【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
【单选题】
1.三相刀开关的图形符号与交流接触器的主触点符号是___。
A. 一样的
B. 可以互换
C. 有区别的
D. 没有区别
推荐试题
【单选题】
下列哪一个部件故障不会导致APU保护性停车?___
A. EGT传感
B. 转速传感器
C. 滑油低压电门
D. P2传感器
【单选题】
当Air/OilCooler堵塞时___
A. 滑油泵将停止工作
B. APU滑油过热导致APU
C. 压力释放valve将释放滑油回到滑油泵的吸油侧
D. 滑油低压保护性停车
【单选题】
Deoil电磁阀失效在关闭时,会导致___
A. APU起动时低滑油压力而关车
B. APU慢起动而关车
C. APU正常工作
D. APU不能正常停车
【单选题】
Deoil电磁阀失效在打开时,会导致___
A. APU低滑油压力而关车
B. APU慢起动而关车
C. APU正常工作
D. APU不能正常停车
【单选题】
对EMU的描述错误的是:___
A. 提供APU的使用计时
B. 对T1和T2的数值进行叠加
C. 提供APU舱环境温度
D. 由FADEC直接控制
【单选题】
APU的EGT热电偶探测的是哪里的温度?___
A. 燃烧室出口
B. 涡轮导向器
C. 涡轮转子
D. 消音器法兰处
【单选题】
关于APU的速度传感器错误的是:___
A. 是两个独立系统
B. 感受磁性齿轮的运转
C. 感受转子的组件的旋转环转速
D. 更换时需要换胶圈
【单选题】
APU进气门开始打开,下列说法不正确的是:___
A. 起动机开始转动
B. 燃油关断valve处于全开位
C. APU主电门在ON位
D. 防喘valve不作动
【单选题】
如果P2传感器和压差传感器故障,IGV如何作动?___
A. 关闭
B. 打开
C. 调节状态
D. 根据引气门位置确定
【单选题】
如果P2传感器和压差传感器故障,防喘valve如何作动?___
A. 关闭
B. 打开
C. 调节状态
D. 根据引气门位置确定
【单选题】
起动APU,看到在ECAMAPU页上有EGT和BLEEDPSI,证实发动机引气电门在OFF位,组件电门在OFF位,接通APU引气电门,如果EGT上升并且显示在ECAM上的BLEEDPSI没有增加,可能的原因是什么?___
A. LCV没有打开
B. LCV没有全开
C. IGV没有打开
D. 飞机供气系统漏气
【单选题】
当APU在慢车状态工作正常,但加负荷时,转速下降,FCU是故障原因之一,还有的故障原因可能是下列哪一项?___
A. 压差传感器
B. 转速传感器故障
C. EGT热电偶故障
D. P2传感器故障
【单选题】
“APUBLEED”(APU引气)电门置于“ON”时,负载控制valveLCV()___
A. 打开
B. 关闭
C. 打开或关闭还需取决于ECB控制
D. 以上都不正确
【单选题】
APU安装的防震动安装杆作用是()___
A. 防止APU产生的震动传到飞机结构
B. 防止机身产生的震动传到APU
C. 协助将APU吊装在APU舱
D. A+B+C
【单选题】
APU舱的冷却空气来自于()___
A. 从进气道来的部分空气直接冷却
B. 滑油冷却器出口空气
C. 冷却风扇供出的部分空气
D. 负载压气机出口的部分空气
【单选题】
APU的ECB安装在()___
A. 电子舱
B. 机鼻舱
C. 后货舱(散装货舱)
D. APU舱
【单选题】
APU的IGV的开度取决于()___
A. 伺服燃油的压力
B. 引气命令信号
C. APU的转速
D. 进气量大小
【单选题】
APU的磁堵位于()___
A. 润滑组件上
B. 滑油箱上
C. 发电机回油路上
D. 发电机回油滤上
【单选题】
APU的放油是将压力油泵之前的管路和下列哪部分相通()___
A. 滑油箱
B. 回油管路
C. 通气管路
D. 以上都不正确
【单选题】
APU的负载控制valveLCV是()___
A. 电控气动作动
B. 电控液压作动
C. 直接电控作动筒作动
D. 直接液压作动
【单选题】
APU的功率部分压气机属于()___
A. 两级离心式压气机
B. 单级离心式压气机
C. 三级轴流式压气机
D. 单极轴流式压气机
【单选题】
APU的哪个部件带有目视位置指示器()___
A. LCV和SCV
B. IGV
C. 只有LCV
D. 只有SCV
【单选题】
APU的哪个部件可调节到气源系统的空气流量()___
A. LCV(负载控制valve)
B. IGV(进口导向叶片)
C. SCV(喘振控制valve)
D. 以上都不正确
【单选题】
APU的燃烧室装有()___
A. 一个点火电咀和10个燃油喷咀
B. 2个点火电咀和6个燃油喷咀
C. 防涡叶片组件,2个电火电咀和2个燃油喷咀
D. 2个点火电咀和10个燃油喷咀
【单选题】
APU的燃油泵何时工作()___
A. 当主电门打到“ON”,供油管路压力低于21.8psi时
B. 当主电门打到“ON”,供油管路压力在21.8ps至23.2psi之间时
C. 当主电门打到“ON”时,APU燃油泵一直是工作的
D. 以上都不正确
【单选题】
APU的燃油喷咀()___
A. 有10个,单孔喷咀
B. 有20个,单孔喷咀
C. 有10个,双孔喷咀
D. 有20个,双孔喷咀
【单选题】
APU的三个单元体是()___
A. 压气机,燃烧室,涡轮
B. 功率部分,负载压气机部分,燃油控制组件
C. 功率部分,负载压气机部分,附件驱动齿轮箱
D. 以上都不正确
【单选题】
APU的三通电磁线圈valve()___
A. 起动程序中打开,停车程序中关闭
B. 起动程序中关闭,停车程序中打开
C. 起动程序中关闭,停车程序中关闭
D. 以上都不正确
【单选题】
APU的下列哪个部件不是合成在燃油控制组件(FCU)里的()___
A. 三通电磁线圈valve
B. 高压燃油泵
C. 燃油流量分配器
D. 燃油计量组件
【单选题】
APU的作用是()___
A. 供电
B. 供气
C. 提供部分推力
D. A+B
【单选题】
APU低压隔离valve带有几个马达,由什么作动()___
A. 1个,电控作动
B. 1个,液压作动
C. 2个,电控作动
D. 2个,液压作动
【单选题】
APU负载压气机出口空气流量信号是采用()___
A. 进口压力P2
B. 飞机气源需求命令
C. 负载压气机出口总压和进出口压差
D. 进口导向叶片开度
【单选题】
APU功率部分组成()___
A. 1级压气机,燃烧室,1级涡轮
B. 1级压气机,燃烧室,2级涡轮
C. 2级压气机,燃烧室,1级涡轮
D. 2级压气机,燃烧室,2级涡轮
【单选题】
APU滑油系统的哪一路回油没装回油泵()___
A. 发电机回油
B. 前收油池回油
C. 涡轮处收油池回油
D. 整个回油路上都没回没泵
【单选题】
APU滑油系统功用()___
A. 润滑
B. 冷却
C. 清洁
D. A+B+C
【单选题】
APU滑油系统下列哪种情况会导致APU保护性停车()___
A. 齿轮箱高滑油温度
B. 发电机高滑油温度
C. 滑油系统低滑油压力
D. A+B+C
【单选题】
APU滑油系统需润滑的部位是()___
A. 轴承
B. 附件齿轮箱
C. 发电机
D. 以上都正确
【单选题】
APU滑油系统中,受ECB控制的部件是()___
A. 滑油滤旁通valve
B. 放油电磁线圈valve
C. 空气/滑油冷却器
D. 压力调节和释放valve
【单选题】
APU滑油系统中的压差电门触发堵塞信号时()___
A. 送信号到ECAM
B. 送信号到CFDS
C. 让跳出指示器工作
D. 以上都正确
【单选题】
APU回滑油系统油路上有几个回油滤()___
