【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
B
解析
暂无解析
相关试题
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
A. 0
B. 50
C. 10
D. 200
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
推荐试题
【单选题】
上海是近代中国西洋音乐的发祥地之一。为了集中体现西洋交响乐在上海的百年繁华,2018年10月1日,坐落于徐汇区宝庆路3号的_____正式开馆,这不仅是上海第一家,也是国内第一家以交响乐为主题的博物馆。___
A. 上海音乐博物馆
B. 上海乐器博物馆
C. 上海交响乐博物馆
D. 徐汇交响乐博物馆
【单选题】
为了解决上海对外接待的瓶颈问题,1986年11月29日,上海第一家五星级国际酒店_____正式开业,创造了酒店业许多项上海“第一”的记录,为中国饭店业培养了一大批高级管理人才,被称为中国酒店业的“黄埔军校”。___
A. 和平饭店
B. 建国宾馆
C. 衡山宾馆
D. 华亭宾馆
【单选题】
坐落在上海交通大学徐汇校区的“钱学森图书馆”,于2011年12月11日钱学森诞辰_____周年之际建成对外开放。馆内基本展览分为“中国航天事业奠基人”、“科学技术前沿的开拓者”、“人民科学家风范”和“战略科学家的成功之道”四个部分。___
A. 70
B. 80
C. 90
D. 100
【单选题】
新能源汽车具体指_____这三种类型的车辆。___
A. 纯电动汽车、非插电式混合动力汽车、燃料电池汽车
B. 纯电动汽车、插电式混合动力汽车、燃料电池汽车
C. 纯电动汽车、混合动力汽车、燃料电池汽车
D. 纯电动汽车、混合动力汽车、代用燃料汽车
【多选题】
民国21年(1932年)10月,陶行知在大场孟家木桥红庙创建半工半读的山海工学团,进行教育改革。主张社会即学校,生活即教育;推行教、学、做合一和“小先生制”,实行()。___
A. 以工养生
B. 以学明生
C. 以团保生
【多选题】
上海自贸试验区借鉴国际经验,海关、检验检疫、海事等口岸监管部门推出了一系列创新举措,探索建立了符合高标准贸易便利化规则的贸易监管制度,促进了区内货物、服务等各类要素的自由流动,也为企业节省了成本。以下哪项属于这一系列创新举措?________
A. “先进区、后报关报检”
B. “一区注册、四地经营”
C. “十检十放”
D. 实施国际贸易“单一窗口”
【多选题】
左联五烈士,指1931年2月7日被国民党杀害的_____、_____、_____、_____、_____五位左翼革命作家。___
A. 柔石
B. 胡也频
C. 殷夫
D. 李伟森
E. 冯铿
F. 李白
【多选题】
5 G技术低时延、高可靠性、高传输速率、高容量的特性将推动V2X(车联网无线通信技术)的发展。意为“车与万物连接”,最常见的V2X场景包括车与_____互连。___
A. 互联网
B. 车辆
C. 基础设施
D. 行人
【多选题】
根据《中国落实2030年可持续发展议程国别方案》要求,科技部牵头启动_____和_____工作,以推动实现联合国2030年可持续发展议程所确定的目标。___
A. 建设绿色技术银行
B. 构建绿色技术创新体系
C. 建设可持续发展议程创新示范区
D. 建设可持续发展实验区
【多选题】
全国首批双创基地有:_____、江苏省常州市武进区、浙江省杭州市余杭区浙江杭州未来科技城、安徽省合肥高新技术产业开发区、福建福州新区、河南省郑州航空港经济综合实验区、湖北省武汉东湖新技术开发区、湖南湘江新区、广东省广州高新技术产业开发区科学城园区、广东省深圳市南山区、重庆两江新区、四川省成都市郫县、贵州贵安新区、陕西西咸新区。___
A. 北京市海淀区
B. 天津市滨海新区中心商务区
C. 辽宁省沈阳市浑南区
D. 上海市杨浦区
【多选题】
未成年人保护工作事关国家安全和社会稳定,事关祖国未来和民族振兴。我国法律法规充分保护未成年人各项权利,其中,根据《中华人民共和国未成年人保护法》,我国未满十八周岁的未成年人依法享有哪些权利? ___
A. 参与权
B. 发展权
C. 生存权
D. 受保护权
E. 受教育权
【多选题】
美术教育是美育的重要组成部分,对塑造美好心灵具有重要作用。你们提出加强美育工作,很有必要。做好美育工作,要_____、_____、_____弘扬中华美育精神,让祖国青年一代身心都健康成长。___
A. 坚持立德树人
B. 扎根时代生活
C. 遵循美育特点
【多选题】
下列哪类人员属于监察对象。________
A. 公立中学教务处主任
B. 民营医院院长
C. 协助乡政府办理贫困户就业贷款的村民兵营长
D. 受交警支队委托从事交通事故勘验的协警
【多选题】
出台中央八项规定,严厉整治_____、_____、_____和_____,坚决反对特权。___
A. 形式主义
B. 官僚主义
C. 享乐主义
D. 奢靡之风
E. 个人主义
【多选题】
2007年5月24日,上海市第九次党代会开幕。当天,党代表和市民们第一次从习近平的口中听到了他对上海城市精神新的提炼和概括:_____。___
A. 海纳百川
B. 追求卓越
C. 开明睿智
D. 大气谦和
【多选题】
2018年11月6日,中国船舶工业集团有限公司与___、___在进口博览会上正式签订2+4艘13.5万总吨Vista级大型邮轮建造合同。___
A. 美国嘉年华集团
B. 意大利芬坎蒂尼集团
C. 日本三菱重工集团
【多选题】
儿童在成长和发展中有不同层面的需要,下列关于儿童需要的表述,属于社会化需要的有:_____。___
A. 身心安全保障的需要
B. 分清自我和非我关系的需要
C. 免遭虐待和忽视的需要
D. 获得足够休闲和娱乐的需要
E. 掌握吃饭、穿衣、语言表达等生活技能的需要
【多选题】
领导干部要把践行“三严三实”贯穿于全部工作生活中,养成一种_____、化为一种_____。要加强道德修养,带头弘扬社会主义核心价值观,明辨是非善恶,追求健康情趣,不断向廉洁自律的高标准看齐,做到_____。___
A. 习惯
B. 境界
C. 心有所戒、行有所止
D. 守住底线、不碰高压线
【多选题】
当代中国的伟大社会变革,不是简单延续我国历史文化的_____,不是简单套用马克思主义经典作家设想的_____,不是其他国家社会主义实践的_____,也不是国外现代化发展的_____。___
A. 母版
B. 模板
C. 再版
D. 翻版
【多选题】
血液由血浆和血细胞组成;血浆内含有血浆蛋白(白蛋白、球蛋白、纤维蛋白原等);血细胞包括红细胞、白细胞、血小板。白细胞包括_____、_____、_____、_____和________
A. 中性粒细胞
B. 淋巴细胞
C. 单核细胞
D. 嗜酸性粒细胞
E. 嗜碱性粒细胞
