【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
CD
解析
暂无解析
相关试题
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
A. 4
B. 3
C. 2
D. 5
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
推荐试题
【单选题】
What is true regarding datastores on ESXi 6.x? ___
A. NFS 4.1 datastore does not support Fault Tolerance (FT)
B. VMFS3 and VMFS5 datastores can be newly created
C. NFS datastore can be concurrently mounted using NFS 4.1 on one host and NFS on another
D. NFS 3.0 datastore does not support Fault Tolerance (FT)
【单选题】
An administrator is cloning and configuring five new web server virtual machines. What would be the benefit of configuring resource shares for the new VMs? ___
A. To prioritize access to a resource during contention.
B. To guarantee access to a resource during contention.
C. To prioritize access to a resource before contention occurs.
D. To guarantee access to a resource before contention occurs.
【单选题】
An administrator logs into the vSphere Web Client and sees the warning shown in the Exhibit. During a change control window, the warning was addressed. What should be done to verify that the host is no longer showing the warning? ___
A. Run a Remediate host operation.
B. Recheck the compliance of the host.
C. Restart the host to get rid of the warning.
D. Install VMware tools to clear the warning.
【单选题】
A vApp named Sales has a Memory Limit of 32 GB and a CPU Limit of 12,000 MHz. There are three virtual machines within the vApp: <Sales-DB -- Has a memory reservation of 20 GB. > <Sales-DC -- Has a memory reservation of 8 GB. > <Sales-Web -- Has a memory reservation of 8 GB.> Which statement is correct? ___
A. All three virtual machines can power on, but will have memory contention.
B. All three virtual machines can power on without memory contention.
C. Only two of the three virtual machines can power on.
D. Only one of the virtual machines can power on.
【单选题】
You are editing the management network configuration of an ESXi 6.x Host from the vSphere Web Client. You mistakenly put the incorrect VLAN in place for the management network. What action do you need to take to correct this? ___
A. You need to manually edit the configuration on the host with command line utilities.
B. No action is required. By default ESXi rolls back configuration changes that disconnect the host.
C. The ESXi host system configuration will need to be restored to the factory configuration to fix the issue.
D. The change can be reverted in the vSphere Web Client by simply editing the switch again.
【单选题】
What is true about resource pools created on a Distributed Resource Scheduler (DRS) cluster?___
A. A root resource pool is created with the specified values.
B. A root resource pool is automatically created using the aggregate total of the ESXi host resources in the cluster.
C. A root resource pool is automatically created using the aggregate total of all resources in the datacenter.
D. A root resource pool is not needed when creating resource pools on a DRS cluster.
【单选题】
An administrator attempts to enable Enhanced vMotion Compatibility (EVC) on a cluster. The operation results in a compatibility error, as shown in the exhibit. What is the likely cause of this error? ___
A. The CPUs in the ESXi host are not AMD CPUs.
B. The CPUs in the ESXi host do not support hardware virtualization capabilities.
C. The XD/NX CPU features have not been enabled in the BIOS of the server.
D. There is no shared storage between the hosts in the cluster.
【单选题】
What condition would prevent an administrator from creating a new VMFS3 datastore on an ESXi 6.x host using the vSphere Web Client? ___
A. A VMFS3 datastore cannot be created on an ESXi 6.x host.
B. The VMFS3 kernel module is not loaded.
C. A VMFS3 datastore cannot be mounted on an ESXi 6.x host.
D. VMFS3 datastores are not compatible with virtual machines created on an
E. SXi 6.x host.
【单选题】
During a new vSphere Distributed Switch configuration, where does the Maximum Transmission Unit (MTU) value get modified? ___
A. Uplink Settings
B. Switch Settings
C. Portgroup Settings
D. NIC Teaming Settings
【单选题】
A small company wants to use VMware products for its production systems. The system administrator needs to recommend a solution that will deliver High Availability to the company's production applications. What is minimum vSphere offering that will support this requirement? ___
A. vSphere Essentials
B. vSphere Essentials Plus
C. vSphere Hypervisor
D. vSphere Standard
【单选题】
Which scenario shows a reason for VMware Tools failing to install? ___
A. Virtual machine has a CD-ROM configured.
B. Guest OS Antivirus is blocking the VMware Tools installation.
C. Guest OS has 64-bit ldd (list dynamic dependencies) utility installed.
D. Virtual machine is powered on.
【单选题】
An administrator is configuring an ESXi 6.x host to use multiple NICs to resolve a management network redundancy error. After configuring a second NIC, the server is not able to communicate when the primary connection is taken down. The administrator analyzes the Exhibit shown here. Based on the exhibit, what is the likely cause of the issue? ___
A. vmnic4 is not attached to a vSwitch.
B. vmnic2 is not connected to a physical switch.
C. E1000 is the incorrect NIC
D. river for this card.
【单选题】
What information is required as part of an interactive ESXi 6.x installation? ___
A. Keyboard layout
B. IP Address
C. Root password
D. DNS information
【单选题】
What is the default load balancing policy for a newly created VMkernel port on a vSphere Distributed Switch? ___
A. Route based on orginating virtual port ID
B. Route based on IP Hash
C. Route based on source mac address
D. Route based on physical NIC load
【单选题】
An administrator deploys vCenter Server using the embedded Platform Services Controller. After testing the deployment for a couple of months, it is determined that the environment would be better served with an external Platform Services Controller. What should the administrator do to meet this new requirement? ___
A. Deploy a fresh instance of vCenter Server with an external Platform Services Controller.
B. Perform a fresh install of an external Platform Services Controller.
C. Migrate the embedded Platform Services Controller to an external Platform Services Controller.
D. Upgrade the embedded Platform Services Controller to an external Platform Services Controller.
【单选题】
Why are some virtual machines orphaned after rebooting a High Availability (HA) enabled host? ___
A. The Orphaned virtual machines have HA restart disabled.
B. The Orphaned virtual machines moved recently and the change did not persist.
C. The host is attached to failed storage.
D. The host just came out of maintenance mode.
【单选题】
Which vSphere 6 Standard Edition feature will allow an organization to ensure that critical multi-threaded applications have the maximum possible uptime? ___
A. Fault Tolerance
B. High Availability
C. Distributed Resource Scheduler
D. App HA
【多选题】
An application running in a virtual machine is experiencing performance issues. When utilizing performance monitoring utilities, it is noted that the CPU Utilization of the application is at 100%. Which two scenarios are probable causes of the CPU contention for the application? (Choose two.)___
A. There is a network I/O constraint.
B. There is a storage I/O constraint.
C. There is insufficient disk space assigned to the virtual machine.
D. The application is not virtualization aware.
【多选题】
A Fault Tolerance (FT) virtual machine with four vCPUs is experiencing high latency when performing ICMP and Application tests. What are three potential causes that may be attributing to this latency? (Choose three.)___
A. The FT network has insufficient bandwidth and is running on a 1GB Link.
B. The FT network is on a particularly high latency link.
C. The FT network has been configured with Network I/O Control.
D. The FT virtual machine is running an e1000 network adapter.
E. The
F. T virtual machine is running on poor performing network-based storage.
【多选题】
A virtual machine is experiencing performance issues. The following performance metrics are observed: <CPU usage value for the virtual machine is above 90%> < CPU ready value for the virtual machine is above 20%> Which two activities will likely resolve the performance issues? (Choose two.)___
A. Set a CPU reservation for the virtual machine.
B. Increase the CPU limit on the virtual machine.
C. Decrease CPU shares equally for all virtual machines on the host.
D. Increase CPU shares equally for all virtual machines on the host.
【多选题】
An administrator is upgrading a vSphere Distributed Switch. The existing switch is version 6.0 and the administrator wants to upgrade to the latest version possible. The environment contains several ESXi 6.1 hosts. Which two options are available to ensure that the upgraded switch will be compatible with these hosts? (Choose two.)___
A. Upgrade the vSphere Distributed Switch to 6.0
B. Upgrade the ESXi 5.5 hosts to version 6.0, then upgrade the vSphere Distributed Switch to 5.5
C. Upgrade the vSphere Distributed Switch to 5.1
D. Upgrade the
E. SXi host switches to 5.5, then upgrade the vSphere Distributed Switch to 5.5
【多选题】
An administrator attempts to create a Thick Provisioned Virtual Disk (VMDK) on an NFS datastore; but it fails. Which two reasons would explain the failure? (Choose two.)___
A. Datastore is on an NFS 3 storage server that does not support Hardware Acceleration
B. Datastore is on an NFS 4.1 storage server
C. Only VMFS datastores support "Thick Provisioned" VMDK
D. The NFS datastore was not created on a "Thick Provisioned" device
【多选题】
Which two NFS Protocol versions does vSphere 6 support? (Choose two.)___
A. Version 3
B. Version 3.1
C. Version 4
D. Version 4.1
【多选题】
Which three operations occur during a cold migration of a virtual machine? (Choose three.)___
A. The virtual machine disks are moved if the datastore is being changed.
B. The virtual machine is registered with the destination server.
C. The source virtual machine is removed from the old hosts.
D. The virtual machine hardware is upgraded.
E. The virtual machine files are quiesced prior to the migration.
【多选题】
A 4 GB Memory virtual machine is experiencing extended memory issues, as shown in the Exhibit. What potential issues could be attributed to this memory pressure?___
A. A limit is imposed on the virtual memory of this virtual machine.
B. The Balloon driver has been uninstalled.
C. A limit has been imposed on the Virtual CPU of the virtual machine.
D. Storage IO control has been enabled for the virtual machine causing the swapped memory.
【多选题】
You are creating a virtual machine in the Web Client using the New Virtual Machine wizard. Which two steps are required? (Choose two.)___
A. Select a valid name.
B. Select a cluster for the compute resource.
C. Select a network adapter.
D. Select the virtual machine compatibility.
【多选题】
An administrator has been given requirements to configure vMotion for a new virtual machine. The configuration should: <Provide Network Redundancy Use VLAN 550> <Be secured against anyone trying to spoof communication The vSwitch1 configuration is shown in the Exhibit.> Which three changes should be made to meet the stated requirements? (Choose three.)___
A. The VLAN ID must be set appropriately.
B. The default values for MAC Address Changes and Forged Transmits must be altered.
C. The teaming and failover adapters must be set appropriately.
D. The Traffic Shaping configuration must be altered.
E. The Load Balancing Policy must be set appropriately.
【多选题】
Which three traffic types are available services options when configuring a vmkernel port? (Choose three.)___
A. Provisioning Traffic
B. Virtual Volumes Traffic
C. vSphere Replication NFC Traffic
D. Virtual SAN Traffic
E. FCoE Traffic
【多选题】
An administrator logs into the vSphere Web Client, but is unable to see any hosts and clusters. Which two options could fix the problem? (Choose two.)___
A. Verify that the client web browser and vCenter Server are in the same broadcast domain.
B. Verify that the vCenter Server system is registered with the same Platform Services Controller as the vSphere Web Client.
C. Log in to the vCenter Server as a user within the Active
D. irectory domain.
【多选题】
Which three VLAN Tagging modes are available in vSphere 6.x? (Choose three.)___
A. External Switch Tagging
B. Private VLAN Tagging
C. Virtual Switch Tagging
D. VXLAN Tagging
E. Virtual Guest Tagging
【多选题】
Which two statements are true about VMFS5 datastores on ESXi 6.x? (Choose two.)___
A. Virtual Disk (VMDK) size can be larger than 2TB.
B. Datastore extent size can be larger than 2TB.
C. Only Physical Mode Raw
D. evice Map (Passthrough-RDM) can be larger than 2TB.
【多选题】
Which two statements are correct when turning off a Distributed Resource Scheduler (DRS) Cluster? (Choose two.)___
A. The resource pool hierarchy of the DRS cluster is maintained.
B. The resource pool hierarchy of the DRS cluster is removed.
C. The affinity settings of the
D. RS cluster are removed and not maintained when DRS is re-enabled.
【多选题】
An administrator is creating a new Virtual SAN cluster on a Layer 2 network. There is an existing Virtual SAN cluster on the same Layer 2 network. Which two actions would allow the new Virtual SAN cluster to coexist with the older cluster? (Choose two.)___
A. Change the default Multicast Address on the new Virtual SAN cluster.
B. Change the default Unicast Address on the new Virtual SAN Cluster.
C. Create a separate VLAN for each cluster.
D. Create an ARP Alias for the Virtual SAN VMkernel Network Adapter.
【多选题】
A vCenter Operations Manager 5.7 environment is upgraded to vRealize Operations. After the upgrade, the analytics services fail to start. Which three steps must be taken to resolve the problem? (Choose three.)___
A. Take the vRealize Operations cluster offline.
B. Delete the activity persistence files.
C. Bring the cluster back online.
D. Remove any unresponsive nodes.
E. Stop the CaSA service.
【多选题】
An organization has an ESXi 6.x host that contains two resource pools. The host is being relocated to a DRS cluster. What two actions can be taken to integrate the host into the cluster, and what would happen to the existing ESXi resource pool hierarchy as a result? (Choose two.)___
A. Place all of the host's virtual machines into the DRS cluster root resource pool. The resource pools present on the host will be deleted.
B. Create a resource pool for the ESXi host's virtual machines and resource pools. The resource pools present on the host will be deleted.
C. Place all of the host's virtual machines into the DRS cluster root resource pool. The resource pools present on the host will be preserved.
D. Create a resource pool for the
E. SXi host's virtual machines and resource pools. The resource pools present on the host will be preserved.
【多选题】
Which two parameters are required when adding an iSCSI target to an iSCSI Software Adapter using Dynamic Discovery? (Choose two.)___
A. The iSCSI device's IP Address or Fully Qualified Domain Name
B. The Port Number
C. The iSCSI device's iSCSI Qualified Name (IQN)
D. The Default Gateway IP Address
【多选题】
Which two SMTP Notification Event Details are specific to alarms triggered by events? (Choose two.)___
A. User Name
B. Summary
C. Old Status
D. Target
【多选题】
Which two High Availability ___ Cluster admission control policies can help avoid resource fragmentation? (Choose two.)(AC)
A. Define failover capacity by static number of hosts
B. Define failover capacity by reserving a percentage of the cluster resources
C. Use dedicated failover hosts
D. Use Virtual Machine Monitoring
【多选题】
An attempt to enable vSphere Fault Tolerance for a powered-on virtual machine fails. Which two scenarios would result in this failure? (Choose two.)___
A. The virtual machine has three vCPUs configured.
B. The host on which the virtual machine is running has insufficient memory resources.
C. The virtual machine has insufficient resources to accommodate full reservation plus the overhead memory.
D. VMware High Availability is enabled on the cluster of which this host is a member.
【多选题】
A vApp template recently added to a Content Library is not displayed. Which two actions could correct this problem? (Choose two.)___
A. Manually synchronize the library
B. Select the Download all library content immediately option
C. Select the Sync subscribed library option
D. Manually download the vApp template
