【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
AC
解析
暂无解析
相关试题
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
A. 4
B. 3
C. 2
D. 5
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
推荐试题
【单选题】
当GEN2(右发电机)不可用,飞机2号电网将可从哪些电源获得电能?___
A. GEN1(左发电机)、APU发电机、地面电源
B. GEN1(左发电机)、APU发电机
C. GEN1(左发电机)
D. 应急发电机
【单选题】
当发现跳开关面板上有跳开关被拔出或跳开的情况下,应当如何进行处理:___
A. 无须理会,直接执行手上的维护工作
B. 大致检查系统状况正常后即可闭合
C. 检查是否有合法的拔出标示牌;如果没有,必须先确认该跳开关是否与系统状况相符合或造成跳开关跳出的故障已经排除,确认后才能闭合
D. 检查是否有合法的拔出标示牌;如果没有,先闭合该跳开关并对系统进行测试,以确认系统是否存在故障
【单选题】
当工作人员看到驾驶舱头顶板35VU电源面板上“EXTPWR”按钮电门上的“AVAIL”标示燃亮,这表明:___
A. 地面电源已经连接到飞机电网
B. 地面电源已经连接好
C. 地面电源不可用
D. 地面电源已经连接到勤务汇流条
【单选题】
当工作人员连接地面电源电缆到外电源插座后,电源插座托架上琥珀色的“EXTPWR/AVAIL”灯及白色的“EXT/PWRNOTINUSE”灯燃亮,这表明:___
A. 外部电源质量良好,但电源并没有连接到飞机电网上
B. 外部电源质量有缺陷,但电源并没有连接到飞机电网上
C. 外部电源质量良好,但电源已经连接到飞机电网上
D. 外部电源电缆未正确连接到飞机外电源插座上
【单选题】
电源分配系统中,电路跳开关(断路器)端头的颜色分有几种,其区别是:___
A. 1种:黑色。没有不同点
B. 2种:黑色和绿色。黑色是正常构型,绿色包含有连接到SDAC的辅助线路
C. 3种:黑色、绿色、黄色。黑色是正常构型,绿色包含有连接到SDAC的辅助线路,黄色表示处于同一系统的电路上
D. 4种:黑色、绿色、黄色、红色。黑色是正常构型,绿色包含有连接到SDAC的辅助线路,黄色表示处于同一系统的电路上,红色表明为重要系统的电路跳开关
【单选题】
电源分配系统中,某些电路跳开关头部有明显的黄色标示圈,其功用是:___
A. 标识标志,表明这些跳开关与SDAC有直接的线路联系
B. 标识标志,表明这些跳开关属飞机重要的操作系统
C. 警告标志,说明这些跳开关不允许断开
D. 帮助工作人员在跳开关面板上更容易的发现这些跳开关
【单选题】
电源分配系统中,有些处于闭合状态下的电路跳开关(断路器)头部套有红色的衬套,其功用是:___
A. 相关电路条开关处于MEL放行的构型状态下
B. 避免这些电路跳开关在空中被机组复位,以确保飞行安全
C. 同一系统的电路跳开关标识,帮助辨认和查找
D. 重要系统的电路跳开关,在通电状态下禁止拔开
【单选题】
电源系统维护中,能否在地面状态下脱开发动机上的IDG(内部脱开与发动机附件齿轮箱的连接)?___
A. 可以在地面任何情况下通过按压相应IDG电门完成脱开工作
B. 在地面且发动机必须运转的情况下,可通过按压相应IDG电门来完成脱开工作
C. 必须将飞机模拟到控制状态后,通过按压相应的IDG电门完成脱开工作
D. 必须将飞机模拟到控制状态后且发动机运转的情况下,通过按压相应的IDG电门完成脱开工作
【单选题】
电源系统中,APU发电机的输出电源性能:___
A. 115V/200V、三相、400HZ
B. 220V/380V、三相、400HZ
C. 115V/200V、单相、400HZ
D. 115V/200V、三相、50HZ
【单选题】
电源系统中,IDG(整体驱动发电机)脱开电门安装在:___
A. 驾驶舱49VU(头顶跳开关面板)
B. 驾驶舱120VU(后跳开关面板)
C. 前登机门过道头顶2000VU(跳开关面板)
D. 驾驶舱20VU(头顶控制面板),并有红色保护盖保护
【单选题】
电源系统中,共有两台EGIU(ElectricalGenerationInterfaceUnit)它门被安装在:___
A. 驾驶舱120VU面板(后跳开关面板)
B. 电子设备舱90VU设备架上
C. 前登机过道顶部的2000VU面板上
D. 后登机过道顶部的2001VU面板上
【单选题】
电源系统中,静变流机的作用是:___
A. 将BAT1的直流电转换为115V、400HZ交流电
B. 将BAT1的直流电转换为220V、50HZ交流电
C. 将115V的交流电转换为28V直流电
D. 将220V的交流电转换为28V直流电
【单选题】
电源系统中,每台发动机均附带一台整体驱动发电机(IDG),IDG位于发动机的:___
A. 发动机左侧,风扇包皮内
B. 发动机右侧,风扇包皮内
C. 发动机左侧,核心机匣内
D. 发动机右侧,核心机匣内
【单选题】
电源系统中,外电源的接通是通过:___
A. 操作驾驶舱头顶ELEC面板上的“EXTPWR”电门,由GCU1控制接通外部电源
B. 操作驾驶舱头顶ELEC面板上的“EXTPWR”电门,由GCU2控制接通外部电源
C. 操作驾驶舱头顶ELEC面板上的“EXTPWR”电门,由GPCU控制接通外部电源
D. 操作前登机过道顶部的2000VU面板上的“MAINTBUS”电门,由GPCU控制接通外部电源
【单选题】
电源系统中发电机控制器(GCU)的主要功能包括:___
A. 通过励磁电流控制发电电压的产生
B. 通过控制GLC(发电机电路接触器)和发电机励磁电流来保护发电机
C. 提供系统自检功能,发送关联的警告
D. A、B、C均是GCU主要功能
【单选题】
电源系统中辅助电源来自APU发电机,其作用是:___
A. 在飞行中替换一个或两个失效的发动机GEN向飞机供电;在地面状态下替换不可用的地面电源向飞机供电
B. 在飞行中仅替换一个失效的发动机GEN向飞机供电;在地面状态下替换不可用的地面电源向飞机供电
C. 在飞行中和发动机GEN共同向飞机供电;在地面状态下替换不可用的地面电源向飞机供电
D. 在飞行中和发动机GEN共同向飞机供电;在地面与地面电源共同向飞机供电
【单选题】
飞机电源系统向厨房提供电能,其控制是通过:___
A. 通过驾驶舱头顶板35VUELEC面板上的“GALLEY”(部分构型为:GALY&CAB)按钮电门来控制
B. 通过驾驶舱头顶板35VUELEC面板上的“GEN1”按钮电门,通过GCU1进行控制
C. 通过驾驶舱头顶板35VUELEC面板上的“GEN2”按钮电门,通过GCU2进行控制
D. 通过驾驶舱头顶板35VUELEC面板上的“APUGEN”按钮电门,通过APUGCU进行控制
【单选题】
飞机在地面的状况下,飞机的主电源来源可能是:___
A. 左、右发电机
B. 左、右发电机;APU发电机
C. 左、右发电机;APU发电机;地面外电源
D. 左、右发电机;地面外电源
【单选题】
关于GCU维护测试的描述,正确的是:___
A. 只能在地面状态下,并且IDG已经停止工作
B. 可以在任何状态下,但IDG已经停止工作
C. 只能在地面,但允许IDG处于任何状态
D. 系统在任何状态下均允许进行GCU的维护测试
【单选题】
驾驶舱20VU(头顶控制面板)中电源控制面板上用红色保护盖保护的左右IDG(整体驱动发电机)电门,其功用是:___
A. 接通电门,使相应的发电机开始工作
B. 接通电门,使相应的发电机向飞机提供电源
C. 接通电门,使得相应的发电机衔接到发动机上,并开始发电
D. 在故障情况下,用来脱开相应发动机IDG
【单选题】
驾驶舱内分布有哪些重要的电路跳开关面板?___
A. 49VU;105VU
B. 120VU;106VU
C. 105VU;106VU;2000VU
D. 49VU;120VU
【单选题】
驾驶舱头顶板35VUELEC面板上的两个液晶式电压表用来指示:___
A. 两台主发电机输出电压
B. TR1及TR2的输出电压
C. APU发电机及CSM/G(应急马达发电机)输出电压
D. BAT1和BAT2的电压
【单选题】
控制操作地面勤务汇流条的“MAINTBUS”电门位于:___
A. 驾驶舱49VU面板(头顶跳开关面板)
B. 驾驶舱20VU面板(头顶控制面板)
C. 驾驶舱120VU面板(后跳开关面板)
D. 前登机过道顶部的2000VU面板
【单选题】
外部电源通过飞机上的外电源插座,向飞机提供:___
A. 单相、400HZ、115/200V交流电源
B. 三相、400HZ、115/200V交流电源
C. 单相、400HZ、220/380V交流电源
D. 三相、400HZ、220/380V交流电源
【单选题】
下ECAM的“ELEC”页面上右发电机概况图下面显示的“IDG2110℃”字符表示:___
A. IDG滑油进口温度达到110℃
B. IDG滑油温升达到110℃
C. IDG滑油出口温度达到110℃
D. IDG滑油冷却器出口温度达到110℃
【单选题】
用红色护盖保护的应急马达发电机(CSM/G)电门,安装在:___
A. 前登机门过道头顶2000VU(跳开关面板)
B. 驾驶舱20VU(头顶控制面板)
C. 驾驶舱120VU(后跳开关面板)
D. 驾驶舱49VU(头顶跳开关面板)
【单选题】
在安装外电源电缆接头到外电源插座的时候,应当注意:1)连接前确认外电源电缆未有电源连接;2)外电源电缆接头和外电源插座状况良好;3)连接好后应当将电缆保持皮带挂好,防止电缆接头松脱___
A. 1和3
B. 1和2
C. 2和3
D. 1、2、3
【单选题】
在电源系统维护作业中,如果需要更换电路上的电路接触器或电路跳开关,正常的安全程序是:___
A. 无须切断飞机电源,但要拔掉电路跳开关并小心更换
B. 对于115V高电压电路,必须切断电源;对于28V电压电路,无须切断电源,小心更换即可
C. 切断飞机电源,小心更换
D. 必须切断飞机电源,对于热电瓶汇流条电路,还必须切断电瓶电源
【单选题】
在飞行中,APU驱动的发电机相对于另两台由发动机驱动的发电机而言,它是:___
A. 辅助性发电机,能替换其中任何一台发电机
B. 辅助性发电机,能完全替代另两台发电机
C. 辅助性发电机,只能在地面使用
D. 主要的供电电源
【单选题】
在紧急的情况下,应急马达发电机能向飞机提供(——)的电源。___
A. 5KVA,115/200V,三相,400HZ
B. 500KVA,115/200V,三相,400HZ
C. 55KVA,115/200V,单相,400HZ
D. 5KVA,220/380V,三相,400HZ
【单选题】
在脱开连接在飞机外电源插座上的地面电源电缆的时候,工作人员应当如何在地面确保飞机电网与地面电源的连接已经切断?___
A. 确认外电源插座托架上的琥珀色“EXTPWR/AVAIL”灯燃亮即可
B. 确认外电源插座托架上的白色“EXT/PWRNOTINUSE”灯燃亮即可
C. 确认外电源插座托架上的琥珀色“EXTPWR/AVAIL”灯及白色“EXT/PWRNOTINUSE”灯同时燃亮
D. 确认外电源插座托架上的琥珀色“EXTPWR/AVAIL”灯及白色“EXT/PWRNOTINUSE”灯同时熄灭
【单选题】
在正常的情况下ACESSBUS(交流基本汇流条+B28)由(——)提供电源。___
A. TR1(变压整流器1)
B. ACBUS1
C. ACBUS2
D. CSM/G(应急马达发电机)
【单选题】
怎样去确认发动机上的IDG(整体驱动发电机)滑油油量?___
A. 通过IDG上滑油量观察窗油面所在颜色area来确定滑油量
B. 在IDG滑油量窗上观察是否能看到油面
C. 在下ECAM的ELEC页面查看IDG滑油量
D. 在上ECAM查看相应的IDG滑油量
