【单选题】
How does PEAP protect the EAP exchange ?___
A. It encrypts the exchange using the server certificate
B. It encrypts the exchange using the client certificate
C. It validates the server-supplied certificate,and then encrypts the exchange using the client certificate
D. It validates the client-supplied certificate,and then encrypts the excha nge using the server certificate
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks?___
A. contextual analysis
B. holistic understanding of threats
C. graymail management and filtering
D. signature-based IPS
【单选题】
Refer to the exhibit【nat (inside,outside)dunamic interface】 Which translation technique does this configuration result in?___
A. DynamIc PAT
B. Dynamic NAT
C. Twice NAT
D. Static NAT
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
推荐试题
【多选题】
/第十章/第二节 多选题 做好人民政协工作,必须坚持人民政协的性质定位。人民政协是___ 易 4
A. 中国人民爱国统一战线的组织
B. 中国共产党领导的多党合作和政治协商的机构
C. 中国政治生活中发扬社会主义民主的重要形式
D. 中国特色国家行政机构的组成部分
【多选题】
/第十章/第二节 多选题 实践证明,中国共产党领导的多党合作和政治协商制度能够在中国特色社会主义共同目标下,把中国共产党领导和多党派合作有机结合起来,实现___ 易 4
A. 广泛参与与集中领导的统一
B. 社会进步与国家稳定的统一
C. 充满活力与富有效率的统一
D. 立法与行政的统一
【多选题】
/第十章/第二节 多选题 在当今世界许多地区民族冲突迭起的情况下,我国各族人民和睦相处,共同建设有中国特色的社会主义,这是因为我国___ 易 4
A. 消除了民族间在经济、文化发展水平方面的差距
B. 形成了平等、团结、互助、和谐的社会主义民族关系
C. 社会主义制度的确立消灭了民族压迫
D. 实行了民族区域自治制度
【多选题】
/第十章/第二节 多选题 新疆和西藏几十年来的发展证明,民族区域自治制度符合各民族人民的共同利益和发展要求。民族区域自治制度___ 易 4
A. 体现了我国坚持实行各民族平等、团结、合作和共同繁荣的原则
B. 体现了民族因素与区域因素、政治因素与经济因素、历史因素与现实因素的结合
C. 核心是保障少数民族当家作主,管理本民族、本地方事务的权利
D. 是历史的人民的选择
【多选题】
/第十章/第二节 多选题 改革开放以来,我国已经建立了基层民主自治体系,其主要内容有___ 易 4
A. 农村村民委员会
B. 城市居民委员会
C. 企业职工代表大会
D. 妇女联合会
【多选题】
/第十章/第三节 多选题 下列构成社会主义核心价值体系的基本内容的有___ 易 4
A. 以爱国主义为核心的民族精神
B. 以民族团结为主题的中华精神
C. 以经济发展为核心的时代精神
D. 以改革创新为核心的时代精神
【多选题】
/第十章/第三节 多选题 下列属于社会主义核心价值体系的基本内容的是___ 中 4
A. 马克思主义指导思想
B. 中国特色社会主义共同理想
C. 以爱国主义为核心的民族精神
D. 以改革创新为核心的时代精神
【多选题】
/第十章/第三节 多选题 发挥人民在文化建设中的主体作用,坚持___ 易 4
A. 文化发展为了人民
B. 文化发展信赖人民
C. 文化发展依靠人民
D. 文化发展成果由人民共享
【多选题】
/第十章/第三节 多选题 坚持中国特色社会主义文化发展道路,必须___如何坚持中国特色社会主义文化发展道路 难 4
A. 坚持以马克思主义为指导
B. 坚持自己的民族特色
C. 坚持采用西方的先进制度
D. 坚持发挥人民的主体地位
【多选题】
/第十章/第三节 多选题 建设社会主义文化强国,是___ 难 4
A. 与开展社会主义革命的根本需要
B. 满足人民精神文化需要的必然要求
C. 实现中国梦的重要内容
D. 构建中国国际话语权的现实需要
【多选题】
/第十章/第三节 多选题 社会主义核心价值体系与社会主义核心价值观方向一致,表现在___ 易 4
A. 体现了社会主义意识形态的本质要求
B. 凝聚了社会主义先进文化的精髓
C. 体现了社会主义制度在思想和精神层面的质的规定性
D. 是实现中华民族伟大复兴的中国梦的价值引领
【多选题】
/第十章/第三节 多选题 核心价值观和核心价值体系都坚持重在建设,就是要___ 细节理解 难 4
A. 坚定共产主义远大理想
B. 弘扬共同理想
C. 凝聚精神力量
D. 建设道德风尚
【多选题】
/第十章/第三节 多选题 相对于社会主义核心价值体系,社会主义核心价值观___ 社会主义核心价值体系和社会主义核心价值观的区别 难 4
A. 具有更全面的理论指导意义
B. 更加清晰地突出了建设社会主义文化的核心要素
C. 更加具有实践导向
D. 清楚的回答了建设什么样的国家、社会和培养什么样的公民的重大问题
【多选题】
/第十章/第三节 多选题 培育和践行社会主义核心价值观,要___ 中 4
A. 在全社会深入开展理想信念教育
B. 突出道德价值的作用
C. 立足于中华优秀传统文化
D. 加强革命传统教育,弘扬红色文化
【多选题】
/第十章/第三节 多选题 所谓文化强国,是指这个国家具有强大的文化力量,这种力量表现为___ 中 4
A. 高度文化素养的国民
B. 完善的农村文化基础设施
C. 发达的文化产业
D. 强大的文化软实力
【多选题】
/第十章/第三节 多选题 建设社会主义文化强国,需要___ 中 4
A. 培养高度的文化自觉自信
B. 大力发展文化事业和文化产业
C. 必须加快文化体制改革
D. 构建市场为主导的文化事业发展格局
【多选题】
/第十章/第三节 多选题 建设社会主义文化强国,加快文化体制改革,要求___ 中 4
A. 完善文化管理体制
B. 建立健全现代文化市场体系
C. 构建现代公共文化服务体系
D. 文化生产经营机制
【多选题】
/第十章/第三节 多选题 毛泽东指出“一定的文化(当做做观念形态的文化)是一定社会的政治和经济的反映,又给予伟大影响和作用于一定社会的政治和经济。”这说明___ 名人名言的理解 难 4
A. 文化是作为人们在认识世界和改造世界的伟大实践中创造的精神成果
B. 文化作为经济活动的产物只能跟随经济发展的脚步,不能超前也不能落后
C. 中国特色社会主义文化是我国经济和政治基本特征的集中反映,又给予经济和政治能动的反作用
D. 所有的文化都可以为人类发展提供精神动力和智力支持
【多选题】
/第十章/第五节 多选题 党的十八大提出,面对资源约束趋紧、环境污染严重、生态系统退化的严峻形势,必须树立___的生态文明理念。 考察考生记忆能力 易 4
A. 尊重自然
B. 顺应自然
C. 保护自然
D. 顺从自然
【多选题】
/第十章/第五节 多选题 把祖国建成经济繁荣、环境优美、生态良好的美丽家园,既是建设美丽中国的根本要求,也是亿万人民的共同愿望,更是每一个公民义不容辞的责任。因此我们应该坚持___的基本国策。 易 4
A. 自力更生
B. 节约资源
C. 保护环境
D. 对外开放
【多选题】
/第十章/第五节 多选题 “五位一体”总体布局包括中国特色社会主义经济建设、政治建设、文化建设、___。 易 4
A. 制度建设
B. 法律建设
C. 社会建设
D. 生态文明建设
【多选题】
/第十章/第五节 多选题 下列关于生态文明新理念表述正确的是___ 易 4
A. 要金山银山,不要绿水青山
B. 既要绿水青山,也要金山银山
C. 宁要绿水青山,不要金山银山
D. 绿水金山就是金山银山
【多选题】
/第十章/第五节 多选题 美丽的自然需要细心地呵护,需要人类确立___的生态文明理念,进行生态文明实践。 易 4
A. 顺从自然
B. 尊重自然
C. 保护自然
D. 征服自然
