【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
C
解析
暂无解析
相关试题
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
A. SHA
B. IPSec
C.
D. ES
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
【多选题】
crypto ipsec trans form-set myset esp-md5-hmac esp-aes-256,What are two effects of the given command?___
A. It configures authentication use AES 256.
B. It configures authentication to use MD5 HMAC
C. It configures authentication use AES 256.
D. It configures encryption to ase MD5 HMAC.
E. It configures encryption to use AES 256
【多选题】
your security team has discovered a malicious program that has been harvesting the CEos email messages and the com pany 's user database for the last 6 months. What are two possible types of attacks your team discovered?___
A. social activism
B. EPolymorphic Virus
C. advanced persistent threat
D. drive-by spyware
E. targeted malware
【单选题】
以下关于数据处理的叙述中,不正确的足___。
A. :数据处理不仅能预测不久的未来,自时还能影响未
B. :数据处理和数据分析可以为决策提供真知灼见
C. :数据处理的重点应从技术角度去发现和解释数据蕴涵的意义
D. :数据处理足从现实世界到数据,冉从数据到现实世界的过程
【单选题】
“互联网十制造”是实施《中国制造2025》的重要措施。以下对“互联网十制造”主要特征的叙述中,不正确的是___。
A. :数字技术得到普遍应用,设计和研发实现协同与共享
B. :通过系统集成,打通整个制造系统的数据流、信息流
C. :企业生产将从以用户为中心向以产品为中心转型
D. :企业、产品和用户通过网络平台实现联接和交互
【单选题】
信息技术对传统教育方式带来了深刻的变化。以下叙述中,不正确的是___。
A. :学习者可以克服时空障碍,实现随时、随地、随愿学习
B. :给学习者提供宽松的、内容丰富的、个性化的学习环境
C. :通过信息技术与学科教学的整合,激发学生的学习兴趣
D. :教育信息化的发展使学校各学科全部转型为电子化教育
【单选题】
在信息收集过过程中,需要根据项目的目标把握数据___要求,既不要纳入过多无关的数据,也不要短缺主要的数据:既不要过于简化,也不要过于繁琐。
A. :适用性
B. :准确性
C. :安全性
D. :及时性
推荐试题
【单选题】
(31386)启动电源箱检修电器元件时应做到___。
A. 箱内电器安装牢固,接线紧固,配线无老化、龟裂。
B. 熔断器容量符合电气原理图要求。
C. 电气原理图清晰、完整、正确。
D. 以上都需要。
【单选题】
(31389)机房废气排气扇开机前应检查做到___。
A. 排气扇安装牢固
B. 排气扇电机接线无松动,配线无烧损、焦化、老化,护线管无破损
C. 排气扇扇叶无变形
D. 以上都需要
【单选题】
(31391)MTU柴油机不能正常停机的处理方法___。
A. 闭进油阀,断油停机
B. 松开双联单列过滤器的两根出油管,断油停机
C. 关闭应急风门,断气停机;紧急风门不能自动脱扣时,可手动操作脱扣
D. 以上都是
【单选题】
(31392)发现机组充电机对蓄电池不充电应___。
A. 检查充电机运转是否正常,有无卡死或皮带打滑现象。
B. 检查充电接触器是否动作,主触头是否接通(SFK71型车充电指示灯亮)。SFK122型车还需检查熔断器7FUK2,若均正常,但充电电流表显示仍为零或为负值(蓄电池电压仍为24V左右),说明充电发电机坏,可改用整流器充电或使用其它机组充电。
C. 若充电接触器不动作,用万用表交流500V档或试电笔测量接触器线圈两端电压。若有电压,充电接触器坏;无电压或电压过低,检查充电选择开关、熔断器、本车交流电源相线及零线是否良好。
D. 以上都需要
【单选题】
(31393)若充电电压已有25V以上,而充电电流为零,应检查___。
A. 充电电路接线是否接触不良
B. 蓄电池过充或亏损严重
C. 蓄电池连接线是否接触不良
D. 以上都需要
【单选题】
(31394)若充电机接触器不动作,测量接触器线圈两端电压不符要求,应检查___。
A. 充电选择开关是否良好
B. 充电线路熔断器是否良好
C. 本车交流电源相线及零线是否良好
D. 以上都需要
【单选题】
(31395)机房排气扇发生故障应___。
A. 检查电机接线有无松动。
B. 检查配线有无烧损、焦化、老化者现象。
C. 检查电机绕组对地绝缘电阻是否为0
D. 以上都需要
【单选题】
(31404)冷却风机自动位不工作改用手动操作,如电机工作正常,说明控制电路和主电路正常。应___。
A. 再恢复自动位,和万用表交流500V档测量85℃压力温度继电器触点两端电压。
B. 若有380V电压,说明压力温控器电触点未接通,可调整其动作值或更换温控器。
C. 若无电压,说明线路断线或开关自动位接触不良,停机后查找。
D. 以上都需要
【单选题】
(31405)如果冷却风机自动位及手动位风扇不工作,应___。
A. 检查主电路:空气开关、接触器、热继电器及线路。
B. 检查控制电路:压力式温度继电器、熔断器、高低压继电器及线路。
C. 检查冷却风机是否烧损。
D. 以上都需要
【单选题】
(31406)康明斯发电车1号冷却风机控制电路中,若1KT线圈损坏,将可能造成风机高速位时___。
A. 有低速无高速
B. 有高速无低速
C. 无低速也无高速
D. 高低速线圈同时供电
【单选题】
(31409)康明斯发电调速控制箱面板中,能使启动电机转动的是___。
A. SPEEDADJUST
B. CIRCUITBREAKER
C. CRANK
D. IDLE/RUN
【单选题】
(31414)康明斯KTA-19G2型柴油机在工作时,若冷机启机后,当水温为70 ℃左右时,发现散热器表面已较热,这说明___。
A. 节温器大阀过早打开
B. 节温器小阀过早打开
C. 节温器正常
D. 节温器大阀过迟打开
【单选题】
(31415)康明斯KTA-19G2型柴油机在工作时,若冷机启机后,当水温为80 ℃左右时,发现散热器表面还是凉的, 这说明___。
A. 节温器大阀过早打开
B. 节温器小阀过早打开
C. 节温器正常
D. 节温器大阀过迟打开
【单选题】
(31417)康明斯发电车1号冷却风机控制电路中,若1FU12损坏,将可能造成___。
A. 1 KA8线圈无法吸合
B. 1 KM1线圈无法吸合
C. 1 KM2线圈无法吸合
D. 其它三项所述都对
【单选题】
(31418)关于康明斯发电车中冷却风机电路相关叙述中,错误的是___。
A. 风机电路可实现手动与自动
B. 风机电路可实现高速与低速切换
C. 风机高速位时是先低速启动再高速运转
D. 风机电路中设有短路保护线圈FR
【单选题】
(31419)康明斯发电车1号冷却风机控制电路中,若1FU13损坏,将不可能造成___。
A. 1 KA8线圈无法吸合
B. 1 KM1线圈无法吸合
C. 1 KM2线圈无法吸合
D. 1 KT线圈无法吸合
【单选题】
(31422)康明斯发电车采用单机供电,下面哪种说法错误?___
A. 合1QF,Ⅰ机向Ⅰ路供电;再合4QF,Ⅰ机向Ⅱ路供电。
B. 合3QF,Ⅲ机向Ⅱ路供电;再合4QF,Ⅲ机向Ⅰ路供电。
C. 合2QF1,Ⅱ机向Ⅰ路供电;再合4QF,Ⅱ机向Ⅱ路供电。
D. 合2QF1,Ⅱ机向Ⅰ路供电;再合2QF2,Ⅱ机向Ⅱ路供电。
【单选题】
(31423)康明斯发电车采用双机供电时,可___。
A. 采用I机、Ⅲ机供电时,合1QF,I机向I路供电;合3QF,Ⅲ机向Ⅱ路供电。
B. 采用I机、Ⅱ机供电时,合1QF,I机向I路供电;合2QF2,Ⅱ机向Ⅱ路供电。
C. 采用Ⅱ机、Ⅲ机供电时,合2QF1,Ⅱ机向I路供电;合3QF,Ⅲ机向Ⅱ路供电。
D. 以上都可采用
