【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
【单选题】
1.三相刀开关的图形符号与交流接触器的主触点符号是___。
A. 一样的
B. 可以互换
C. 有区别的
D. 没有区别
推荐试题
【单选题】
《关于实行党风廉政建设责任制的规定》规定,受到责任追究的领导班子、领导干部,取消当年年度考核评优和评选各类先进的资格。___
【单选题】
《关于实行党风廉政建设责任制的规定》规定,同时受到党纪政纪处分和组织处理的领导干部,按影响期较长的执行。___
【单选题】
党委(党组)、政府以及党委和政府的职能部门的领导班子对职责范围内的党风廉政建设负直接领导责任。___
【单选题】
党风廉政建设责任制是指我们党和政府的各级领导班子、领导干部抓党风廉政建设的一种责、权、利相结合的管理制度。___
【单选题】
《关于实行党政领导干部问责的暂行规定》规定,受到问责的党政领导干部涉嫌犯罪的,问责决定机关可依法处理。___
【单选题】
《关于实行党政领导干部问责的暂行规定》规定,对引咎辞职、责令辞职、免职的党政领导干部,可以根据工作需要以及本人一贯表现、特长等情况,由党委(党组)、政府按照干部管理权限酌情安排适当岗位。___
【单选题】
《关于实行党政领导干部问责的暂行规定》规定,党政领导干部违反干部选拔任用工作有关规定,导致用人失察、失误,造成恶劣影响的,要对其实行问责。___
【单选题】
《关于实行党政领导干部问责的暂行规定》规定,应当被问责的党政领导干部在被调查过程中,积极配合并主动承担责任的,可以从轻问责。___
【单选题】
对县级以上党委、政府直属事业单位以及国有企业、国有金融企业领导人员实行问责,参照执行《关于实行党政领导干部问责的暂行规定》。___
【单选题】
《关于实行党政领导干部问责的暂行规定》规定,作出问责决定前,应当听取被问责的党政领导干部的陈述和申辩,并且记录在案;对其合理意见,应当予以采纳。___
【单选题】
《关于实行党政领导干部问责的暂行规定》规定,政府职能部门管理、监督不力,在其职责范围内发生特别重大事故、事件、案件,或者在较短时间内连续发生重大事故、事件、案件,造成重大损失或者恶劣影响的,对党政领导干部实行问责。___
【单选题】
《关于实行党政领导干部问责的暂行规定》规定,本地区、本部门、本系统或者本单位在贯彻落实党风廉政建设责任制方面出现问题的,按照《关于实行党风廉政建设责任制的规定》,追究党政领导干部的责任。___
【单选题】
在领导班子决策“三重一大”事项的会议上,班子成员应对决策建议逐个明确表示同意、不同意或者缓议的意见,并说明理由。主要领导或会议主持人应在其他班子成员充分发表意见的基础上,最后发表意见。___
【单选题】
在“三重一大”事项决策过程中,对讨论中意见分歧较大或发现有重大问题尚不清楚的,除在紧急情况下按多数意见执行外,应暂缓决策,待进一步调查研究后再作决策。___
【单选题】
参与决策的个人对集体决策有不同意见,可以保留或者向上级反映,在没有作出新的决策前,可以拒绝执行。___
【单选题】
国有企业党委(党组)书记、董事长、未设董事会的总经理(总裁)为本企业实施贯彻落实“三重一大”决策制度的主要责任人。___
【单选题】
“三重一大”决策制度的执行情况,应当作为巡视、党风廉政建设责任制考核的重要内容和企业领导人员经济责任审计的重点事项。___
【单选题】
按照国资监管相关规定,应当由区委、区政府、区国资委决定的重大事项,区管国有企业应集体讨论,提出初步意见后报批,不得直接作出决策。___
【单选题】
《中国共产党廉洁自律准则》是高标准,主要是针对党员领导干部而言的。___
【单选题】
《中国共产党廉洁自律准则》要求全体党员,要廉洁齐家,自觉带头树立良好家风。___
【单选题】
《中国共产党廉洁自律准则》要求全体党员,要坚持吃苦在前,享受在后,甘于奉献。___
【单选题】
《中国共产党廉洁自律准则》规定,廉洁齐家,自觉带头树立良好家风,这是对党员领导干部的要求。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员不得将企业经济往来中的折扣费、中介费、佣金、礼金,以及因企业行为受到有关部门和单位奖励的财物等据为己有或者私分。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员不得利用职权为配偶、子女及其他特定关系人从事营利性经营活动提供便利条件。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员可以利用职权相互为对方及其配偶、子女和其他特定关系人从事营利性经营活动提供便利条件。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员不得用公款旅游或者变相旅游。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员不得从事有悖社会公德的活动。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员构成犯罪被判处刑罚的,终身不得担任国有企业的领导职务。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员不得在特定关系人经营的场所进行职务消费。___
【单选题】
《国有企业领导人员廉洁从业若干规定》中所称特定关系人,是指与国有企业领导人员有近亲属以及其他共同利益关系的人。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员即使离职后也不得接受管理和服务对象提供的物质性利益。___
【单选题】
《国有企业领导人员廉洁从业若干规定》规定,国有企业领导人员经批准可以在其他企业中兼职,但不能擅自领取薪酬。___
【单选题】
会议活动要严格执行有关规定,厉行节约,反对铺张浪费。严禁组织高消费娱乐、健身活动,严禁在风景名胜区或度假村等地方组织会议活动,严禁组织与会议主题无关的活动,严禁以任何名义发放纪念品和礼品。___
【单选题】
《关于领导干部报告个人有关事项的规定》规定,报告人未按时报告的,有关纪检监察部门应当督促其报告。___
【单选题】
《关于领导干部报告个人有关事项的规定》规定,副调研员以上非领导职务的干部和已退出现职、但尚未办理退(离)休手续的干部报告个人有关事项,不适用本规定。___
【单选题】
《关于领导干部报告个人有关事项的规定》规定,领导干部辞去公职的,在提出辞职申请时,应当一并报告个人有关事项。___
【单选题】
《关于领导干部报告个人有关事项的规定》规定,领导干部因私随旅行社出国旅游的属于填报内容。___
【单选题】
《关于新形势下党内政治生活的若干准则》规定,要建立容错纠错机制,宽容干部在工作中特别是改革创新中的失误。___
【单选题】
批评和自我批评是我们党强身治病、保持肌体健康的锐利武器,也是加强和规范党内政治生活的重要手段。___
【单选题】
领导干部特别是高级干部必须注重家庭、家教、家风,教育管理好亲属和身边工作人员。___
