【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
A. 0
B. 50
C. 10
D. 200
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
推荐试题
【单选题】
资本主义经济政治发展不平衡决定了社会主义革命只能___
A. 在发达资本主义国家首先取得胜利;
B. 在所有资本主义国家同时取得胜利;
C. 在一国或几国首先取得胜利;
D. 在所有不发达资本主义国家同时取得胜利
【单选题】
资本主义积累过程发展的历史趋势是___
A. 缓和并最终解决资本主义的基本矛盾;
B. 社会主义取代资本主义;
C. 全世界同时建立生产资料公有制;
D. 全世界都进入资本主义制度
【单选题】
解决资本主义基本矛盾的唯一途径是___
A. 用垄断代替自由竞争;
B. 用国家垄断资本主义代替私人垄断资本主义;
C. 用国际垄断代替国家垄断资本主义;
D. 用社会主义制度代替资本主义制度
【单选题】
经济全球化带给发展中国家的消极影响有许多,但不包括___
A. 经济发展受到一定程度的损失
B. 在国际贸易关系中剩余价值大量流失
C. 金融风险加大
D. 经济发展机会大大减少
【单选题】
国家垄断资本主义对经济的干预___
A. 从根本上改变了垄断资本主义国家的阶级矛盾
B. 改变了资本主义私有制的性质
C. 使资产阶级和工人阶级形成了利益一致
D. 没有改变劳动者被剥削的地位
【单选题】
国家垄断资本主义的局限性在于___
A. 使垄断资本主义存在着时而迅速发展时而停滞的趋势
B. 使垄断资本主义经济长期处于停滞状态
C. 使垄断资本主义经济长期处于滞胀状态
D. 它只能暂时使某些矛盾缓和,但却使这些矛盾加深和复杂化
【多选题】
作为一个完整的科学体系,马克思主义理论体系的三个主要组成部分是___
A. 马克思主义政治学
B. 马克思主义政治经济学
C. 马克思主义哲学
D. 马克思主义文艺学
E. 科学社会主义
【多选题】
标志马克思主义产生的阶级基础确立的19世纪的三大工人运动是___
A. 巴黎公社
B. 法国大革命
C. 1831年、1834年法国里昂工人的两次起义
D. 1838年英国爆发的延续十年的宪章运动
E. 1844年德国西里西亚纺织工人起义
【多选题】
学习马克思主义理论,必须要分清___
A. 哪些是必须长期坚持的马克思主义基本原理
B. 哪些是需要结合新的实际加以丰富发展的理论判断
C. 哪些是必须破除的对马克思主义错误的、教条式的理解
D. 哪些是必须澄清的附加在马克思主义名下的错误观点
【多选题】
下列各项属于哲学基本问题内容的有___
A. 思维与存在何者第一性
B. 思维能否掌握理论
C. 思维与存在是否有同一性
D. 思维能否正确地反映存在
E. 能否在我们关于现实世界的概念中正确地反映现实
【多选题】
马克思主义哲学以前的唯物主义的缺陷有___
A. 用机械力学的尺度去衡量物质的一切运动
B. 不能把世界理解为处于不断变化发展中的过程
C. 对社会历史的观点是唯心主义的
D. 不承认存在决定意识
E. 不承认社会存在决定社会意识
【多选题】
下列观点属于客观唯心主义的有___
A. 事物是理念的影子
B. “理在事先”
C. 世界是“绝对观念”的外化
D. “未有天地万物,已有天地万物之理”
E. 现实的国家是国家观念的外化
【多选题】
社会的物质性体现在___
A. 劳动是社会产生和存在的决定性因素
B. 在社会中不存在精神的现象和活动
C. 物质资料的产生是社会历史的前提
D. 全部社会生活在本质上是实践的
E. 社会生活中不存在物质关系以外的其他关系
【多选题】
客观规律性和主观能动性的关系是___
A. 充分发挥主观能动性,才能认识和利用客观规律
B. 客观规律不能违背,所以限制了主观能动性的发挥
C. 正确发挥主观能动性,必须遵循客观规律
D. 越是强调尊重客观规律,就越能发挥主观能动性
E. 越是尊重客观规律,就越能发挥主观能动性
【多选题】
列宁的物质定义的理论意义在于___
A. 坚持了唯物主义一元论
B. 反对了唯心主义和二元论
C. 坚持了唯物主义可知论
D. 克服了形而上学唯物主义物质观的缺陷
E. 为自然科学的发展提供了正确的世界观和方法论
【多选题】
下列选项中,正确表述运动含义的有___
A. 运动是新事物的产生和旧事物的灭亡
B. 运动是物质存在的方式
C. 运动是物质位置的移动
D. 运动是物质的根本属性
E. 运动指宇宙中发生的一切变化和过程
【多选题】
下列选项中,正确表述运动和静止关系的有___
A. 动者恒动,静者恒静
B. 运动是绝对的,静止是相对的
C. 动中有静,静中有动
D. 运动是有条件的,静止是无条件的
E. 无动则有静,无静则有动
【多选题】
下列说法中,表示时间一维性的有___
A. 盛年不重来,一日难在晨
B. 失落黄金有分量,错过光阴无处寻
C. 光阴好比河中水,只能流去不复回
D. 莫说年纪小,人生容易老
E. 一寸光阴一寸金,寸金难买寸光阴
【多选题】
下列成语和常用语中,正确说明意识能动性的有___
A. 胸有成竹,料事如神
B. 纸上谈兵,画饼充饥
C. 天下无难事,只怕有心人
D. 不怕做不到,就怕想不到
E. 运筹帷幄之中,决胜千里之外
【多选题】
尽管历史上罗马教廷把哥白尼的日心说,当作异端邪说加以打击,毁掉哥白尼的数,监禁伽利略,但这不能改变地球绕太阳转的规律,也不能阻止人们接受日心说
这一事实说明__
A. 客观规律不以人的意志为转移
B. 人在客观规律面前无能为力
C. 客观规律起作用是无条件的
D. 真理中包含着不依赖于人的客观内容
E. 真理终究会战胜谬误
【多选题】
观念的东西不外是移入人的头脑并在人的头脑中改造过的物质的东西而已,这一命题揭示了___
A. 观念的东西和物质的东西是对立的统一
B. 在意识中体现了主观和客观的统一
C. 人脑是意识的源泉
D. 观念的东西是对物质的东西的能动反映
E. 没有被反映者,就没有反映
【多选题】
劳动在人类社会发展中的地位和作用是___
A. 劳动创造了人和人类社会
B. 劳动是一切历史的前提和基础
C. 劳动发展史是打开全部社会史的钥匙
D. 劳动是社会活动的全部内容
E. 劳动是人与自然之间的物质交换和能量变换过程
