相关试题
【单选题】
关于 PPP 协议下列说法正确的是:___。
A. PPP 协议是物理层协议
B. PPP 协议是在 HDLC 协议的基础上发展起来的
C. PPP 协议支持的物理层可以是同步电路或异步电路
D. PPP 主要由两类协议组成:链路控制协议族 CLCP)和网络安全方面的验证协议族(PAP
【单选题】
接口被绑定在 2 层的 zone,这个接口的接口模式是___。
A. NAT mode
B. Route mode
C. -Transparent mode
D. NAT 或 Route mode
【单选题】
接入控制方面,路由器对于接口的要求包括:___。
A. 串口接入
B. 局域网方式接入
C. Internet 方式接入
D. VPN 接入
【单选题】
局域网络标准对应 OSI 模型的哪几层?___。
A. 上三层
B. 只对应网络层
C. 下三层
D. 只对应物理层
【单选题】
拒绝服务不包括以下哪一项?___。
A. DDoS
B. 畸形报文攻击
C. Land 攻击
D. ARP 攻击
【单选题】
抗 DDoS 防护设备提供的基本安全防护功能不包括___。
A. 对主机系统漏洞的补丁升级
B. 检测 DDoS 攻击
C. DDoS 攻击警告
D. DDoS 攻击防护
【单选题】
路由器产品提供完备的安全架构以及相应的安全模块,在软、硬件层面设置重重过滤保护路由器业务安全。其中不对的说法是:___。--》缺少 D 选项
A. 路由器产品支持 URPF,可以过滤大多数虚假 IP 泛洪攻击
B. 路由器产品支持
C. AR 功能,可以有效限制泛洪攻击
【单选题】
路由器对于接入权限控制,包括:___。
A. 根据用户账号划分使用权限
B. 根据用户接口划分使用权限
C. 禁止使用匿名账号
D. 以上都是
【单选题】
路由器启动时默认开启了一些服务,有些服务在当前局点里并没有作用,对于这些服务:___。缺少 D 选项
A. 就让他开着,也耗费不了多少资源
B. 就让他开着,不会有业务去访问
C. 必须关闭,防止可能的安全隐患
D. 缺
【单选题】
设置 Cisco 设备的管理员账号时,应___。
A. 多人共用一个账号
B. 多人共用多个账号
C. 一人对应单独账号
D. 一人对应多个账号
【单选题】
什么命令关闭路由器的 finger 服务?___
A. disable finger
B. no finger
C. no finger service
D. no service finger
【单选题】
什么是 IDS?___
A. 入侵检测系统
B. 入侵防御系统
C. 网络审计系统
D. 主机扫描系统
【单选题】
实现资源内的细粒度授权,边界权限定义为:___。
【单选题】
使网络服务器中充斥着大量要求回复的信息,消息带宽,导致网络或系统停止正常服务,这属于什么攻击类型?___
A. 拒绝服务
B. 文件共享
C. BIND 漏洞
D. 远程过程调用
【单选题】
使用 TCP 79 端口的服务是:___。
A. telnet
B. SSH
C. Web
D. Finger
【单选题】
使用一对一或者多对多方式的 NAT 转换,当所有外部 IP 地址均被使用后,后续的内网用户如需上网,NAT 转换设备会执行什么样的动作?___
A. 挤掉前一个用户,强制进行 NAT 转换
B. 直接进行路由转发
C. 不做 NAT 转换
D. 将报文转移到其他 NAT 转换设备进行地址转换
【单选题】
私网地址用于配置本地网络、下列地址中属于私网地址的是?___
A. 100.0.0.0
B. 172.15.0.0
C. 192.168.0.0
D. 244.0.0.0
【单选题】
随着安全要求的提高、技术的演进,应逐步实现物理隔离,或者通过采用相当于溃,请问这种攻击属于何种攻击?___
A. 拒绝服务(DoS)攻击
B. 扫描窥探攻击
C. 系统漏洞攻击
D. 畸形报文攻击
【单选题】
通信领域一般要求 3 面隔离,即转发面、控制面、用户面实现物理隔离,或者是逻辑隔离,主要目的是在某一面受到攻击的时候,不能影响其他面。路由器的安全架构在实现上就支持:___
A. 转发面和控制面物理隔离
B. 控制面和用户面逻辑隔离
C. 转发面和用户面逻辑隔离
D. 以上都支持
【单选题】
网管人员常用的各种网络工具包括 telnet、ftp、ssh 等,分别使用的 TCP 端口号是___。
A. 21、22、23
B. 23、21、22
C. 23、22、21
D. 21、23、22
【单选题】
网络安全工作的目标包括:___。
A. 信息机密性
B. 信息完整性
C. 服务可用性
D. 以上都是
【单选题】
网络安全在多网合一时代的脆弱性体现在___。
A. 网络的脆弱性
B. 软件的脆弱性
C. 管理的脆弱性
D. 应用的脆弱性
【单选题】
应限制 Juniper 路由器的 SSH___,以防护通过 SSH 端口的 DoS 攻击。
A. 并发连接数和 1 分钟内的尝试连接数
B. 并发连接数
C. 1 分钟内的尝试连接数
D. 并发连接数和 3 分钟内的尝试连接数
【单选题】
应用网关防火墙的逻辑位置处在 OSI 中的哪一层?___
A. 传输层
B. 链路层
C. 应用层
D. 物理层
【单选题】
应用网关防火墙在物理形式上表现为?___
A. 网关
B. 堡垒主机
C. 路由
D. 交换机
【单选题】
用来追踪 DDoS 流量的命令式:___
A. ip source-route
B. ip cef
C. ip source-track
D. ip finger
【单选题】
用于保护整个网络 IPS 系统通常不会部署在什么位置?___
A. 网络边界
B. 网络核心
C. 边界防火墙内
D. 业务终端上
【单选题】
用于实现交换机端口镜像的交换机功能是:___
A. PERMIT LIST
B. PVLAN
C. VTP
D. SPAN
【单选题】
有关 L2TP(Layer 2 Tunneling Protocol)协议说法有误的是___。
A. L2TP 是由 PPTV 协议和 Cisco 公司的 L2F 组合而成
B. L2TP 可用于基于 Internet 的远程拨号访问
C. 为 PPP 协议的客户建立拨号连接的 VPN 连接
D. L2TP 只能通过 TCP/IP 连接
【单选题】
有关 PPTP(Point-to-Point Tunnel Protocol)说法正确的是___。
A. PPTP 是 Netscape 提出的
B. 微软从 NT3.5 以后对 PPTP 开始支持
C. PPTP 可用在微软的路由和远程访问服务上
D. 它是传输层上的协议
【单选题】
有一些应用,如微软 Out look 或 MSN。它们的外观会在转化为基于 Web 界面的过程中丢失,此时要用到以下哪项技术:___
A. Web 代理
B. 端口转发
C. 文件共享
D. 网络扩展
【单选题】
预防信息篡改的主要方法不包括以下哪一项?___
A. 使用 VPN 技术
B. 明文加密
C. 数据摘要
D. 数字签名
【单选题】
源 IP 为 100.1.1.1,目的 IP 为 100.1.1.255,这个报文属于什么攻击?(假设该网域名服务系统(DNS)的功能是___。
A. 完成域名和 IP 地址之间的转换
B. 完成域名和网卡地址之间的转换
C. 完成主机名和 IP 地址之间的转换
D. 完成域名和电子邮件地址之间的转换
【单选题】
在 AH 安全协议隧道模式中,新 IP 头内哪个字段无需进行数据完整性校验?___
A. TTL
B. 源 IP 地址
C. 目的 IP 地址
D. 源 IP 地址+目的 IP 地址
【单选题】
在 C/S 环境中,以下哪个是建立一个完整 TCP 连接的正确顺序?___
A. SYN,SYN/ACK,ACK
B. Passive Open,Active Open,ACK,ACK
C. SYN,ACK/SYN,ACK
D. Active Open/Passive Open,ACK,ACK
【单选题】
在 L2TP 应用场景中,用户的私有地址分配是由以下哪个组建完成?___
A. LAC
B. LNS
C. VPN Client
D. 用户自行配置
【单选题】
在 OSI 参考模型中有 7 个层次,提供了相应的安全服务来加强信息系统的安全性。以下哪一层提供了抗抵赖性?___
A. 表示层
B. 应用层
C. 传输层
D. 数据链路层
【单选题】
在安全策略的重要组成部分中,与 IDS 相比,IPS 的主要优势在哪里?___
A. 产生日志的数量
B. 攻击减少的速度
C. 较低的价格
D. 假阳性的减少量
【单选题】
在安全审计的风险评估阶段,通常是按什么顺序来进行的?___
A. 侦查阶段、渗透阶段、控制阶段
B. 渗透阶段、侦查阶段、控制阶段
C. 控制阶段、侦查阶段、渗透阶段
D. 侦查阶段、控制阶段、渗透阶段
【单选题】
在层的方式当中,哪种参考模型描述了计算机通信服务和协议?___
A. IETF 因特网工程工作小组
B. ISO 国际标准组织
C. IANA 因特网地址指派机构
D. OSI 开放系统互联
推荐试题
【单选题】
An administrator is attempting to power on a virtual machine with 32GB of memory. The operation fails with the following error: <Could not power on VM: No space left on device> <Checking the space on the virtual machine's datastore, there is 30GB free.> Which action would allow the VM to power on?___
A. Set a 2GB memory reservation on the VM.
B. Mount the virtual disk from the affected VM on to another virtual machine and free up space from within the OS.
C. Enable vSphere HD admission control on the cluster in which the VM resides.
D. Set a 2GB memory limit on the VM.
【单选题】
An administrator attempts to manually reclaim space on thin-provisioned VMFS6 volumes but finds that no additional space is being recovered. Which could be causing this?___
A. vSphere 6.5 does not support manual UNMAP.
B. The manual UNMAP operation has been moved to the vSphere web client.
C. The VASA version is use is incompatible.
D. UNMAP is automated for VMFS6.
【单选题】
An administrator has upgraded to vSphere 6.5 and also wants to use Kerberos authentication for NFS. Which can be done to the existing NFSv3 volumes to enable this feature?___
A. Perform a storage rescan on VMFS volumes.
B. Unmount the NFSv3 datastore, and then mount as NFSv4.1 datastore.
C. Nothing. All NFSv3 mounted datastores are upgraded automatically during vSphere upgrades.
D. Perform a scan of new storage devices.
【单选题】
An administrator wants to restore the vCenter Server Appliance 6.5 from backup. Where can this be accomplished?___
A. from the ESXi Host Client
B. from the VMware vSphere Appliance Management Interface
C. from within the VMware vSphere Web Client
D. from the vCenter Server Appliance Installer
【单选题】
The administrator wants to power on VM-K2, which has a 2GHz CPU reservation. VM-M1, VM-M2, and VM-K1 are all powered on. VM-K2 is not powered on. The exhibit shows the parent and child resource reservations. If Resource Pool RP-KID is configured with an expandable reservation, which statement is true?___
A. VM-K2 will be unable to power on because there are insufficient resources.
B. VM-K2 will be able to power on since resource pool RP-KID has 2GHz available.
C. VM-K2 will be unable to power on because only 2GHz are reserved for RP-KID.
D. VM-K2 will receive resource priority and will be able to power on this scenario.
【单选题】
Which is the block size on the VMFS6 datastore?___
A. All small and large file blocks are 8MB.
B. All small and large file blocks are 1MB.
C. Small file blocks are 512KB. large file blocks are 64MB.
D. Small file blocks are 1MB, large file blocks are 512MB.
【单选题】
When installing vCenter Converter Standalone, why must an administrator perform a client-server installation instead of a local installation?___
A. to manage conversion tasks remotely
B. to convert virtual machines as well as physical machines
C. to allow installation of the Converter agent on remote source machines
D. to hot clone physical or virtual machines
【单选题】
Which is required by vCenter Converter Standalone to convert a physical Red Hat Enterprise Linux 7 machine to a virtual machine?___
A. The Linux machine must be powered off.
B. The Linux machine must have the SSH daemon started.
C. The Linux machine must use a static IP address.
D. The Linux machine must have a fully-qualified domain name.
【单选题】
An administrator is troubleshooting network communications between a vCenter Server and an ESXi 6.5 host. Which log shows the related events between these components?___
A. /var/log/fdm.log
B. /var/log/vpxa.log
C. /var/log/hostd.log
D. /var/log/auth.log
【单选题】
An administrator has recently upgraded from vSphere 6.0 to 6.5, and can no longer see the software iSCSI named vmhba33. Which could be the reason for this?___
A. The upgrade has changed the vmhba name.
B. vSphere 6.5 automates iSCSI configurations.
C. vSphere 6.5 no longer supports software iSCSI.
D. The upgrade has deleted the vmhba.
【单选题】
An administrator is trying to vMotion a VM from his datacenter to a recovery site. Which is the maximum allowed RTT (Round-Trip Time) latency between source and destination host?___
A. 100 milliseconds
B. 150 milliseconds
C. 15 milliseconds
D. 10 milliseconds
【单选题】
Which is required for configuring iSCSI Software Adapter network port binding?___
A. VMkernel of the iSCSI traffic must be load balanced using Route based on IP Hash algorithm.
B. VMkernel of the iSCSI traffic must be load balanced using Route based on Source Virtual Port ID algorithm.
C. VMkernel of the iSCSI traffic must be load balanced using Route based on Source MAC Hash algorithm.
D. VMkernel of the iSCSI traffic must be bound to only one active network adapter.
【单选题】
In vSphere Data Protection 6.1, which is the function of a Backup Verification job?___
A. None. Backup Verification job is not a feature of vSphere Data Protection
B. It is a manual task -Power it on -Verify the guest OS -Check started applications
C. It is an automatic process -Restore a virtual machine -Power it on -Verify that the guest OS is booted by communicating with the Backup Verification agent
D. It is an automatic process -Restore a virtual machine -Power it on -Verify that the guest OC is booted by detecting the VMware ToolsTM "heartbeats"
【单选题】
An administrator has enabled vSphere Distributed Switch Health Check. The hosts connected to that Distributed Switch all display an alert:< vSphere Distributed Switch MTU supported status > .The administrator has all of the VMkernel ports MTU sizes set to 1600. Which action will remedy this problem?___
A. Configure the Distributed Switch to MTU 9100.
B. Disconnect and reconnect the physical network cable.
C. Configure the physical switch to MTU 1600.
D. Disable the Distributed Switch MTU.
【单选题】
Which Host Profile Subprofile configuration is used to configure firewall settings for ESXi hosts?___
A. Advanced Configuration Settings
B. General System Settings
C. Security
D. Networking
【单选题】
Where would a vSphere administrator find general vCenter Server logs on a vCenter Server Appliance?___
A. /var/log/vmware/vpxd/
B. /var/log/messages
C. /etc/vmware-vpx/
D. /var/log/vmware/vsan-health/
【单选题】
An administrator wishes to enable network port mirroring based on source port. Which feature should be enabled?___
A. vSphere standard switch port
B. ERSPAN
C. NSX Virtual Wire
D. VLAN
【单选题】
Which CLI command shows the physical uplink status for a vmnic?___
A. esxcli network ip connection list
B. esxcli network ip neighbor list
C. esxcli network nic get
D. esxcli network nic list
【单选题】
Which is the maximum number of block devices (LUNs) that are supported by ESXi hosts that are running version 6.5?___
A. 1024
B. 512
C. 2048
D. 256
【单选题】
When performing a vCenter Server 5.5 for Windows with Microsoft SQL Server Express database migration to vCenter Server Appliance 6.5, which will be the target database?___
A. Microsoft SQL Server Express 2012R2
B. Microsoft SQL Server Standard 2012R2
C. PostgreSQL
D. Oracle DB 11g
【单选题】
An administrator has multiple vCenter Server 6.5 systems but cannot enable Storage I/O Control (SIOC) on a datastore shared by ESXi hosts managed by the vCenter Server systems. Which action should the administrator take to resolve the issue?___
A. Unmount the datastore and then enable SIOC on the vCenter Server system.
B. Configure the datastore to be managed by a single vCenter Server system.
C. Configure Storage DRS and then enable SIOC on the vCenter Server system.
D. Enable Raw Device Mapping (RDM) on the
E. SXi hosts.
【单选题】
“OneAppServer” is a VM template stored in a content library named “LibraryOne”, but the vSphere administrator is not able to use this template for deployment. Why is the administrator unable to deploy OneAppServer?___
A. OneAppServer must be updated before it can be deployed.
B. LibraryOne is a subscribed library and OneAppServer is not downloaded yet.
C. LibraryOne is published and optimized for syncing over HTTP.
D. OneAppServer was imported from a local file on the system.
【单选题】
An administrator sets the Failover Capacity for both CPU and Memory at 25%. Based on the Exhibit below, how much of the cluster’s total CPU resources are still available to power on additional virtual machines?___
A. 45%
B. 25%
C. 70%
D. 60%
【单选题】
Which statement applies to the vSphere Replication appliance?___
A. Only one vSphere Replication appliance can be deployed per vCenter Server instance.
B. VMware Tools in the vSphere Replication appliance can be upgraded.
C. A single vSphere Replication appliance can manage a maximum of 4000 replications.
D. vSphere Replication is available only with the vSphere
E. ssentials Plus license.
【单选题】
Which esxcli namespace can a vSphere Administrator use to adjust the queue depth?___
A. esxcli system module parameters
B. esxcli storage core device
C. esxcli system module set
D. esxcli storage core adapter
【单选题】
Which statement regarding datastore clusters meets VMware’s recommended best practices?___
A. Clusters should contain only datastores presented from the same storage array.
B. Clusters should contain only datastores with equal hardware acceleration capability.
C. Clusters should contain only datastores with the same capacity.
D. Clusters should contain only datastores using the same connection method (iSCSI, FC, etc.).
【单选题】
What VM Monitoring setting would ensure that the maximum reset window for a virtual machine is 24 hours?___
A. Medium
B. Low
C. High
D. Normal
【单选题】
What is the default space threshold for vSphere Storage DRS?___
A. 80%
B. 70%
C. 90%
D. 95%
【单选题】
Which is the correct sequence to upgrade a vSphere infrastructure?___
A. vCenter Server>ESXi host> VMware Tools>VM compatibility
B. ESXi host>vCenter Server> VMware Tools>VM compatibility
C. vCenter host> ESXi host> VM compatibility> VMware Tools
D. ESXi host>vCenter Server> VM compatibility>VMware Tools
【单选题】
An administrator has a large boot from SAN cluster and wants to ensure consistent configuration by using host profiles. What special considerations are required for boot from SAN hosts?___
A. Change the “Device is shared clusterwide” setting to “false” in the host profile.
B. Verify that the boot LUN is correctly identified as the boot device in the host profile.
C. The boot from SAN device must report as a local device.
D. Host profiles are incompatible with boot from SAN hosts.
【单选题】
When using VMware Converter to import a Windows server and improve the consistency of the destination virtual machine, which optional step can be performed immediately prior to powering down the source server?___
A. Perform a final synchronization task.
B. Remove the server from the network.
C. Uninstall production applications.
D. Remove the server from the Active Directory domain.
【单选题】
Restoration of the vCenter Server Appliance is accomplished using which interface?___
A. vSphere Web Client
B. vSphere Client
C. vCenter Server Appliance Management Interface
D. vCenter Server Appliance GUI Installer
【单选题】
When attempting to migrate a virtual machine to another host in the same cluster, the error message, “Select a valid compute resource” returns. What could cause this error?___
A. Both hosts run different versions of ESXi.
B. Both hosts are not sharing the same datastore.
C. VMware Tools is not installed.
D. Virtual machine has an ISO attached.
【单选题】
When will vSphere Data Protection delete the expired backup image of a Platform Service Controller?___
A. Immediately after the retention period has expired.
B. After the expired backup image is restored.
C. During the next backup window following expiry.
D. During the next maintenance window following expiry.
【单选题】
Group A has permission to download files in Content Library. Group B does not have permission to download files in Content Library. If a user is a member of both groups, what will be the result?___
A. The user cannot download file from Content Library.
B. The user can download file from Content Library.
C. The user cannot access Content Library.
D. The user can access Content Library.
【单选题】
An administrator is trying to set up Host Partial Failure Response, but the Automated option is grayed out. What can the administrator change to enable the Automated option?___
A. Change the vSphere DRS Automation level to Partially Automated.
B. Change the vSphere DRS Automation level to Fully Automated.
C. Enable vSphere HA Host Monitoring.
D. Change the vSphere DPM Automation level to Automatic.
【单选题】
When you attempt to open a virtual machine console from the vSphere Web Client, the console does not connect. The following error message appears:<HTTP ERROR 404> <Problem accessin/.Reason: Not Found>. Why did not connect?___
A. Port 443 is in use.
B. Port 9443 is in use.
C. Port 8443 is in use.
D. Port 22443 is in use.
【单选题】
What new feature was introduced to the Content Library in vSphere 6.5?___
A. Mount an ISO directly from the Content Library.
B. Deploy a virtual machine from an OVF Package in a Content Library.
C. Upload a File from a URL to a Library Item.
D. Upload a File from a Local System to a Library Item.
【单选题】
How can an administrator exclude Encryption rights from a support engineer?___
A. Clone the role Virtual machine power user, remove Cryptographic operations privileges.
B. Clone the role Administrator and assign to the support engineer.
C. Clone the role Virtual machine power user and assign to the support engineer.
D. Clone the role No cryptography administrator and select privileges only for the support engineer.
【单选题】
The administrator must back up a vCenter HA deployment. Which component must be backed up?___
A. Passive node
B. Witness node
C. External database
D. Active node
