【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
D
解析
暂无解析
相关试题
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
A. 0
B. 50
C. 10
D. 200
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
推荐试题
【单选题】
767.(A320)当操作重力放起落架手柄来放下起落架时,下面说法不正确的是___
A. A.切断valve切断液压压力供给并切断液压回油
B. B.通气valve旁通起落架正常收放系统
C. C.起落架上锁机构开锁
D. D.起落架舱门上锁机构开锁
【单选题】
768.(A320)当地面打开起落架舱门后___
A. A.舱门液压作动系统被电磁阀切断
B. B.由于舱门液压被切断,无须安装安全锁套
C. C.舱门正常收放功能被抑制
D. D.可以用起落架手柄超控并关闭舱门
【单选题】
769.(A320)当飞机顶起时,如果需要灌充起落架___
A. A.无法实现
B. B.由于减震支柱此时处于全伸出状态,所以灌充时气体压力读数与在地面时不同
C. C.可以灌充红油,但必须在飞机落地后才能灌充气体
D. D.可以将减震支柱压缩到一定长度,以模拟地面压缩状态后进行灌充
【单选题】
770.(A320)当飞机在空中放下起落架后,如果起落架收不起来___
A. A.使用备用系统收
B. B.使用重力放起落架系统收
C. C.如果循环起落架手柄两次后仍收不起来,系统故障,无法收起
D. D.以上都不正确
【单选题】
771.(A320)当一个BSCU通道失效时___
A. A.前轮转弯转为备用机械方式
B. B.按压转弯手轮上的按钮,从而转换为另一个通道
C. C.前轮转弯不受影响
D. D.前轮转弯失效
【单选题】
773.(A320)关于A320刹车组件,下面说法错误的是___
A. A.刹车片分为动片和静片,其中和主轮转动相连的为动片
B. B.刹车组件有两组相对独立的作动筒,分别由绿和黄液压系统提供压力
C. C.当刹车指示销磨损到规定长度时,需要更换刹车组件
D. D.更换主轮时需要对相应的刹车组件进行目视检查
【单选题】
774.(A320)关于主起落架备用封严,下面说法正确的是___
A. A.使用时将备用封严作动valve打开
B. B.当备用封严作动valve作动后,备用封严自动翻转
C. C.备用封严也包括动封严和静封严两种
D. D.更换起落架内筒液压油时需要更换备用封严
【单选题】
775.(A320)关于主起落架减振支柱,下面说法错误的是___
A. A.使用氮气进行充气
B. B.当主封圈失效时,可以通过人工翻转备用封圈继续使用
C. C.当灌充完毕后,上部和下部为气体,中部为液压油
D. D.扭力连杆上的减摆器需要定期检查和勤务
【单选题】
777.(A320)起飞后,如果左主起落架减震支柱卡在压缩位:___
A. A.起落架可在任何情况下收起(安全)
B. B.前轮定中时,起落架可收起
C. C.起落架无法收起,起落架收放手柄被锁在下位
D. D.起落架总是可以用人工曲柄备用收起
【单选题】
778.(A320)起落架收上后,什么时候液压压力油路释压___
A. A.当选择valve回到中立位
B. B.飞机速度大于260节
C. C.当起落架手柄置于OFF位时
D. D.一直供压
【单选题】
905.(A320)使用备用刹车时,刹车指令(信号)是___
A. A.通过电传传递和控制
B. B.通过钢索传递和控制
C. C.通过液压传递和电液控制
D. D.都不正确
【单选题】
908.(A320)下列关于刹车系统部件功能叙述正确的是___
A. A.刹车选择valve(SELECTVLVE)由BSCU控制,用以隔离绿/黄系统和刹车系统
B. B.正常刹车系统压力传感器提供刹车压力指示
C. C.刹车储压器仅能用于停留刹车
D. D.备用刹车伺服valve响应BSCU防滞指令调节刹车压力
【单选题】
909.(A320)下面对停留刹车系统的说法,不正确的是___
A. A.设置停留刹车时,在驾驶舱内和飞机外部均有指示
B. B.停留刹车一个通道失效可以按照MEL放行
C. C.停留刹车使用黄系统和储压器作为压力源
D. D.由于停留刹车系统属于备用和应急系统,所以设计为机械传动和控制
【单选题】
910.(A320)自动刹车预位的条件是:___
A. A.绿系统有压力,防滞系统有电,正常刹车系统无故障,选择一个减速率
B. B.绿系统有压力,防滞系统有电,备用刹车系统无故障,选择一个减速率
C. C.黄系统有压力,防滞系统有电,选择一个减速率
D. D.黄系统有压力,防滞系统有电,正常刹车系统无故障,选择一个减速率
【单选题】
911.(A320)当机组反映飞机滑行时有一定角度的偏行时,下面说法中不正确的是___
A. A.可能是前轮转弯伺服valve有问题
B. B.可能是前轮轮胎压力有问题
C. C.可能是停留刹车valve有问题
D. D.可能是前轮转弯反馈位置传感器有问题
【单选题】
912.(A320)当起落架镜面偏低时,下面说法不正确的是___
A. A.可能是减震支柱内部油量不够
B. B.可能是减震支柱内部气压不够
C. C.可能是灌充valve有渗漏
D. D.以上都有可能
【单选题】
913.(A320)当前起落架后部上端的通气口有红油渗漏时,表明___
A. A.前轮转弯作动筒可能漏油
B. B.起落架内筒可能漏油
C. C.起落架收放作动筒可能漏油
D. D.都有可能
【单选题】
914.(A320)当在空中使用重力放起落架的方法放下起落架后,下面说法错误的是___
A. A.可以人工复位后继续使用起落架正常收放系统
B. B.起落架下锁情况需要目视检查
C. C.对飞机的飞行速度有限制
D. D.复位起落架正常收放系统时必须要将起落架手柄放至“OWN”位
【单选题】
915.(A320)更换液压作动的主起落架舱门后___
A. A.需要顶飞机进行调节和测试
B. B.需要检查舱门和机身之间的间隙
C. C.如果安装的是原先的舱门,则无需检查和测试临近电门
D. D.以上答案都不正确
【单选题】
916.(A320)关于地面收放起落架,不正确的说法是___
A. A.在收放前,确保辅助顶点的千斤顶压力表读数不超过规定负载
B. B.不能同时使用机身千斤顶和轮轴千斤顶来顶起飞机
C. C.可以使用飞机的液压系统或地面液压车来给飞机提供压力
D. D.可以使用惯导来监控飞机的水平姿态
【单选题】
917.(A320)关于主起落架,下面说法不正确的是___
A. A.灌充时需要对比上下两个气腔的压力值
B. B.当主封严失效时可以通过备用封严作动valve来转换成备用封严
C. C.使用两个灌充valve进行灌充
D. D.上部灌充valve用于灌充液压油,下部灌充valve用于灌充气体
【单选题】
918.(A320)绿液压系统可用时,如防滞和前轮转弯开关放在OFF位:___
A. A.正常刹车,前轮转弯失效
B. B.备用刹车,前轮转弯正常
C. C.正常刹车无防滞,前轮转弯失效
D. D.备用刹车无防滞,前轮转弯失效
【单选题】
919.(A320)哪一个组件提供到ECAM显示起落架位置___
A. A.由轮流控制起落架收放的LGCIU提供
B. B.两个LGCIU同时提供
C. C.仅由LGIU1提供
D. D.BSCU
【单选题】
920.(A320)前轮转弯系统中,反馈位置传感器是直接感受___
A. A.角齿轮传感机构的转动角度
B. B.作动筒运动的行程
C. C.转弯手轮的角度
D. D.反馈连杆回到中立位的行程
【单选题】
921.(A320)前起落架后部上方有一个小孔,我们在维护时使用它主要是___
A. A.用于检查减震支柱的油量
B. B.用于检查减震支柱的镜面磨损情况
C. C.拆卸内筒时用于接近内部紧固件
D. D.用于对前起落架内外筒之间的轴承进行润滑
【单选题】
922.(A320)如果选择了最大刹车,中断起飞时反推放出,但忘记把地面减速板预位,自动刹车会工作吗___
A. A.会
B. B.不会
C. C.需要机组预先设定这个备用程序
D.
【单选题】
973.(A320)使用绿系统进行正常刹车操作时,下面说法错误的是___
A. A.刹车组件上只有一半数量的作动活塞作动
B. B.在驾驶舱停留刹车三针指示表上将不显示刹车压力
C. C.刹车压力由BSU通过刹车选择valve并协同防滞系统进行控制
D. D.当备用低压液压系统油路中有空气时,并不影响刹车,但脚蹬反馈力会偏大
【单选题】
974.(A320)在备用刹车情况下,当机组感觉刹车脚蹬偏软时,下面哪个因素是可能的___
A. A.备用低压液压系统油路中有空气
B. B.绿液压系统油路里有空气
C. C.刹车控制钢索张力偏低
D. D.停留刹车关断valve没有完全打开
【单选题】
975.(A320)在哪种情况下,前轮转弯系统仍然可以工作___
A. A.地面人工维护时打开前起落架舱门
B. B.重力放起落架后
C. C.BSU两个通道均失效
D. D.滑行速度大于130节
【单选题】
976.(A320)当地面维护接通黄系统电动泵并关断PTU时,此时踩刹车脚蹬___
A. A.刹车压力的大小通过备用低压液压系统将信号传递给备用刹车控制系统,但防滞功能仍由BSCU控制
B. B.此时在停留刹车压力表上看不到刹车压力
C. C.刹车毂上的两组活塞(正常和备用)均由黄系统压力作动
D. D.以上都不正确
【单选题】
977.(A320)当飞机顶起在空中状态时,使用地面维护手柄打开起落架舱门后___
A. A.起落架收放功能被抑制
B. B.舱门收放功能被抑制
C. C.起落架和舱门收放功能都被抑制
D. D.都不受影响
【单选题】
978.(A320)当前起落架镜面有油迹时,表明___
A. A.前轮转弯作动筒漏油
B. B.起落架内筒漏油
C. C.润滑内外筒转动轴承时渗漏出来的油
D. D.都有可能
