【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
【单选题】
1.三相刀开关的图形符号与交流接触器的主触点符号是___。
A. 一样的
B. 可以互换
C. 有区别的
D. 没有区别
推荐试题
【多选题】
低温泵切换后,要对运行泵检查,检查项目有___。
A. 电流
B. 出口压力
C. 泵及电机的声响
D. 是否有泄漏
【多选题】
冷泵启动后要检查的项目有___。
A. 电机电流
B. 出口流量、压力
C. 轴承温度
D. 密封情况
【多选题】
低温泵操作时,下列说法正确的是___。
A. 冷泵不宜长时间空转,以避免转子受热不均匀而弯曲
B. 低温泵冬天不须防冻
C. 泵启动后,泵出口阀长时间不打开,会造成泵内液体气化而不上量
D. 停泵时,因泵出口有止回阀,出口阀可以不关
【多选题】
精馏塔的塔压控制方法有___。
A. 塔顶气相送出量
B. 塔顶冷凝器的冷剂液面
C. 塔顶冷剂的量
D. 塔顶气体排放火炬
【多选题】
降低精馏塔的操作压力,可以使___。
A. 相对挥发度增大
B. 分离效果变好
C. 处理能力提高
D. 处理能力降低
【多选题】
脱丁烷塔再沸器出现___下列现象时,可以切出清理。
A. 塔釜温度与挥发性温度之差呈上升趋势
B. 再沸器传热阻力增大,热源流量大,而加热量还不足
C. 灵敏板温度偏低
D. 釜温偏低
【多选题】
脱丁烷塔再沸器切换前注意事项有___。
A. 确认流程正确,各阀位正确
B. 系统气密、氮气置换合格
C. 放空、导淋关闭
D. 备用台预热合格
【多选题】
氢气干燥器备用速度过快,受影响较大的是___。
A. 碳二反应系统
B. 碳三反应系统
C. 氢气外送系统
D. 甲烷化反应系统
【多选题】
提高换热器传热速率的途径有___。
A. 增大传热面积
B. 提高冷热流体的平均温差
C. 提高传热系数
D. 不确定
【多选题】
对于离心泵而言,改变___可以提高该泵的扬程。
A. 泵的额定转速
B. 叶轮直径
C. 输送流体密度
D. 改变叶片的弯曲程度
【多选题】
往复泵调节流量的方法有___。
A. 调节入口阀的开度
B. 调节出口阀的开度
C. 调节旁路阀的开度
D. 调节泵的冲程
【多选题】
碳二加氢辅助干燥器充压速度过快,波动较大的是___。
A. 碳三加氢反应器
B. 高压脱丙烷塔回流罐液位
C. 低压脱丙烷塔
D. 碳二加氢反应器
【多选题】
低温离心泵开车前入口阀出口阀的状态是。___
A. 入口阀开
B. 入口阀关
C. 出口阀微开
D. 出口阀关
【多选题】
离心泵启动后,应注意检查___等。
A. 电流表电流
B. 泵的转向
C. 泵出口压力
D. 泵体泄漏情况
【多选题】
安全阀按照气体排放方式分类,可分为___。
A. 封闭式
B. 半封闭式
C. 敞开式
D. 微启式
【多选题】
安全阀按气体排放方式可分为__、__和__三种。___
A. 封闭式
B. 半封闭式
C. 敞开式
D. 单封闭式
【多选题】
安全阀的选用类型主要是以___来确定的。
A. 排泄量
B. 排气能力
C. 喷嘴面积
D. 工艺介质
【多选题】
离心泵的完好标准有___。
A. 运行正常,效能良好
B. 内部机件无损,质量符合要求
C. 主体整洁,零附件齐全好用
D. 技术资料齐全准确
【多选题】
离心泵的完好标准中明确规定:离心泵的技术资料中应包括___。
A. 配管图
B. 易损配件图
C. 工艺流程图
D. 设备结构图
【多选题】
一台完好的精馏塔,必须具备的条件有___。
A. 压降、液面等指示准确灵敏、调节灵活,但在允许范围内有所波动
B. 各部紧固件齐整牢固,符合抗震要求
C. 消防线、放空线、紧急放空线等安全设施齐全畅通
D. 塔体和构件无任何腐蚀
【多选题】
反应器设置超温联锁的意义有___。
A. 避免反应器的操作进入危险区
B. 防止超温而发生事故
C. 防止超压
D. 防止产品污染
【多选题】
换热器发生内漏的判断方法是___。
A. 看低压侧的压力是否明显升高
B. 看低压侧的温度变化是否明显
C. 分析低压侧的组成
D. 观察换热效果
【多选题】
化工设备的防腐措施通常有___。
A. 选用合适的耐腐蚀材料
B. 表面保护涂层
C. 电化学保护
D. 添加缓蚀剂
【多选题】
金属的防腐与下列___因素有关。
A. 设备结构设计
B. 表面加工质量
C. 设备的工作情况
D. 净化工作介质
【多选题】
对设备腐蚀的防腐处理一般包括___。
A. 腐蚀介质的脱除
B. 使用中和剂
C. 使用缓蚀剂
D. 使用抗垢剂
【多选题】
与空气接触的管道外部应采用___进行防腐。
A. 绝热层
B. 阴极保护
C. 涂刷涂料
D. 油漆
【多选题】
下列各选项中,___属于往复泵试车前的准备工作。
A. 检查检修记录
B. 检查润滑油系统
C. 检查顶针和单向阀应无卡、漏现象
D. 检查零附件应齐全好用
【多选题】
下列属于管壳式换热器检修内容的选项是___。
A. 抽芯
B. 更换管束或壳体
C. 壳体保温修补及防腐
D. 清扫管束
【多选题】
关于塔类设备的日常维护,下列说法正确的是___。
A. 塔器操作中允许超温但不能超压
B. 定时检查受压元件
C. 定时检查人孔、阀门和法兰等密封点的泄漏
D. 定时检查安全附件,应灵活可靠
【多选题】
膨胀压缩机正常运行时应检查___。
A. 油箱液位
B. 油过滤器压差
C. 轴承温度
D. 冷却水是否畅通
【多选题】
膨胀压缩机正常运行时应检查___。
A. 转速
B. 油箱液位
C. 密封气温度
D. 油气压差
【多选题】
膨胀机油路系统正常应检查___。
A. 油箱液位
B. 油冷器出口温度
C. 油冷器压差
D. 油泵出口压力
【多选题】
关于设备的防静电措施,下列选项正确的是___。
A. 静电接地
B. 输送易燃易爆液体,管内壁要光滑
C. 输送易燃易爆液体要控制流速
D. 易燃易爆液体进料采用顶部喷入
【多选题】
离心泵气缚的原因可能是___。
A. 开泵前泵内没有充满液体
B. 泵体不密封而漏入空气
C. 泵出口憋压
D. 泵安装不正确
【多选题】
离心泵气缚的现象有___。
A. 电机电流低
B. 泵出口压力低
C. 泵入口压力低
D. 泵发出噪声
【多选题】
下列属于离心泵汽蚀的原因的有___。
A. 吸入口压力太低
B. 吸入口温度太高
C. 泵安装高度太高
D. 泵机械密封漏
【多选题】
离心泵发生汽蚀时的现象有___。
A. 泵体振动
B. 发出噪声
C. 泵流量下降
D. 泵出口压力下降
【多选题】
脱甲烷塔灵敏板温度低的原因有___。
A. 塔釜再沸器加热量不足
B. 进再沸器的裂解气温度过低
C. 塔釜重组分多导致加热不良.
D. 塔釜液面高
【多选题】
关于干燥器出口水分不合格的原因,下列说法正确的是___。
A. 再生时间过短
B. 入口温度过高
C. 运行时间过长
D. 干燥剂粉碎或中毒
