【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
【单选题】
1.三相刀开关的图形符号与交流接触器的主触点符号是___。
A. 一样的
B. 可以互换
C. 有区别的
D. 没有区别
推荐试题
【填空题】
78. PLC按结构形式分为___和___两种。
【填空题】
79. 大部分PLC的I/O接口电路均采用___,使工业现场的外电路与PLC内部电路之间电气上___。
【填空题】
80. PLC每个输入、输出端口都对应一个指示灯,当某个输入端口指示灯亮时说明该端口有___,当某个输出端口指示灯亮时说明该端口有___。
【多选题】
马克思主义是()?
A. 马克思恩格斯创立的,并为后继者不断发展的科学理论体系
B. 关于无产阶级解放.全人类解放和每个人自由而全面发展的学说
C. 关于社会主义必然代替资本主义,最终实现共产主义的学说
D. 关于自然.社会和思维发展一般规律的学说
【多选题】
马克思主义理论体系不可分割的三个主要组成部分分别是( )?
A. 马克思主义哲学
B. 马克思主义政治经济学
C. 科学社会主义
D. 马克思主义军事学
【多选题】
马克思主义的三大直接理论来源分别是( )?
A. 德国古典哲学
B. 英国古典政治经济学
C. 人权宣言
D. 法国英国的空想社会主义
【多选题】
马克思恩格斯批判地继承了前人的成果,发现了两大学说从而实现了人类思想史上的伟大革命,这两大学说分别是( )?
A. 唯物史观
B. 劳动价值学说
C. 剩余价值学说
D. 辩证法
【多选题】
资本主义的充分发展造成了深重的社会灾难,表现为( )?
A. 社会两极分化,工人极端困苦
B. 劳动生产率极大提高
C. 科学技术迅猛发展
D. 周期性经济危机频繁爆发
【多选题】
马克思主义的基本方法包括( )?
A. 辩证分析的方法
B. 阶级分析的方法
C. 矛盾分析的方法
D. 历史分析的方法
【多选题】
马克思主义除三个有机组成部分之外,还包括( )?
A. 马克思主义历史学
B. 马克思主义新闻学
C. 马克思主义文化学
D. 马克思主义军事学
【多选题】
一切从实际出发,实事求是,在实践中检验和发展真理,这是( )?
A. 马克思主义最重要的理论品质
B. 马克思主义始终保持蓬勃生命力的关键所在
C. 人类认识发展规律的基本要求
D. 理论创新的内在要求
【多选题】
科学社会主义( )?
A. 阐明了由资本主义社会转变为社会主义.共产主义社会的客观规律
B. 阐明了无产阶级获得彻底解放的历史条件
C. 阐明了无产阶级的历史使命
D. 使社会主义由空想成为科学
【多选题】
十九世纪三.四十年代欧洲的三大工人运动是指( )?
A. 法国马赛工人起义
B. 法国里昂工人起义
C. 英国宪章运动
D. 德国西里西亚纺织工人起义
【多选题】
十九世纪的三大科学发现为马克思主义产生提供了自然科学前提,这三大发现是指( )?
A. 细胞学说
B. 燃素说
C. 能量守恒和转化定律
D. 生物进化理论
【多选题】
马克思主义的鲜明特征包括( )?
A. 科学性
B. 革命性
C. 实践性
D. 人民性和发展性
【多选题】
马克思主义具有科学的世界观和方法论基础,即( )?
A. 辩证唯物主义
B. 实践唯物主义
C. 历史唯物主义
D. 唯物主义认识论
【多选题】
马克思主义的革命性集中表现为( )?
A. 彻底的批判精神
B. 鲜明的无产阶级立场
C. 理论的创新性
D. 马克思主义政党的先进性
【多选题】
马克思主义的当代价值是( )?
A. 观察当代世界变化的认识工具
B. 指引当代中国发展的行动指南
C. 引领人类社会进步的科学真理
D. 资产阶级发家致富的必要手段
【多选题】
大学生在学习马克思主义的过程中,要有正确的态度和科学的方法,包括( )?
A. 把马克思主义当作教条
B. 学习和掌握马克思主义的基本立场.观点.方法
C. 坚持理论联系实际的马克思主义学风
D. 自觉将马克思主义内化于心.外化于行
【多选题】
哲学是( )?的世界观?
A. 规范化
B. 系统化
C. 理论化
D. 抽象化
【多选题】
二元论的观点认为世界的本原( )?
A. 既是物质的
B. 又是精神的
C. 是物质的
D. 是精神的
【多选题】
公孙龙提出的“白马非马”命题,其错误在于割裂了事物的( )?
A. 共性和个性的关系
B. 普遍性和特殊性的关系
C. 整体和部分的关系
D. 一般和个别的关系
【多选题】
下列例子中表现了否定之否定规律的是( )?
A. 麦粒——麦株——麦粒
B. 光的微粒说——光的波动说——光的波粒二像说
C. 团结——批评——团结
D. 古代朴素唯物主义与辩证法自发的结合——近代唯物论与辩证法的分裂——现代辩证法与唯物主义的自觉结合
【多选题】
运动和静止的关系是( )?
A. 一般和个别的关系
B. 普遍和特殊的关系
C. 绝对和相对的关系
D. 动中有静,静中有动
【多选题】
哲学基本问题是( )?
A. 思维和存在的关系问题
B. 运动和静止的关系问题
C. 意识和物质的关系问题
D. 实践和认识的关系问题
【多选题】
哲学基本问题包括两个方面的内容:( )?
A. 存在决定思维
B. 思维决定存在
C. 存在和思维哪一个是世界的本原
D. 存在和思维有没有同一性
【多选题】
在物质和意识的关系问题上,辩证唯物主义的观点是( )?
A. 物质和意识相互起决定作用
B. 物质决定意识
C. 意识对物质具有能动作用
D. 物质不能决定意识,意识也不能决定物质
【多选题】
物质与运动是不可分的,因为( )?
A. 凡是物质都是运动着的物质
B. 凡是运动都是物质的运动
C. 运动是物质的根本属性
D. 运动和物质都是实体
【多选题】
意识是( )?
A. 物质世界长期发展的产物
B. 人类社会历史的产物
C. 人类特有的精神活动
D. 物质世界的主观映象
【多选题】
正确发挥主观能动性要( )?
A. 尊重客观规律
B. 通过实践
C. 超脱客观规律的制约
D. 不讲任何条件
【多选题】
本质与现象的关系是( )?
A. 本质决定现象
B. 现象决定本质
C. 现象表现本质
D. 本质表现现象
【多选题】
矛盾范畴所包含的两种基本属性是( )?
A. 矛盾对抗性
B. 矛盾同一性
C. 矛盾斗争性
D. 矛盾平衡性
【多选题】
人类社会的物质性主要表现在( )?
A. 人类社会是物质世界的组成部分
B. 人类获取生活资料的活动是物质性的
C. 人类社会存在和发展的基础是物质资料的生产方式
D. 以上都对
【多选题】
矛盾问题的精髓是( )?
A. 矛盾的普遍性和特殊性的关系问题
B. 主要矛盾和非主要矛盾的问题
C. 矛盾的共性与个性的关系问题
D. 对抗性矛盾和非对抗性矛盾的关系问题
【多选题】
量和事物的关系是( )?
A. 直接同一
B. 并不是直接同一的,同一事物可以有不同的量
C. 量可以离开事物而独立存在
D. 在一定限度内,量的变化并不导致事物质的根本变化
【多选题】
辩证否定观的基本内容是()?
A. 否定是事物的自我否定
B. 否定是事物发展的环节
C. 否定是新旧事物联系的环节
D. 辩证否定的实质是“扬弃”
【多选题】
共性和个性的关系是( )?
A. 个性中包含共性
B. 个性寓于共性之中
C. 共性寓于个性之中
D. 没有个性就没有共性
【多选题】
量变和质变的相互关系表现为( )?
A. 量变就是质变
B. 量变是质变的必要准备
C. 质变是量变的必然结果
D. 量变和质变互相渗透
【多选题】
唯物辩证法的总特征是( )?
A. 联系的观点
B. 发展的观点
C. 静止的观点
D. 实践的观点