【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
【单选题】
1.三相刀开关的图形符号与交流接触器的主触点符号是___。
A. 一样的
B. 可以互换
C. 有区别的
D. 没有区别
推荐试题
【判断题】
社会主义基本制度的确立,是马克思列宁主义关于社会主义革命理论在中国的正确运用和创造性发展的结果
【判断题】
中国共产党在其犯严重错误的时候,它的性质和宗旨都是没有发生改变的
【判断题】
在1954年被第一次提出的四个现代化为工业、农业、交通运输业和国防业的现代化
【判断题】
关于新中国成立后走中国工业化道路,调整和完善所有制结构,陈云提出了著名的“三个主体,三个补充”理论
【判断题】
在社会主义初级阶段,阶级矛盾和阶级斗争仍在一定范围内长期存在
【判断题】
“一个中心、两个基本点”是社会主义初级阶段基本路线的最主要内容
【判断题】
“自力更生,艰苦创业”是实现社会主义现代化奋斗目标的根本立足点
【判断题】
坚持以四项基本原则保证改革开放的正确方向
【判断题】
马克思最早提出科学技术是生产力的一部分
【判断题】
台湾问题是中国国内战争遗留下来的问题,其实质是内政问题
【判断题】
马克思主义中国化第二次历史性飞跃的理论成果是中国特色社会主义理论体系
【判断题】
邓小平理论第一次比较系统地初步回答了中国社会主义的发展道路、发展阶段、根本任务、发展动力、外部条件、政治保证、战略步骤、党的领导和依靠力量以及祖国统一等一系列基本问题
【判断题】
邓小平理论指导我们党制定了在社会主义初级阶段的基本路线
【判断题】
邓小平理论之所以能够如此,就在于看清了世界和中国的发展大势,深刻了解中国人民和中华民族的深沉愿望,把握住中国发展的历史规律
【判断题】
“三个代表”重要思想是中国特色社会主义理论体系的接续发展
【判断题】
经过新中国成立以来特别是改革开放以来的不懈努力,我国经济社会发展取得了举世瞩目的成就,但仍处于并将长期处于社会主义初级阶段的基本国情没有变
【判断题】
十七大报告提出了“中国特色社会主义理论体系”的科学概念,把科学发展观与邓小平理论、“三个代表”重要思想一道作为中国特色社会主义理论体系的重要组成部分
【判断题】
科学发展观是中国特色社会主义理论体系的接续发展
【判断题】
发展观是关于发展的本质、目的、内涵和要求的总体看法和根本观点,决定了经济社会发展的总体战略和基本模式,对经济社会发展实践具有根本性、全局性的重大影响
【判断题】
近年来,中国的反腐败斗争压倒性态势已经形成并巩固发展
【判断题】
习近平指出:“实现中国梦必须走中国道路、弘扬中国精神、凝聚中国力量
【判断题】
爱国主义是中华民族的精神基因,维系着华夏大地上各个民族的团结统一,激励着一代又一代中华儿女为祖国发展繁荣而不懈奋斗
【判断题】
改革创新体现了中华民族最深沉的民族禀赋,反映了当代中国发展进步的要求,始终是鞭策我们在改革开放中与时俱进的精神力量
【判断题】
习近平指出实现中华民族伟大复兴就是中华民族近代以来最伟大的梦
【判断题】
坚持和发展中国特色社会主义的总任务,是实现社会主义现代化和中华民族伟大复兴
【判断题】
中国梦的本质是国家富强、民族振兴、人民幸福
【判断题】
基本实现社会主义现代化在生态文明建设方面的体现是,生态环境根本好转,美丽中国目标基本实现
【判断题】
在经济建设方面,我国经济实力、科技实力将大幅跃升,跻身创新型国家前列
【判断题】
收入分配有差距是正常现象,但是差距过大则会让人们产生被剥夺感,影响社会稳定
【判断题】
工业化以城镇化为载体,工业化的过程本身就是城镇化的过程
【判断题】
推进增长动能转换,就是要推进中国制造向中国创造转变,中国速度向中国质量转变,制造大国向制造强国转变
【判断题】
要推动产业优化升级,加快发展先进制造业,推动互联网、大数据、人工智能和实体经济深度融合
【判断题】
促进贸易平衡,更加注重提升出口质量和附加值,积极扩大进口,下调部分产品进口关税
【判断题】
我国是工人阶级领导的、以工农联盟为基础的人民民主专政的社会主义国家,国家一切权力属于人民
【判断题】
民族区域自治制度符合我国国情,在加强民族平等团结、促进民族地区发展、增强中华民族凝聚力等方面发挥了重要作用
【判断题】
发展社会主义民主,建设社会主义政治文明是全面建成小康社会的重要目标