【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
AD
解析
暂无解析
相关试题
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
A. 4
B. 3
C. 2
D. 5
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
推荐试题
【多选题】
航空食品装机交接时,客舱乘务员应查验食品安全信息,验收合格后方可装机。凡存在___情形,客舱乘务员应予以拒收。
A. 出成品冷库时,冷链食品表面温度高于5 ℃
B. 食品出成品冷库时间距旅客预计食用时间超过第二质量控制期限
C. 食品感官性状异常
D. 外包装破损
【多选题】
下列关于机上水箱饮用水水质要求的表述,正确的是___:
A. 应符合生活饮用水GB5749的规定
B. 应加热处理后饮用
C. 应符合矿泉水相关标准的要求
D. 应符合纯净水相关标准的要求
【多选题】
客舱服务员提供供餐服务前应___。
A. 洗手
B. 对食品的感官性状进行检查
C. 特殊餐食配发前,应确认旅客信息(姓名、座位和餐食种类等)
D. 发现有腐败变质或者其他感官性状异常的,不得配发
【多选题】
下列关于回程餐/多程餐要求的表述,正确是___:
A. 客舱乘务员应至少每隔2h对回程餐/多程餐中的冷链食品储存温度进行测试
B. 客舱乘务员应至少每隔1h对回程餐/多程餐中的冷链食品储存温度进行测试
C. 回程餐/多程餐不得与食品废弃物混合存放
D. 回程餐/多程餐不得与使用过的餐具混合存放
【多选题】
已装机的冷链食品,___应撤回。
A. 表面温度超过25℃,且航班延误超过2个小时
B. 表面温度超过20 ℃,且航班延误超过3个小时
C. 表面温度超过15℃,且航班延误超过4个小时
D. 表面温度超过15℃,且航班延误超过5个小时
【多选题】
出入境航空器负责人应当___。
A. 遵守《国境卫生检疫法》及其实施细则的规定
B. 遵守有关卫生法规的规定
C. 为卫生监督员的监督和检查提供方便
D. 接受卫生监督员的建议对航空器的卫生状况及时采取改进措施
【多选题】
对出入境航空器的卫生要求包括___:
A. 客舱保持清洁卫生,通风良好
B. 配备足够的消毒、除鼠、除虫药物及器械
C. 货舱、行李舱在装货前或卸货后应彻底清扫,有毒物品和食品不得混装。
D. 不符合卫生要求的必须接受海关的督导立即改进
【多选题】
___适用于航空器卫生监督的标准或规程。
A. 《入出境航空器卫生监督规程》(SN/T 1237)
B. 《公共交通工具卫生标准》(GB9673)
C. 《出入境口岸航空配餐卫生标准》(SN/T2769)
D. 《入出境航空器医学媒介生物控制标准》(SN/T1422)
【多选题】
下列关于客舱微小气候和空气质量监测点选择的表述,正确的是___:
A. 应该考虑机上的平面布局和立体布局,机上的立体布点应有上、中、下三个监测平面,并分别在三个平面上布点
B. 应避开人流通风道和通风口
C. 采集高度宜在0.8~1.0m,并距离舱壁0.5~1m
D. 前配餐间、中舱、后舱配餐间各选两个点
【多选题】
出入境航空器卫生监督使用的检测仪器应该___。
A. 按计量规定定期进行检定
B. 修理后的仪器可直接使用
C. 使用前确保仪器能正常工作
D. 每次连续监测前应对仪器进行常规检查
【多选题】
下列关于出入境航空器废弃物处理的表述,正确的是___:
A. 应配备足量的废弃物储存容器
B. 固体废弃物应该袋装后集中到有盖容器内
C. 染疫航空器废弃物应按要求进行检疫处理和无害化处理
D. 航空器上液体废弃物卸离时,不应发生漏、滴等现象
【多选题】
出入境航空食品卫生检查内容应该包括___:
A. 航空食品储存场所的卫生状况是否符合卫生要求
B. 检查储藏容器是否密闭
C. 餐食、水果等是否使用冷藏保鲜装置
D. 食品储藏容器内是否有病媒昆虫、啮齿动物侵袭的迹象
【多选题】
下列关于出入境航空器上媒介生物监测的表述,正确的是___:
A. 目测检查不得发现鼠及鼠征(鼠洞、鼠迹、鼠咬痕、鼠粪等)
B. 目测法检查不应发现活蝇或有苍蝇孳生环境
C. 不得发现活蚊,航空器上不应存有陈旧性小型积水
D. 目测检查不应发现其他病媒昆虫
【多选题】
下列关于冷藏箱储存场地卫生要求的表述,正确的是___:
A. 具有专用的冷藏集装箱冷藏性能检测的设备及场地
B. 生活垃圾应袋装化或存放在带盖容器内,不得有渗漏
C. 具有相应的冲洗及消毒设施
D. 具有专用的电源插座和水源阀门
【多选题】
下列关于口岸食品储存场地卫生要求的表述,正确的是___:
A. 场地要定期消毒,做好消毒记录
B. 同一食品仓库不得同时储存相互影响食品风味的原材料或其他材料
C. 冷库应保持合适温度,高温冷库温度一般控制在-4-0℃,低温冷库应在-15℃以下
D. 腐败变质食品应当及时清除
【多选题】
从事国境口岸食品生产的,申请卫生许可时,应当提供的材料有___。
A. 场所及其周围环境平面图
B. 生产工艺流程图
C. 生产加工各功能区间布局平面图
D. 具备资质的检测机构出具的生产用水卫生检验报告
【多选题】
从事国境口岸入/出境交通工具食品供应的,申请卫生许可时,应当提供的材料有___。
A. 与食品销售相适应的经营设施空间布局平面图
B. 符合冷链运输要求的专用食品运输车辆
C. 与食品销售相适应的经营设施设备清单
D. 符合冷链运输要求的冷冻冷藏设施的证明材料
【多选题】
从事国境口岸餐饮服务的,申请卫生许可时,应当提供的材料有___。
A. 经营场所和设备布局示意图
B. 加工流程示意图
C. 具备资质的检测机构出具的用水卫生检验报告
D. 卫生设施示意图
【多选题】
从事国境口岸公共场所经营的,申请卫生许可时,应当提供的材料有___。
A. 营业场所平面图
B. 公共场所卫生检测或者评价报告
C. 使用集中空调通风系统的,应当提供集中空调通风系统卫生检测或者评价报告
D. 卫生设施平面布局图
【多选题】
___属于海关应当依法撤销被许可人取得的卫生许可的情形。
A. 海关工作人员滥用职权、玩忽职守作出准予卫生许可决定的
B. 违反法定程序作出卫生许可决定的
C. 对不具备申请资格或者不符合法定条件的申请人准予卫生许可的
D. 申请人以欺骗、贿赂等非法手段骗取卫生许可证的
【多选题】
___属于海关应当依法注销被许可人取得的卫生许可的情形。
A. 超越法定职权作出卫生许可决定的
B. 卫生许可有效期届满未延续的
C. 被许可人申请注销卫生许可的
D. 因不可抗力导致卫生许可事项无法实施的
【多选题】
根据《国境口岸卫生监督办法》规定,停留在国境口岸的国际行驶的客车的卫生要求包括___:
A. 随时擦洗,保持无垃圾尘土
B. 卧具每次使用后必须换洗
C. 卧具上不得有虱子、跳蚤、臭虫等病媒昆虫
D. 应当保持通风良好
【多选题】
根据《国境口岸卫生监督办法》规定,进出国境口岸交通工具的粪便、垃圾、污水处理的卫生要求有___。
A. 生活垃圾应当集中放在带盖的容器内,禁止向港区、机场、站区随意倾倒,应当由污物专用车(船)集中送往指定地点进行无害化处理。
B. 必要时,粪便、污水须经过卫生处理后方能排放
C. 来自鼠疫疫区交通工具上的固体垃圾必须进行焚化处理
D. 来自霍乱疫区交通工具上的粪便、压舱水、污水,必要时实施消毒
【多选题】
国境口岸卫生监督员在执行任务时,___。
A. 有权对国境口岸和入境、出境的交通工具进行卫生监督和技术指导
B. 对卫生状况不良和可能引起传染病传播的因素提出改进意见
C. 协同有关部门采取必要的措施
D. 进行卫生处理
【多选题】
国境卫生检疫机关根据国家规定的卫生标准,对国境口岸的卫生状况和停留在国境口岸的入境、出境的交通工具的卫生状况实施卫生监督有___。
A. 监督和指导有关人员对啮齿动物、病媒昆虫的防除
B. 检查和检验食品、饮用水及其储存、供应、运输设施
C. 监督从事食品、饮用水供应的从业人员的健康状况,检查其健康证明书
D. 监督和检查垃圾、废物、污水、粪便、压舱水的处理
【多选题】
根据《国境口岸卫生监督办法》规定,国境口岸货车的卫生要求包括___:
A. 应当消灭蚊、蝇、蟑螂、鼠等病媒昆虫和有害动物及其孳生条件
B. 在装货前或卸货后应当进行彻底清扫,做到无粪便、垃圾
C. 凡装载有毒物品和食品的货车,应当分开按指定地点存放,防止污染,货物卸空后应当进行彻底洗刷
D. 来自疫区的行李、货物,要严格检查,防止带有病媒昆虫和啮齿动物
