【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
推荐试题
【判断题】
对违法行为给予行政处罚的规定必须公布;未经公布的,不得作为行政处罚的依据。
【判断题】
当事人逾期不履行行政处罚决定的,作出处罚决定的行政机关可以直接强制当事人履行或者申请人民法院强制执行。
【判断题】
当事人逾期不履行行政处罚决定的,作出处罚决定的行政机关可以采取每日按罚款数额的百分之三加处罚款。
【判断题】
根据罚缴分离的规定,当事人最迟应当自收到行政处罚决定书之日起10日内,到指定的银行缴纳罚款。
【判断题】
行政机关及其执法人员在作出行政处罚决定时,未履行告知程序或者拒绝听取当事人陈述、申辩的,行政处罚决定不能成立。
【判断题】
根据《行政处罚法》的规定,配合行政机关查处违法行为有立功表现的,应当依法从轻或者减轻行政处罚。
【判断题】
在边远、水上、交通不便地区,行政机关及其执法人员依法作出罚款决定后,当事人向指定的银行缴纳罚款确有困难,经当事人提出,行政机关及其执法人员可以当场收缴罚款。
【判断题】
行政处罚决定书应当在宣告后当场交付当事人;当事人不在场的,行政机关应当在10日内依照民事诉讼法的有关规定,将行政处罚决定书送达当事人。
【判断题】
行政处罚决定书必须盖有作出行政处罚决定的行政机关的印章。
【判断题】
行政执法人员与当事人有直接利害关系的,应当回避。
【判断题】
行政机关在作出行政处罚决定之前,应当告知当事人作出行政处罚决定的事实、理由及依据,并告知当事人依法享有的权利。
【判断题】
公民、法人或者其他组织对行政机关所给予的行政处罚,享有陈述权、申辩权。
【判断题】
实施行政处罚必须以事实为依据,与违法行为的事实、性质、情节以及社会危害程度相当。
【判断题】
当事人对行政处罚决定不服申请行政复议或者提起行政诉讼的,行政处罚不停止执行,法律另有规定的除外。
【判断题】
当事人对当场作出的行政处罚决定不服的,可以依法申请行政复议或者提起行政诉讼。
【判断题】
当场行政处罚决定书应当载明当事人的违法行为、行政处罚依据、罚款数额、时间、地点以及行政机关名称,并由执法人员签名或者盖章。
【判断题】
违法行为在一年内未被发现的,不再给予行政处罚。
【判断题】
违法行为轻微并及时纠正,没有造成危害后果的,也应给予行政处罚。
【判断题】
精神病人在不能辨认或者不能控制自己行为时有违法行为的,不予行政处罚,但应当责令其监护人严加看管和治疗。
【判断题】
受委托组织在委托范围内,以委托行政机关名义实施行政处罚;不得再委托其他任何组织或者个人实施行政处罚。
【判断题】
行政机关作出责令停产停业的处罚决定前,应当告知当事人有要求举行听证的权利。
【判断题】
执法人员当场作出的行政处罚决定,必须报所属行政机关备案。
【判断题】
除法律、行政法规另有规定外,行政处罚法明确规定行政处罚由违法行为发生地的县级以上地方人民政府具有行政处罚权的行政机关管辖。
【判断题】
行政机关违反法定的行政处罚程序的,由上级行政机关或者有关部门责令改正,可以对直接负责的主管人员和其他直接责任人员依法给予行政处分。
【判断题】
行政机关在调查或者进行检查时,执法人员不得少于两人。
【判断题】
行政机关收集证据时,在证据可能灭失或者以后难以取得的情况下,经行政机关负责人批准,可以先行登记保存,并应当在7日内作出处理决定。
【判断题】
没有法定依据或者不遵守法定程序的,行政处罚无效。
【判断题】
监察局给某公务员行政记过处分属于行政处罚。
【判断题】
根据《行政处罚法》的规定,主动消除或者减轻违法行为危害后果的,应当依法从轻或者减轻行政处罚。
【判断题】
行政机关及其执法人员当场收缴罚款的,必须向当事人出具省、自治区、直辖市财政部门统一制发的罚款收据,不出具财政部门统一制发的罚款收据的,当事人有权拒绝缴纳罚款。
【判断题】
在行政处罚听证会上,应当当场做出处罚决定。
【判断题】
不满十四周岁的人有行政违法行为的,不予行政处罚,责令监护人加以管教。
【判断题】
听取当事人的陈述、申辩,是处理每个行政处罚案件的必经程序。
【判断题】
当事人对当场做出的行政处罚决定不服,不能申请行政复议或者提起行政诉讼。
【判断题】
当事人不履行行政处罚决定的,行政机关都可以自己强制执行。
【判断题】
没有法定依据或不遵守法定程序的行政处罚无效。
【判断题】
根据《行政处罚法》的规定,对于尚未制定法律、法规的,省级人民政府制定的规章对违反行政管理秩序的行为,可以设定警告或者一定数量罚款的行政处罚。
【判断题】
当事人确有经济困难,需要延期或者分期缴纳罚款的,经当事人申请和行政机关批准,可以暂缓或者分期缴纳。
【判断题】
执法人员当场做出的行政处罚决定,必须报所属行政机关备案。
