【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
推荐试题
【单选题】
继发性闭经指月经初潮后,因病理性原因导致停经在___
A. 6个月以上
B. 10个月以上
C. 12个月以上
D. 100天以上
E. 60天以上
【单选题】
以下因素中,属于甲状腺功能亢进主要原因的是___
A. 精神创伤
B. 病毒感染
C. 过度劳累
D. ,自身免疫
E. 外部创伤
【单选题】
初乳中含量较多的免疫因子是___
A. IgG
B. IgD
C. sIgA
D. IgM
E. IgD
【单选题】
婴儿补充维生素D的时间是___
A. 生后1周
B. 生后2周
C. 生后3周
D. 生后4周
E. 生后2个月
【单选题】
肺结核患者,久治不愈,出现剧烈头痛伴呕吐。查体有头向后仰、屈颈困难。提示:___
A. 肩关节炎
B. 颈肌痉挛
C. 颅内压增高
D. 脑膜刺激征
E. 癫痫发作
【单选题】
关于女性骨盆重要径线,下列数值是正确的是___
A. 入口平面前后线径12.75cm
B. 中骨盆平面横径为13cm
C. 出口前失状径是8.5cm
D. 出口后失状径为15cm
E. 出口平面横径为9cm
【单选题】
房颤心电图的典型表现是___
A. 大小形态及规律不一的f波替代窦性P波,QRS波形态正常,R-R间隔不等
B. P波消失,呈现完全不规律的波浪状曲线
C. P波正常,QRS波群与T波消失,呈现相对规律快速大幅波动
D. P波倒置,QRS波形态正常
E. P波正常,QRS波提前出现
【单选题】
肺炎患者可在患侧听到胸膜摩擦音是因为___
A. 肺泡炎症
B. 呼吸动度过大
C. 胸膜受累发炎
D. 胸腔积液
E. 心包积液
【单选题】
子宫内膜在受精卵着床后被称为___
A. 叶状绒毛膜
B. 胎膜
C. 羊膜
D. 蜕膜
E. 绒毛膜
【单选题】
于左向右型先天性心脏病___
A. 法洛四联症
B. 大动脉错位
C. 肺动脉狭窄
D. 房间隔缺损
E. 主动脉关闭不全
【单选题】
患者,男性,30岁,因胃肠胀气导致腹痛,此时宜取___
A. 半卧位
B. 端坐位
C. 俯卧
D. 站立位
E. 侧卧位
【单选题】
贯穿整个分娩过程的主要产力是___
A. 腰肌收缩力
B. 膈肌收缩力
C. 子宫收缩力
D. 产妇向下屏气
E. 盆腔肌肉收缩力
【单选题】
从胎儿娩出到胎盘娩出,不应超过___
A. 15分钟
B. 20分钟
C. 30分钟
D. 45分钟
E. 60分钟
【单选题】
下列表述最能全面反映伦理学概念内涵的是___
A. 研究职业道德现象的科学
B. 研究政治道德现象的科学
C. 研究道德现象的科学
D. 研究婚姻家庭道德现象的科学
E. 研究社会公德的科学
【单选题】
支气管扩张最常见的病因是___
A. 肺脓肿
B. 慢性支气管炎反复发作
C. 婴幼儿期患麻疹、百日咳等
D. 气胸
E. 医院获得性肺炎
【单选题】
患者为慢性呼吸衰竭,近日因咳嗽、咳痰,气促明显,又出现神志不清,发绀、多汗,做血气分析PaO50mmHg,PaCO62mmHg。应给予患者___
A. 高浓度、高流量持续吸氧
B. 高浓度、高流量间歇吸氧
C. 低浓度、低流量持续吸氧
D. 低浓度、低流量间歇吸氧
E. 乙醇湿化吸氧
【单选题】
对宫内节育器避孕原理描述正确的是___
A. 抑制排卵
B. 阻止受精卵的运行
C. 改变宫颈黏液性质
D. 改变子宫内膜周期变化
E. 改变官腔内环境
【单选题】
麻疹的传播途径是___
A. 飞沫呼吸道传染
B. 虫媒传播
C. 垂直传播
D. 空气传播
E. 粪,口传播
【单选题】
污染伤口是指___
A. 伤后12小时以上处理的伤口
B. 切口感染的手术切口
C. 有异物存留24以上的伤口
D. 伤后8小时以内的处理伤口
E. 甲状腺手术的切口
【单选题】
局麻药中毒中期表现为肌肉震颤,其常见部位是___
A. 颈部肌肉
B. 腹部肌肉
C. 颜面肌肉
D. 肩颈部肌肉
E. 躯干肌肉
【单选题】
正常足月妊娠脐带的平均长度是___
A. 40cm
B. 30cm
C. 55cm
D. 60cm
E. 70cm
【单选题】
小儿听觉发育完善的年龄大约在___
A. 2个月
B. 6个月
C. 1岁
D. 2岁
E. 4岁
【单选题】
一氧化碳与血红蛋白的亲和力要比氧与血红蛋白的亲和力大___
A. 200~300倍
B. 350~400倍
C. 450~500倍
D. 550~600倍
E. 1000倍以上
【单选题】
患者,男性,67岁,2型糖尿病,未正规治疗,近1周来发现尿频、尿急、尿痛,伴腰痛、低热。可能的原因是___
A. 急性肾炎
B. 肾盂肾炎
C. 慢性肾炎
D. 输尿管结石
E. 肾病综合征
【单选题】
初产妇,23岁,第二产程破膜后突然呛咳,烦躁,呼吸困难,随即昏迷,血压50/30mmHg。该产妇可能发生了___
A. 先兆子宫破裂
B. 胎盘早剥
C. 产时子痫
D. 羊水栓塞
E. 左心衰竭
【单选题】
患者,女性,29岁,甲状腺功能亢进行甲状腺大部切除术,术后2小时突然窒息,面部青紫,颈部切口下肿胀,其原因是___
A. 出血
B. 舌后坠
C. 甲状腺危象
D. 气管塌陷
E. 喉下神经损伤
【单选题】
氨中毒学说:肝性脑病主要发病机制是氨干扰大脑的___
A. 血液循环
B. 电解质平衡
C. 血氧供给
D. 水盐代谢
E. 能量代谢
【单选题】
患者,女性,46岁,腰麻下行阑尾切除术,术后发生尿潴留,其主要原因是___
A. 手术部位疼痛
B. 尿路结石
C. 不习惯卧床排尿
D. 神经损伤
E. 麻醉反应
【单选题】
正常新生儿应在出生后多长时间内排尿___
A. 8小时
B. 10小时
C. 24小时
D. 32小时
E. 48小时
【单选题】
发生心肌梗死的主要病理基础是___
A. 心肌需血量增加
B. 冠状动脉供血不足
C. 冠状动脉严重狭窄
D. 血氧供给不足
E. 劳累
【单选题】
妊娠期贫血最常见为___
A. 妊娠期贫血
B. 缺铁性贫血
C. 低色素性贫血
D. 巨幼细胞贫血
E. 再生障碍性贫血
【单选题】
下列临床表现中,甲亢和糖尿病共有的是___
A. 多食消瘦
B. 大便次数增多
C. 幻觉和燥狂
D. 四肢麻木感
E. 收缩压增高
【单选题】
以下叙述错误的是___
A. 原发性痛经生殖器官无器质性病变
B. 痛经可能与前列腺素分泌有关
C. 痛经可持续1~2天
D. 痛经多发于无排卵型功血
E. 痛经者可用解痉药
【单选题】
继发性腹膜炎最常见的致病菌是___
A. 白色念珠菌
B. 拟杆菌
C. 溶血性链球菌
D. 大肠埃希菌
E. 铜绿假单胞菌
【单选题】
急性肾功能衰竭少尿或无尿期常见的致死原因是___
A. 高磷血症与低钙血症
B. 低钠血症
C. 低氯血症
D. 高镁血症
E. 高钾血症
【单选题】
第一产程潜伏期延长指超___
A. 4小时
B. 8小时
C. 10小时
D. 12小时
E. 16小时
【单选题】
鹅口疮的病原体为___
A. 大肠埃希菌
B. 铜绿假单胞菌
C. 肺炎双球菌
D. 白色念珠菌
E. 溶血性链球菌
【单选题】
慢性肺炎的病程为___
A. <3个月
B. >1个月
C. <1个月
D. >3个月
E. 1~3个月
【单选题】
对热衰竭发生机制描述正确的是___
A. 体温调节中枢受损
B. 大量出汗致血容量不足
C. 散热不足
D. 脑组织充血水肿
E. 电解质紊乱
【单选题】
下列关于低血钾的病因不正确的是___
A. 长期不能进食
B. 急性肾功能衰竭
C. 严重呕吐,持续胃肠减压
D. 大量注射葡萄糖并与胰岛素合用
E. 碱中毒
