年干燥少雨
C. 昆明四季如春
D. 忽如一夜春风来,千树万树梨花开
【单选题】
(217) 位于江西省海拔1500米左右的庐山成为避暑胜地的主要因素是___
A. 纬度因素
B. 海陆位置
C. 地形因素
D. 季风
【单选题】
(218) 大气的运动变化是由___引起的。
A. 冷热不均
B. 水汽交换
C. 地壳运动
D. 万有引力
【单选题】
(219) 下列行为不能了解某地天气变化的是___
A. 查看卫星云图
B. 听天气预报
C. 流览“中国气象在线”网站
D. 阅读空气质量日报
【单选题】
(220) 地球上的水主要分布在 ___
A. 海洋中
B. 冰川中
C. 大气中
D. 江河中
【单选题】
(221) 水循环是指水通过吸收太阳能量改变形态从而转移往返。下列环节中,属于具有产生能源使人们正在利用的是 ___
A. 蒸发
B. 降水
C. 径流
D. 水汽输送
【单选题】
(222) 由于水的时空分布问题,经常造成我国不少地区的自然灾害。下列灾害的地区分布格局,属于符合我国一般规律的是 ___
A. 北涝南旱
B. 东涝西旱
C. 南涝北涝
D. 西旱东旱
【单选题】
(223) 以下改变水循环措施中,属于对不恰当、不科学的是 ___
A. 开挖运河
B. 建造水库
C. 曲流裁直
D. 围湖造田
【单选题】
(224) 夏季天天每公顷森林,可以从地下汲取70~100吨水化为水蒸气。说明森林具有以下什么作用___
A. 调节大气成分
B. 净化空气
C. 增加空气湿度
D. 保护农田
【单选题】
(225) 我国正在建设中的“三峡水利枢纽工程”主要是为了解决___
A. 水污染问题
B. 水资源时间分配不均的问题
C. 水资源空间分布不均的问题
D. 水资源总量不足的问题
【单选题】
(227) 对细胞的概念,近年来比较普遍的提法是:有机体的___
A. 形态结构的基本单位
B. 形态与生理的基本单位
C. 结构与功能的基本单位
D. 生命活动的基本单位
【单选题】
(228) 要观察细胞的生命活动,通常需要借助 ___
A. 放大镜
B. 望远镜
C. 显微镜
D. 反光镜
【单选题】
(229) 与洋葱细胞相比,家兔细胞缺少的结构是 ___
A. 细胞膜
B. 细胞质
C. 细胞壁
D. 细胞核
【单选题】
(230) 自然界的生物可以分为三大类,这就是 ___
A. 动物、植物与微生物
B. 海洋生物、陆地生物与高山生物
C. 动物、植物与昆虫
D. 高等生物、低等生物与微生物
【单选题】
(231) 香樟是一种在长江三角洲地区常见的树种,它是属于 ___
A. 常绿针叶树种
B. 落叶针叶树种
C. 常绿阔叶树种
D. 落叶阔叶树种
【单选题】
(232) 老虎与豹是属于同一科大动物。下列动物中也属该科的是___
【单选题】
(233) 生物是人类不可缺少的“朋友”,但目前正遇到 ___
A. 人工培育威胁
B. 种类减少威胁
C. 自相残杀威胁
D. 天外来客威胁
【单选题】
(234) 被发现在南非的古沉积岩中,地球上最早出现的绿色植物是___
A. 蕨类植物
B. 地衣
C. 蓝藻
D. 苔藓
【单选题】
(235) 城市道路两旁普遍种植大叶法国梧桐,既能绿化,又能吸尘。“法国梧桐”其实是___
A. 原产法国,是从法国引进栽培的
B. 原产东南欧、印度及美洲的悬铃木
C. 属于梧桐科的一种
D. 不清楚
【单选题】
(236) 哺乳动物是胎生的脊椎动物,靠母体分泌的乳汁浦育初生幼体,多生活在陆地,有些也生活在海洋中。下列三种海洋动物哪个是哺乳动物?___
【单选题】
(237) 下列动物中,属于鱼类的是___
【单选题】
(240) 从已发现的化石看,人类的演化大致可以依次分为从南方古猿阶段到___
A. 能人阶段、直立人阶段到智人阶段
B. 直立人阶段、能人阶段到智人阶段
C. 直立人阶段、智人阶段到能人阶段
【单选题】
(243) 植物、藻类利用叶绿素产生的光合作用过程中,在可见光的照射下,能将二氧化碳和水转化为有机物,释放出的是 ___
【单选题】
(244) 呼吸作用是生物体内的有机物在细胞内经过一系列的氧化分解,在释放出能量的同时,最终生成的主要是 ___
A. 氧气
B. 二氧化碳
C. 氮气
D. 不知道
【单选题】
(245) 晚上,植物与动物都不应该放入卧室内,要将其移到卧室外,这是因为它们会降低卧室内的 ___
A. 空气温度
B. 空气湿度
C. 氧气浓度
D. 氮气浓度
【单选题】
(246) 亲代与子代之间传递遗传信息的物质就是“遗传物质”,这种物质的载体被称谓是 ___
A. 染色体
B. 基因
C. 细胞
D. 蛋白质
【单选题】
(247) 染色体和遗传基因的关系是 ___
A. 两者互不相干
B. 两者是相同的概念
C. 染色体上携带基因
D. 基因上携带染色体
【单选题】
(248) 具有典型细胞结构的生物的遗传物质是 ___
A. RNA
B. DNA
C.
D. HA D. PHA
【单选题】
(249) “基因型身份证”主要是利用现在国内外最先进的DNA指纹技术,选取若干个固定的遗传基因位点进行鉴定。2002年9月郑州市民李广利先生正式领到了我国第一张18个位点的基因型身份证。你认为李广利先生这张身份证上的18个位点的信息取自 ___
A. 细胞壁
B. 细胞膜
C. 细胞质
D. 细胞核
【单选题】
(250) “大鱼吃小鱼,小鱼吃虾米,虾米吃泥巴”这句话反映了自然界的一个基本概念,这个概念就是 ___
A. 生态平衡
B. 食物链
C. 物质循环
D. 能量转换
【单选题】
(253) “野生动物上饭桌就是死的,不食用也是浪费”,你对此 ___
A. 很有同感
B. 有些认同
C. 很不支持
D. 难定是非
