【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
推荐试题
【单选题】
停经11周,阴道有少量流血及下腹轻微腹痛2天,今晨腹痛加剧,阴道出血增多,宫口已开,尿妊娠试验阳性,子宫略小于妊娠月份,属于___
A. 先兆流产
B. 难免流产
C. 完全流产
D. 过期流产
E. 稽留流产
【单选题】
患者30岁,初产妇,妊娠3Z周,血压160/120mmHg.尿蛋白(+++),水肿(++)。自觉头晕、眼花。正确诊断应为___
A. 轻度妊娠高血压综合征
B. 中度妊高征
C. 妊娠高血压
D. 先兆子癎
E. 子癎
【单选题】
会阴切开缝合术完毕,取出纱布,常规进行___
A. 肛门检查
B. 阴道检查
C. 宫颈检查
D. 盆腔检查
E. 腹部检查
【单选题】
流产主要的临床特点是___
A. 停经后腹痛,阴道流血
B. 转移性腹痛
C. 痉孪性腹痛
D. 无痛性阴道流血
E. 剧裂腹痛,下腹按压似板状
【单选题】
子宫输卵管造影检查中错误的说法是___
A. 用于不孕症的检查,以确诊输卵管阻塞的部位
B. 可了解子宫内膜息肉及子宫黏膜下肌瘤的情况
C. 也可用于内生殖器结核的诊断
D. 术前无需做碘过敏试验
E. 凡有严重心、肺疾病人,不做此项检查
【单选题】
在指导产妇哺乳的措施中,错误的做法是___
A. 每隔3~4h1次,每次0.5~1h
B. 两次哺乳问不添加糖水
C. 防止乳房堵住新生儿鼻孔
D. 哺乳毕将新生儿竖抱轻拍背部
E. 应先吸空一侧乳房,再换至对侧
【单选题】
女子各阶段的生理特点,错误的是___
A. 新生儿期一直受胎盘性激素的影响
B. 儿童期生殖器官处于幼稚型
C. 青春期为月经来潮至生殖器逐渐成熟
D. 更年期卵巢功能逐渐减退
E. 老年期生殖器官萎缩
【单选题】
患者28岁,妊娠24周,欲行羊膜腔内依沙吖啶引产术。哪项护理措施不妥___
A. 讲解手术经过减轻焦虑
B. 术前嘱其排尿
C. 准备无菌穿刺包
D. 术后观察宫缩和产程进展
E. 术后如体温达38℃需立即进行降温处理
【单选题】
产妇,29岁,第一胎,妊娠合并心脏病,孕37周,阴道侧切分娩一活婴,产后心功能Ⅱ级,在护理措施中,不正确的为___
A. 产后3天严密观察心衰的表现
B. 产后24小时内绝对卧床休息
C. 不宜母乳喂养
D. 进食富含纤维素食物防便秘
E. 至少住院观察2周
【单选题】
进入第二产程的标志是___
A. 宫口开全
B. 胎头着冠
C. 产妇屏气,肛门放松
D. 宫缩时会阴膨出,肛门放松
E. 胎先露降至坐骨棘水平以下
【单选题】
下列哪项不是羊水过多的体征___
A. 子宫大小与孕月相符
B. 腹部膨大
C. 胎位扪及不清
D. 胎心遥远,甚至听不清
E. 妊娠期易并发妊高征
【单选题】
随访葡萄胎病人时必须进行的最常用的检查方法是___
A. 阴道脱落细胞涂片检查
B. 测尿中的HGG值
C. B超检查有无胎囊
D. 多普勒超声检查听取胎心
E. CT检查脑转移情况
【单选题】
为预防感染,新生儿脐带护理哪项是正确的___
A. 沐浴后用75%酒精揩净脐带残端和脐轮处
B. 脐带2~3天脱落
C. 有分泌物伴臭味时涂1%龙胆紫
D. 有肉芽组织用50%硝酸银点灼
E. 脐部保持清洁湿润,防止发生脐炎
【单选题】
女性阴道炎的叙述下列哪项是正确的___
A. 妊娠期间不易发生滴虫性阴道炎
B. 滴虫性阴道炎夫妻间不会相互传染
C. 滴虫性阴道炎用甲硝唑只需1次性治疗
D. 绝经后雌激素水平降低,易引起念珠菌性阴道炎
E. 口腔、阴道黏膜、肠道存在念珠菌可相互传染
【单选题】
使用短效口服避孕药,开始服第一片的时间一般为___
A. 月经来潮前第5天
B. 月经来潮的第5天
C. 月经来潮的第10天
D. 月经干净后第5天
E. 性生活前8小时
【单选题】
子宫破裂的发生与下列哪项无关___
A. 梗阻性难产
B. 子宫手术史
C. 分娩期缩宫素使用不当
D. 难产手术操作不当
E. 胎膜早破
【单选题】
骨盆腔最狭窄的平面是___
A. 骨盆入口平面
B. 中骨盆平面
C. 出口平面的前三角
D. 出口平面的后三角
E. 以上都不对
【单选题】
卵巢分泌的性功能调节激素有___
A. 雌、孕激素
B. 雌、孕激素,雄激素
C. 雌、孕激素,促卵泡素
D. 促卵泡素、促黄体素
E. 雌、孕激素,生乳
【单选题】
患者60岁,绝经5年,近日有少量不规则阴道流血,妇检子宫增大、变软,应考虑___
A. 老年性阴道炎
B. 宫体癌
C. 宫颈糜烂
D. 卵巢癌
E. 宫颈癌
【单选题】
葡萄胎确诊后哪项措施不恰当___
A. 尽快采用吸刮术,迅速排空宫腔
B. 术前不应用缩宫素,防肺栓塞或转移
C. 术中静脉点滴缩宫素,但需在宫口扩大后
D. 为减少出血及子宫穿孔,术前静滴缩宫素
E. 第1次吸刮后1周,行第2次刮宫
【单选题】
对于化疗患者,错误的护理是___
A. 定时巡视患者
B. 注意患者精神状况,给予心理安慰
C. 化疗中出现体重减轻时,化疗药剂量不要调整
D. 嘱患者进高营养、易消化的食物
E. 注意观察化疗不良反应
【单选题】
妊娠合并心脏病孕妇减轻妊娠期心脏负担,预防心力衰竭的措施哪项应除外___
A. 积极防治贫血和妊娠高血压综合征(妊高征)
B. 预防上呼吸遭感染
C. 终止妊娠
D. 限制钠盐
E. 预产期前1~2周住院待产
【单选题】
下列何项是宫颈原位癌的诊断标准___
A. 病变限于上皮内,基底膜未穿透,间质无浸润
B. 子宫颈上皮细胞已发生癌变,侵犯阴道的下2/3
C. 病变侵犯达血管和淋巴
D. 异形细胞侵犯宫颈腺体.侵犯腺体基底膜
E. 细胞异常程度达Ⅱ级以上
【单选题】
患者30岁,孕40周,临产后出现协调性宫缩乏力。宫口开大4cm,胎囊凸,无头盆不称。护士应首先协助的处理是___
A. 镇静剂
B. 等待产程自然进展
C. 缩宫素静脉滴注
D. 人工破膜后静脉滴注缩宫素
E. 剖宫产术
【单选题】
患者已婚,以急性腹痛2h,停经45天,妇科检查,左侧附件区可触及一包块,初步诊断为宫外孕,为确诊必须进行阴道穹隆穿刺,穿刺部位应该是___
A. 阴道前穹隆
B. 阴道后穹隆
C. 阴道左穹隆
D. 阴道右穹隆
E. 膀胱子宫陷凹
【单选题】
绝经后妇女除恶性肿瘤外,出现血性白带最可能的是___
A. 宫颈息肉
B. 子宫颈糜烂
C. 老年性阴道炎
D. 子宫肌瘤
E. 滴虫性阴道炎
【单选题】
无排卵性功血的主要临床特点是___
A. 阴道少量流血
B. 阴道多量流血
C. 不规则子宫出血
D. 绝经后出血
E. 接触性出血
【单选题】
放置宫内节育器的最佳时间是___
A. 月经干净后立即
B. 月经干净后1~2天
C. 月经干净后3~7天
D. 月经干净后7~10天
E. 安全期
【单选题】
凝血机制障碍导致产后出血不包括___
A. 胎盘残留
B. 胎盘早剥
C. 妊娠高血压综合征
D. 产褥感染
E. 羊水栓塞
【单选题】
关于分娩的分期,错误的是___
A. 总产程是指规律性宫缩开始至胎儿娩出为止
B. 第一产程初产妇需要11~12小时
C. 第二产程初产妇需要1~2小时
D. 第三产程不超过30分钟
E. 第二产程经产妇需1小时或数分钟
【单选题】
子宫内膜癌,最主要的临床表现为___
A. 下腹及腰骶部疼痛
B. 贫血消瘦,恶病质
C. 绝经后不规则阴道出血
D. 白带多伴阴道痒
E. 下腹部可触及包块
【单选题】
妇科检查前准备与内、外科检查准备不同的是___
A. 语言亲切地解释安置体位的要求
B. 要求排空膀胱和直肠
C. 提醒或协助病人上下床安全
D. 冬季做好保暖工作
E. 嘱病人张口呼吸放松腹壁
【单选题】
对高危孕妇,处理不妥的是___
A. 应用胎儿监测仪及时发现异常情况
B. 给产妇吸氧
C. 发现胎儿窘迫,均作剖宫产
D. 决定手术后在短时间内做好术前准备
E. 做好新生儿窒息抢救工作
【单选题】
关于滴虫性阴道炎使用甲硝唑治疗,下列哪项是错误的___
A. 顽固者夫妻应同时口服甲硝唑治疗
B. 妊娠早期及哺乳期不用为妥
C. 妊娠早期服用对胎儿无影响
D. 局部用药亦可收到较好效果
E. 阴道放药前行酸性溶液冲洗可提高疗效
【单选题】
前置胎盘的孕妇禁做的检查是___
A. 血常规检查
B. 尿常规检查
C. B型超声检查
D. 肛门检查及阴道检查
E. NST
【单选题】
下述哪项不属于高危妊娠___
A. 40岁初孕
B. 身高145cm
C. 前置胎盘
D. 妊娠合并病毒性肝炎
E. 妊高征
【单选题】
以下四项中,除外哪一项为妊娠合并糖尿病对胎儿的影响___
A. 除外新生儿高血糖症
B. 高胆红素血症
C. 先天性畸形
D. 巨大儿
E. 低体重儿
【单选题】
子宫下段破裂的临床表现何项正确___
A. 胎体触及不清
B. 产妇突感强烈腹痛,随之子宫收缩消失
C. 胎头拨露继而着冠
D. 多伴有阴道多量鲜血流出
E. 可见痉挛性狭窄环随宫缩上升
【单选题】
关于妊娠期母体内分泌系统的变化,下列哪项是正确的___
A. 腺垂体不增大
B. 促黑素细胞激素减少
C. 甲状腺功能低下
D. 皮质醇轻度减少
E. 垂体催乳激素增多
【单选题】
产后护理哪一项不恰当___
A. 每日测宫底高度
B. 保持外阴清洁
C. 24h后循序渐进的活动
D. 保持大小便通畅
E. 为促使会阴伤口早日愈合,自产后2天给PP坐浴