【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
D
解析
暂无解析
相关试题
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
A. 0
B. 50
C. 10
D. 200
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
推荐试题
【多选题】
安全员需要考核以下哪些内容?___
A. 爆破作业现场安全管理要求
B. 民用爆炸物品领取、发放、清退安全管理规定
C. 手持机操作技术
【多选题】
下列哪些措施是政府主管部门在民用爆炸物品安全管理中经常使用的?___
A. 行政许可
B. 罚款
C. 追究刑事责任
D. 监督检查
【多选题】
爆破从业人员从事爆破作业活动中,下列哪些行为是禁止的?___
A. 伪造爆破作业单位、人员许可证
B. 租借爆破作业单位、人员许可证
C. 出示爆破作业单位、人员许可证
【多选题】
___可直接用于有水的深孔爆破和浅孔爆破作业。
A. 乳化炸药
B. 水胶炸药
C. 铵油炸药
D. 粉状炸药
【多选题】
多孔粒状铵油炸药由___组成。
A. 多孔粒状硝酸铵
B. 梯恩梯
C. 柴油
D. 木粉
【多选题】
下列哪些元件是组成导爆管起爆网路的必需元件?___
A. 激发元件
B. 传爆元件
C. 起爆元件
D. 加热元件
【多选题】
下面哪些是导爆管起爆网路的优点?___
A. 不受外界电能的影响
B. 起爆网路起爆的药包数量不受限制
C. 网路不需要进行复杂的计算
D. 可以测量线路通不通
【多选题】
深孔和硐室爆破可选用哪些起爆方法?___
A. 电力起爆
B. 导爆索起爆
C. 导爆管起爆
【多选题】
以下哪些可以引爆导爆管起爆网路?___
A. 专用起爆器
B. 导爆索
C. 雷管
D. 打火机
【多选题】
岩石(土)种类很多,按照它的形成原因可以分为岩浆岩、___和(C )三大类型。
A. 沉积岩
B. 花岗岩
C. 变质岩
D. 玄武岩
【多选题】
下列哪些部位适合作为安排警戒点的位置?___
A. 爆破危险区外
B. 交通道口
C. 各种角落
D. 视野开阔的地方
【多选题】
在煤矿井下掘进爆破中,下列确定警戒距离的原则哪些是对的?___
A. 回采工作面一般不得小于30米
B. 煤巷掘进工作面直线爆破不得小于75米
C. 对有直角弯的工作面不得小于50米
D. 煤巷掘进工作面直线爆破不得小于100米
【多选题】
下列措施中哪些是处理深孔爆破盲炮时需要遵守的?___
A. 爆破网路未受破坏,且最小抵抗线无变化者,可重新连接起爆;最小抵抗线有变化者,应验算安全距离,并加大警戒范围后,再连接起爆
B. 可在距盲炮孔口不少于10倍炮孔直径处另打平行孔装药起爆
C. 可钻平行孔装药爆破,平行孔距盲炮孔不应小于0.3m
D. 可在安全地点外用远距离操纵的风水喷管吹出盲炮填塞物及炸药
【多选题】
下列哪些参数是深孔爆破方法的特征?___
A. 钻孔直径大于50mm
B. 炮孔深度大于5米
C. 设备是进口的
D. 一次爆破量大
【多选题】
在爆破工程施工中,防止因迟爆发生安全事故的有效措施是___。
A. 不使用已过期的爆炸材料
B. 正确选用起爆器
C. 发现起爆后炮未响时,不要急于当盲炮处理,应留有足够的等待时间
D. 由安全员负责起爆操作
【多选题】
爆破产生的有害效应除了爆破振动、爆破冲击波、爆破毒气以外还有哪些?___
A. 爆破效果
B. 爆破噪声
C. 爆破飞散物
D. 爆破烟尘
【多选题】
在焚烧法销毁爆炸危险品中,下列哪些是制作点火药包应该特别注意的问题?___
A. 要对制成的电点火药包进行试验,确认其可靠性
B. 点火药包上的电点火装置要与药包中的火药紧密接触
C. 严禁在点火药包内混入雷管
【多选题】
用焚烧法可以销毁下列哪些爆炸物品?___
A. 鳞片状梯恩梯
B. 烟火剂
C. 发射药
【多选题】
在领取、发放爆破器材时,交接双方都应当对下列哪些项目进行检查?___
A. 包装外观
B. 警示标识
C. 登记标识
【多选题】
库房内可以采用以下哪类移动式照明?___
A. 防爆手电筒
B. 手提式防爆灯
C. 电网供电的移动手提灯
【多选题】
以下哪些条件是爆破员、安全员、保管员应具备的?___
A. 18周岁以上,60周岁以下
B. 高中以上文化程度
C. 无妨碍爆破作业的疾病和生理缺陷
【多选题】
下列哪些属于原国防科工委、公安部公布的《民用爆炸物品品名表》中的民爆物品?___
A. 工业炸药
B. 工业雷管
C. 工业索类火工品
【多选题】
爆破从业人员从事爆破作业活动中,下列哪些行为是禁止的?___
A. 爆破从业人员同时受聘于两个以上爆破作业单位
B. 违反国家有关标准和规范实施爆破作业
C. 扣押爆破从业人员许可证
【多选题】
一般地说,以下哪些是炸药特有的相容性?___
A. 组分相容性
B. 物理相容性
C. 化学相容性
D. 爆炸相容性
【多选题】
以下哪些属于炸药的安定性?___
A. 化学安定性
B. 物理安定性
C. 热安定性
D. 水溶解性
【多选题】
以下哪些是电起爆网路预防雷电的措施?___
A. 将全部电爆网路埋入土中,深度不小于25cm
B. 用一根裸线(可用有刺铁丝)与电爆网路的导电线并排敷设
C. 用树枝将起爆线路覆盖起来
D. 起爆站干线的末端分开放置,并进行绝缘
【多选题】
下列哪些元件是组成导爆管起爆网路的必需元件?___
A. 激发元件
B. 传爆元件
C. 起爆元件
D. 加热元件
【多选题】
电子雷管由以下哪些部分组成?___
A. 管壳
B. 装药部分
C. 电子电路
D. 排气孔
【多选题】
深孔爆破可选用的起爆方法有哪些?___
A. 导爆管起爆法
B. 电力起爆法
C. 导爆索起爆法
【多选题】
当炸药置于无限大的均匀岩石介质中爆炸时,将会在岩石中形成以炸药为中心的由近及远的不同破坏区域,分别称为___。
A. 装药区
B. 粉碎区
C. 裂隙区
D. 振动区
【多选题】
在井巷掘进爆破中,下列哪些掏槽方法是常用的?___
A. 锥形掏槽
B. 直孔掏槽
C. 混合掏槽
【多选题】
下列哪些是防止堵孔的措施?___
A. 将孔口岩石碎块清理干净,防止掉落孔内
B. 每个炮孔钻完后立即将孔口用木塞或塑料塞堵好,防止雨水或其他杂物进入炮孔
C. 一个爆区钻孔完成后应尽快实施爆破
D. 炮孔钻好后要进行登记、编号
【多选题】
下面哪些工作是爆破时安全警戒人员的任务?___
A. 清场
B. 在指定位置站岗
C. 管制交通
D. 整理剩余爆破器材
【多选题】
在每次爆破中,起爆前后一共有三次信号,以下哪些是爆破警戒信号?___。
A. 预警信号
B. 解除信号
C. 联络信号
D. 起爆信号
【多选题】
以下措施中哪些有助于防止因静电感应引起的早爆?___
A. 对于现场易产生静电的机械、设备等应与大地相接通以疏导静电
B. 按设计要求进行填塞,保证填塞质量和长度
C. 施工人员不穿易产生静电的工作服
D. 采用抗静电雷管
【多选题】
在拆除爆破中,下列哪些材料适合用于爆破区域的防护?___
A. 草帘
B. 砂土袋
C. 块石
D. 篷布
【多选题】
爆破器材的发放和回收应在单独的发放间(或发放硐室)里进行,不应在下列哪些场所内发放?___
A. 库房
B. 硐室
C. 壁槽
【多选题】
遇下列哪些天气,禁止进行爆破器材装卸作业?___
A. 雷雨
B. 暴风
C. 多云
【多选题】
由爆破作业单位销毁的爆炸物品主要来自下列哪些方面?___
A. 本单位确定不再使用的爆破器材
B. 执法机关或其他拥有单位委托销毁的爆炸物品
C. 销售单位的爆破器材
【多选题】
爆破器材生产单位场内运输爆炸物品车辆的押运工作可以由___和(C )负责。
A. 安全员
B. 爆破员
C. 押运员
D. 保管员