【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
查看试卷,进入试卷练习
微信扫一扫,开始刷题

答案
AC
解析
暂无解析
相关试题
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
A. 4
B. 3
C. 2
D. 5
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
推荐试题
【单选题】
产妇,29岁,第一胎,妊娠合并心脏病,孕37周,阴道侧切分娩一活婴,产后心功能Ⅱ级,在护理措施中,不正确的为___
A. 产后3天严密观察心衰的表现
B. 产后24小时内绝对卧床休息
C. 不宜母乳喂养
D. 进食富含纤维素食物防便秘
E. 至少住院观察2周
【单选题】
随访葡萄胎病人时必须进行的最常用的检查方法是___
A. 阴道脱落细胞涂片检查
B. 测尿中的HGG值
C. B超检查有无胎囊
D. 多普勒超声检查听取胎心
E. CT检查脑转移情况
【单选题】
为预防感染,新生儿脐带护理哪项是正确的___
A. 沐浴后用75%酒精揩净脐带残端和脐轮处
B. 脐带2~3天脱落
C. 有分泌物伴臭味时涂1%龙胆紫
D. 有肉芽组织用50%硝酸银点灼
E. 脐部保持清洁湿润,防止发生脐炎
【单选题】
女性阴道炎的叙述下列哪项是正确的___
A. 妊娠期间不易发生滴虫性阴道炎
B. 滴虫性阴道炎夫妻间不会相互传染
C. 滴虫性阴道炎用甲硝唑只需1次性治疗
D. 绝经后雌激素水平降低,易引起念珠菌性阴道炎
E. 口腔、阴道黏膜、肠道存在念珠菌可相互传染
【单选题】
葡萄胎确诊后哪项措施不恰当___
A. 尽快采用吸刮术,迅速排空宫腔
B. 术前不应用缩宫素,防肺栓塞或转移
C. 术中静脉点滴缩宫素,但需在宫口扩大后
D. 为减少出血及子宫穿孔,术前静滴缩宫素
E. 第1次吸刮后1周,行第2次刮宫
【单选题】
对于化疗患者,错误的护理是___
A. 定时巡视患者
B. 注意患者精神状况,给予心理安慰
C. 化疗中出现体重减轻时,化疗药剂量不要调整
D. 嘱患者进高营养、易消化的食物
E. 注意观察化疗不良反应
【单选题】
妊娠合并心脏病孕妇减轻妊娠期心脏负担,预防心力衰竭的措施哪项应除外___
A. 积极防治贫血和妊娠高血压综合征(妊高征)
B. 预防上呼吸遭感染
C. 终止妊娠
D. 限制钠盐
E. 预产期前1~2周住院待产
【单选题】
下列何项是宫颈原位癌的诊断标准___
A. 病变限于上皮内,基底膜未穿透,间质无浸润
B. 子宫颈上皮细胞已发生癌变,侵犯阴道的下2/3
C. 病变侵犯达血管和淋巴
D. 异形细胞侵犯宫颈腺体.侵犯腺体基底膜
E. 细胞异常程度达Ⅱ级以上
【单选题】
患者30岁,孕40周,临产后出现协调性宫缩乏力。宫口开大4cm,胎囊凸,无头盆不称。护士应首先协助的处理是___
A. 镇静剂
B. 等待产程自然进展
C. 缩宫素静脉滴注
D. 人工破膜后静脉滴注缩宫素
E. 剖宫产术
【单选题】
患者已婚,以急性腹痛2h,停经45天,妇科检查,左侧附件区可触及一包块,初步诊断为宫外孕,为确诊必须进行阴道穹隆穿刺,穿刺部位应该是___
A. 阴道前穹隆
B. 阴道后穹隆
C. 阴道左穹隆
D. 阴道右穹隆
E. 膀胱子宫陷凹
【单选题】
关于分娩的分期,错误的是___
A. 总产程是指规律性宫缩开始至胎儿娩出为止
B. 第一产程初产妇需要11~12小时
C. 第二产程初产妇需要1~2小时
D. 第三产程不超过30分钟
E. 第二产程经产妇需1小时或数分钟
【单选题】
妇科检查前准备与内、外科检查准备不同的是___
A. 语言亲切地解释安置体位的要求
B. 要求排空膀胱和直肠
C. 提醒或协助病人上下床安全
D. 冬季做好保暖工作
E. 嘱病人张口呼吸放松腹壁
【单选题】
对高危孕妇,处理不妥的是___
A. 应用胎儿监测仪及时发现异常情况
B. 给产妇吸氧
C. 发现胎儿窘迫,均作剖宫产
D. 决定手术后在短时间内做好术前准备
E. 做好新生儿窒息抢救工作
【单选题】
关于滴虫性阴道炎使用甲硝唑治疗,下列哪项是错误的___
A. 顽固者夫妻应同时口服甲硝唑治疗
B. 妊娠早期及哺乳期不用为妥
C. 妊娠早期服用对胎儿无影响
D. 局部用药亦可收到较好效果
E. 阴道放药前行酸性溶液冲洗可提高疗效
【单选题】
子宫下段破裂的临床表现何项正确___
A. 胎体触及不清
B. 产妇突感强烈腹痛,随之子宫收缩消失
C. 胎头拨露继而着冠
D. 多伴有阴道多量鲜血流出
E. 可见痉挛性狭窄环随宫缩上升
【单选题】
关于雌激素的生理功能,正确的叙述是___
A. 使阴道上皮增生,角化现象消失
B. 使宫颈口,关闭,黏液减少变稠,拉丝度减小
C. 使子宫内膜增生变厚
D. 使子宫肌对缩宫素的敏感性降低
E. 体内红细胞总量减少
【单选题】
有关孕妇血液循环系统的生理性变化,错误的概念是___
A. 血容量增加至32~34周达高峰
B. 血液稀释出现生理性贫血
C. 血液黏稠度增加,处于高凝状态
D. 红细胞沉降率(血沉)增快
E. 体内红细胞总量减少
【单选题】
关于不协调性子宫收缩乏力,正确的叙述是___
A. 子宫肌肉不协调性收缩,致使宫腔内压力过低
B. 为无效宫缩
C. 产妇于宫缩间歇期时安静,腹痛消失
D. 子宫收缩极性倒置,但不影响宫口扩张
E. 一般不会出现胎儿宫内窘迫
【单选题】
子宫内膜异位症痛经的特点是___
A. 痛经发生于月经前期
B. 痛经发生于月经前,经期加重,经后缓解
C. 痛经与月经周期无关
D. 痛经经期轻微,经后加重
E. 痛经多为原发性痛经