【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
【单选题】
1.三相刀开关的图形符号与交流接触器的主触点符号是___。
A. 一样的
B. 可以互换
C. 有区别的
D. 没有区别
【单选题】
5.熔断器的作用是___。
A. 短路保护
B. 过载保护
C. 失压保护
D. 零压保护
【单选题】
6.热继电器的作用是___。
A. 短路保护
B. 过载保护
C. 失压保护
D. 零压保护
【单选题】
7.交流接触器的作用是可以___接通和断开负载。
【单选题】
8.三相异步电动机的启停控制线路由电源开关、熔断器、___、热继电器、按钮等组成。
A. 时间继电器
B. 速度继电器
C. 交流接触器
D. 漏电保护器
【单选题】
9.三相异步电动机的启停控制线路中需要有___、过载保护和失压保护功能。
A. 短路保护
B. 超速保护
C. 失磁保护
D. 零速保护
【单选题】
10维修电工以___、安装接线图和平面布置图最为重要。
A. 电气原理图
B. 电气设备图
C. 电气安装图
D. 电气组装图
【单选题】
11.熔断器的额定电压应___线路的工作电压。
A. 远大于
B. 不等于
C. 小于等于
D. 大于等于
推荐试题
【单选题】
旋塞阀在使用过程中,每___关活动旋塞1次。
【单选题】
完井井口装置是油井完井后,控制和调节油、气井生产的主要设备,由采油树、___、油管头组成。
A. 油层套管
B. 技术套管
C. 套管头
D. 油管挂
【单选题】
采油树在使用前,都必须进行___试验,试验压力等于被试验的最大工作压力。
A. 液压密封
B. 强度密封
C. 高压密封
D. 低压密封
【单选题】
采气树套管闸阀、总闸阀都___配置,一个工作一个备用。
【单选题】
KQS60/65中KQS表示___。
A. 采油树
B. 热采井口
C. 采气树
D. 注水井口
【单选题】
完井井口装置的中间部分称___。
A. 采油树
B. 四通
C. 套管头
D. 油管头
【单选题】
___是油井完井后,油、气井最上部控制和调节油、气井生产的主要设备。
A. 井口装置
B. 完井井口装置
C. 防喷装置
D. 采油树
【单选题】
套管头是套管与井口装置之间的重要连接件,它的下端与___连接。
A. 完井井口装置
B. 表层套管
C. 四通
D. 钻井井口装置
【单选题】
套管头的工作压力与防喷器的工作压力应___。
A. 大一级别
B. 小一级别
C. 一致
D. 无要求
【单选题】
下列___不是套管头的作用。
A. 悬挂各层套管的重量
B. 支撑套管头以上防喷器
C. 支撑套管头以上防喷器
D. 防喷管线的接口
【单选题】
关于油管头四通下列正确的是___。
A. 内部通道不垂直
B. 没有节流压井的通道
C. 内部通道不垂直提供节流压井的通道
D. 内部通道垂直提供节流压井的通道
【单选题】
按采油树___形式分为:分体式、整体式。
A. 用途
B. 结构
C. 油管挂连接管串的数量
D. 原理
【单选题】
下列___是采油(气)井口(KQ78/65-70带安全阀采气树)的结构之一。
A. 节流管汇
B. 平板阀
C. 放喷管线
D. 压井管汇
【单选题】
___与最上一层套管头连接,主要用来悬挂油管、安装采油树,同时和油管挂一起形成密封,防止油管内外串通,形成油管内外通道。(KQ78/65-70带安全阀采气树)
A. 钻井四通
B. 压井管汇
C. 油管头
D. 压井管汇
【单选题】
___主要作用是:悬挂井内管柱;与油管头一起形成密封后,构成油管内通径与上部采油树的通道和油管外与套管之间的环空通道。
A. 钻井四通
B. 油管头四通
C. 套管头
D. 油管挂
【单选题】
___与油管头一起形成密封后,构成油管内通径与上部采油树的通道和油管外与套管之间的环空通道。
A. 油管挂
B. 油管头四通
C. 套管头
D. 钻井四通
【单选题】
___安装在油管头以上由油管帽、手动平板阀、安全阀、三通或四通、节流阀、压力表等部件构成的井口管汇系统。(KQ78/65-70)
A. 油管挂
B. 油管头四通
C. 套管头
D. (上部)采油树
【单选题】
能在紧急情况下自动关闭的平板阀,通常称为___。(KQ78/65-70带安全阀采气树)
A. 节流阀
B. 手动平板阀
C. 液动平板阀
D. 安全阀
【单选题】
下列___属于采油树的附件。
A. 油管头
B. 油嘴
C. 筒式形节流阀
D. 孔板式节流阀
【单选题】
下列___属于采油树的附件。
A. 油管头
B. 压力表
C. 筒式形节流阀
D. 孔板式节流阀
【单选题】
采油树的附件配套时,应选用合适量程的压力表,压力表应___安装。
【单选题】
自封封井器在井下作业修井过程中的主要作用是___。
A. 防止井喷失控
B. 密封油管和套管环形空间
C. 承受井内高压
D. 控制油井产能
【单选题】
抽油杆自封是利用油管压力与___之差,挤压自封胶芯,封死油管和抽油杆之间的环形通道,实现井口密封。
A. 液柱压力
B. 地层压力
C. 套管压力
D. 大气压力
【单选题】
现场使用的液面报警仪属于___。
A. 井口装置
B. 防喷装置
C. 井控装置
D. 节流管汇
【单选题】
不压井、不放喷井口装置的油管密封部分是靠___工作筒来完成的。
A. 环形防喷器
B. 旋塞
C. 堵塞器
D. 回压阀
【单选题】
套管头额定工作压力应当___最大预计井口压力
A. 小于
B. 等于或大于
C. 小于或等于
D. 2倍
【单选题】
___是在抽油杆下泵作业时,在井下密封油管通道,保证下泵作业顺利完成的井下工具。
A. 活堵
B. 堵塞器
C. 工作筒
D. 抽油杆自封
【单选题】
在___安装液面传感器探测液面变化信号。
A. 井口
B. 震动筛
C. 修井液罐上
D. 修井液槽
【单选题】
当溢流或井漏发生时,自动灌注修井液装置可以发出___报警信号。
A. 汽笛与声响
B. 声响与灯光
C. 语音与灯光
D. 汽笛与震动
【单选题】
___其作用是控制和调节油井的产出量。
A. 油管头
B. 油嘴
C. 筒式形节流阀
D. 孔板式节流阀
【单选题】
井喷发生后,常用井口安装的控制设备是___。
A. 防喷器
B. 单流阀
C. 放喷单根
D. 远程控制台
【单选题】
井下作业管柱内防喷工具有___。
A. 放喷管线
B. 平板阀
C. 节流阀
D. 旋塞阀
【单选题】
井喷突发事件应急管理是一个过程,包括预防、预备、响应和___四个阶段。
A. 培训
B. 恢复
C. 保护地层
D. 迅速关井
【单选题】
井下作业应急救援总的原则是救死扶伤,以抢救人员生命为第一位,做到先___。
A. 抢救人员、生产设施,后保护环境
B. 抢救生产设施、抢救人员,后保护环境
C. 抢救人员、保护环境,后抢救生产设施
D. 抢救生产设施、保护环境,后抢救人员
【单选题】
编制应急预案的目的是:一旦发生事故后控制危险源,避免事故扩大,可能的情况下予以消除。尽可能减少事故造成的___和财产损失。
A. 环境
B. 设备
C. 人员
D. 社会危害
【单选题】
应急演练检查的内容:在事故期间通讯系统是否运行,人员是否能___,应急服务机构能否及时参与事故运作,能否有效控制事故进一步扩大。
A. 设备完好
B. 环境保护
C. 安全撤离
D. 财产损失
【多选题】
简易防喷工具主要由:提升短节、旋塞阀、转换接头、___等组成。
A. 油管悬挂器
B. 油管异径接头
C. 安全阀
D. 分瓣捞矛
