【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
【单选题】
1.三相刀开关的图形符号与交流接触器的主触点符号是___。
A. 一样的
B. 可以互换
C. 有区别的
D. 没有区别
【单选题】
5.熔断器的作用是___。
A. 短路保护
B. 过载保护
C. 失压保护
D. 零压保护
推荐试题
【单选题】
小明是护理学院为数不多的男生之一,面对其他专业学生的不理解及议论,他索性不理会他们,努力学习,在大学科研设计活动中获奖,受到其他专业学生的羨慕,此行为属于哪种心理防御机制?___
【单选题】
下列哪一项是非技术性的护患关系中最主要的内容?___
A. 道德关系
B. 利益关系
C. 法律关系
D. 文化关系
【单选题】
应对机制是一种先天或后天获得的对变化的环境做出反应的方法,其中以问题为中心的应对,还有哪一种应对?___
A. 以教育为中心的应对
B. 以感觉为中心的应对
C. 以情境为中心的应对
D. 以预防为中心的应对
【单选题】
下列哪项不是沟通的基本因素___
A. 信息的发现者和接受者
B. 信息的內容
C. 沟通的背景
D. 沟通的方式
【单选题】
李某,男,23岁,大学生。大学毕业初次到美国留学,当地不同的风俗习惯、社会价值观对其产生的心理刺激属于以下哪种压力源?___
A. 躯体性
B. 心理性
C. 社会性
D. 文化性
【单选题】
指人际交往过程中对一个人的某种人格特征形成印象后,依次来推测此人其他方面的特征是指___
A. 首因效应
B. 近因效应
C. 晕轮效应
D. 投射效应
【单选题】
按照爱德华、霍尔的空间距离分类,人际沟通中亲密距离一般是指___
A. 15cm
B. 30cm
C. 50cm
D. 1.2m
【单选题】
肺炎时可减轻胸痛的最常用体位是
A. 患侧卧位
B. 仰卧位
C. 坐位
D. 健侧卧位
E. 俯卧位
【单选题】
慢性支气管炎的体征,下列各项中不正确的是
A. 早期无异常体征
B. 急性期常有散在干湿罗音
C. 罗音易变,多变
D. 异常支气管呼吸音
E. 可有哮喘音及呼气相延长
【单选题】
下列哪种血气分析变化符合I型呼吸衰竭?
A. PaO2 55mmHg, PaCO2 50mmHg
B. PaO2 65mmHg, PaCO2 40mmHg
C. PaO2 50mmHg, PaCO2 40mmHg
D. PaO2 70mmHg, PaCO2 35mmHg
E. PaO2 80mmHg, PaCO2 55mmHg
【单选题】
临床上对于II型呼衰的病人,应采取低浓度,持续吸氧,其氧浓度应为
A. <20~25%
B. <30~35%
C. <40~45%
D. <50~55%
E. >50%
【单选题】
女,75岁,常于夜间发作哮喘,伴频繁咳嗽,咳泡沫痰,有时带血性,双肺底闻湿罗音。下列哪种疾病可能性大?
A. 支气管哮喘
B. 心源性哮喘
C. 喘息性支气管炎
D. 肺癌
E. 过敏性肺炎
【单选题】
在下列支气管疾病中,最常并发咯血的是:___
A. 良性支气管瘤
B. 支气管内异物
C. 支气管扩张
D. 慢性支气管炎
E. 支气管哮喘
【单选题】
某支扩患者,突然出现喷射性大咯血,继而突然中断,表情恐怖。大汗淋漓,其首要护理措施是___
A. 立即半卧位
B. 加压给氧
C. 立即气管插管
D. 保持呼吸道通畅,清除血块
E. 人工呼吸
【单选题】
心绞痛发作时,心电图的改变最常见于___
A. P波高尖
B. 异常Q波
C. ST段水平压低于0.1mv以上
D. 完全性右束枝传导阻滞
E. P—R间期延长
【单选题】
风心病心衰用洋地黄及利尿剂治疗,出现恶心、食欲不振,心电图为室性早搏二联律、首先考虑为___
A. 心衰加重
B. 低钾
C. 洋地黄中毒
D. 风湿活跃
E. 洋地黄剂量不足
【单选题】
心绞痛发作时,最有效、作用最快、使用最简便的药物是___
A. 阿司匹林
B. 阿替洛尔(氨酰心安)
C. 硝苯地平(心痛定)
D. 硝酸甘油舌下含化
E. 速效救心丸
【单选题】
目前,缩窄性心包炎最常见的病因是___
A. 化脓性
B. 肿瘤性
C. 非特异性
D. 结核性
E. 病毒性
【单选题】
慢性充血性心力衰竭最常见的诱因是___
A. 严重的各种心律失常
B. 妊娠与分娩
C. 过劳和情绪激动
D. 输液过量
E. 各种感染
【单选题】
消化性溃疡主要的临床症状是___
A. 缓脉、多汗
B. 恶心、呕吐
C. 流涎
D. 嗳气,返酸
E. 节律性上腹部疼痛
【单选题】
危及肝硬化者生命的征象是___
A. 腹水
B. 呕血
C. 腹胀
D. 黄疸
E. 少尿
【单选题】
肝硬化门脉高压最具特征性的体征是___
A. 蜘蛛痣
B. 食道静脉曲张
C. 水肿
D. 痔核形成
E. 肝左叶肿大
【单选题】
上消化道出血,可表现为呕血和黑便,主要取决于___
A. 出血的速度和出血量
B. 凝血机制
C. 出血部位
D. 患者的体位
E. 胃肠蠕动情况
【单选题】
肝昏迷的病人,最早出现的症状为
A. 意识模糊
B. 行为异常欣快
C. 扑翼样震颤
D. 简单计数错误
E. 肝臭
【单选题】
慢性肾盂肾炎的临床表现,下列错误的是___
A. 尿沉渣中可见到成团的白细胞
B. 急性期,中段尿定量G细菌培养数可超过10万/ml
C. 尿浓缩功能减退
D. 反复发作不易治愈
E. 不会发展成高血压
【单选题】
下列哪项是诊断急性肾功能衰竭最可靠指标___
A. 高血钾症
B. 少尿
C. 尿钠>20mmol/L
D. 血尿素氮增高
E. 血肌酐增高
【单选题】
急性胰腺炎患者,上腹剧痛伴呕吐,发热,体查:上腹压痛明显伴反跳痛,此时的饮食护理为___
A. 低脂、适量蛋白、易消化流质
B. 低盐、高蛋白、适量脂肪流质
C. 高糖、低脂流质
D. 胃肠外静脉营养
E. 高生物效价低蛋白流质
【单选题】
46岁女性患者,因夜尿增多半年,恶心、呕吐2个月入院,查:BP160/90mmHg,重度贫血貌,双肺呼吸音粗;未闻干湿罗音,心界扩大,心率80次/分。律齐,双肾区无叩痛,双下肢轻度浮肿。尿常规尿蛋白(++),尿糖(-),E4A Na+142mmol/L,K+5.6mmol/L,CO2CP12.6mmol/L,ANA(-)。该病人最可能是患有___
A. 急性肾炎
B. 急性肾炎、急性肾功能不全
C. 慢性肾炎、慢性肾功能不全
D. 慢性肾炎急性发作
E. 急进型肾炎
【单选题】
原发性肾病综合征用强的松治疗原则不包括___
A. 足量
B. 撒药缓脉
C. 维持时间要长
D. 必要时加用免疫抑制剂
E. 抗生素预防感染
【单选题】
急性粒细胞白血病表现为___
A. 奥氏小体(Auch)阳性+胸骨触痛
B. 发热+全血细胞减少
C. 肝脾肿大+淋巴结肿大
D. 皮肤瘀斑+血小板减少
E. 面色苍白+RBC中心浅染
【单选题】
Ph*染色体最常见于哪种疾病___
A. 急性粒细胞性白血病
B. 急性淋巴细胞性白血病
C. 慢性粒细胞白血病
D. 慢性淋巴细胞白血病
E. 骨髓纤维化
【单选题】
缺铁性贫血患者服用铁剂后,血象先表现为___
A. 血红蛋白先上升
B. 网织红细胞先上升
C. 血红蛋白与网织红细胞同时上升
D. 出现幼稚红细胞
E. 出现幼稚粒细胞
【单选题】
急性再障感染较多见的部位不包括___
A. 皮肤
B. 口腔
C. 咽部
D. 肺部
E. 肛周
【单选题】
某男,25岁,因呕吐一周,昏迷2小时入院,查T38℃,BP80/50mmHg,R28次/分,P110次/分,全身皮肤干燥、眼眶凹陷,双肺呼吸音清晰,HR110次/分,律齐,无杂音。血糖20.8mmol/L,下一步最重要的检查是___
A. 尿、粪常规
B. 血常规
C. 尿酮
D. 血胰岛素
E. 血钠
【单选题】
下列哪种激素由垂体合成___
A. ADH
B. CRF
C. LRH
D. ACTH
E. SS
【单选题】
甲亢眼征不包括___
A. 眼球突出
B. 瞳孔缩小
C. 睑裂增亮
D. 眼球辐辏不良
E. 瞬目减少
【单选题】
Ⅱ型糖尿病的特点是___
A. 中老年多见,从不发生酮症
B. 常以慢性并发症为首发症状
C. 30岁前发病者症状严重
D. 胰岛功能正常
E. 病人不需使用胰岛素
【单选题】
下列除哪顶外多为风湿性疾病的共同点?___
A. 长期不规则发热
B. 多器官受累
C. 关节畸形
D. 免疫球蛋白增高
E. 血沉加快
【单选题】
40岁女性,两侧近端指关节及足关节酸痛三年,加重发热半月,查:指关节呈梭型,肘关节鹰咀突处可触及一米粒大小结节,坚硬,脾肋下1指,Hb90g/L,ESR45mm/h,WBC8.1×10*9/L,ANA(-),ASD效价正常,X线示关节周围软组织肿胀,关节腔变窄,下列护理措施不正常的是___
A. 关节保持伸直位
B. 疼痛关节冷敷
C. 注意关节功能变化
D. 观察有无皮肤溃疡
E. 足底放护足板防止垂足
【单选题】
某男,33岁,昏睡路边被他人发现送医院,查深昏迷,呼吸有轻度大蒜味,疑有机磷中毒,下列何项对诊断最有帮助?
A. 瞳孔缩小
B. 大小便
失禁
C. 肌肉抽动
D. 呕吐物有大蒜味
E. 全血胆硷酯酶活力降低
