【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
B
解析
暂无解析
相关试题
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
A. 2
B. 3
C. 4
D. 5
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
【单选题】
When connecting to an external resource,you must change a source IP address to use one IP address from a range of 207.165.201.1 to 207.165.1.30. Which option do you implement ?___
A. dynamic source NAT that uses an IP ad dress as a mapped source
B. static destination NAT that uses a subnet as a real de stination
C. dynamic source NAT that uses a range as a mapped source
D. static destination NAT that uses a subnet as a real source
【单选题】
Refer to the exhibit. 【nat(ins,any)dynamic interface】Which ty pe of NaT is configured on a Cisco ASA?___
A. dynamic NAT
B. source identity NAT
C. dynamic PAT
D. identity twice NAT
【单选题】
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?___
A. CTA
B. DCA
C. AMP
D. DLP
【单选题】
Refer to the exhibit. What is the effect of the given configuration?___
A. It establishes the preshared key for the switch
B. It establishes the preshared key for the firewall.
C. It establishes the preshared key for the Cisco ISE appliance
D. It establishes the preshared key for the router.
【多选题】
What are two major considerations when choosing between a SPAN and a TAP when plementing IPS?___
A. the type of analysis the iS will perform
B. the amount of bandwidth available
C. whether RX and TX signals will use separate ports
D. the way in which media errors will be handled
E. the way in which dropped packets will be handled
【多选题】
What are two direct-to-tower methods for redirecting web traffic to Cisco Cloud Web Security?___
A. third-party proxies
B. Cisco Catalyst platforms
C. Cisco NAC Agent
D. hosted PAC files
E. CiSco ISE
【多选题】
Which three descriptions of RADIUS are true? ___
A. It uses TCP as its transport protocol.
B. Only the password is encrypted
C. It supports multiple transport protocols
D. It uses UDP as its transport protocol
E. It combines authentication and authorization
F. It separates authentication,authorization,and accounting
【多选题】
Which two configurations can prevent VLAN hopping attack from attackers at VLAN 10?___
A. using switchport trunk native vlan 10 command on trunk ports
B. enabling BPDU guard on all access ports
C. creating VLAN 99 and using switchport trunk native vlan 99 command on trunk ports
D. applying ACl between VLAN
E. using switchport mode access command on all host ports
F. using switchport nonegotiate command on dynamic desirable ports
【多选题】
What are two features of transparent firewall mode ___
A. It conceals the presence of the firewall from attackers
B. It allows some traffic that is blocked in routed mode
C. It enables the aSA to perform as a router.
D. It acts as a routed hop in the network.
E. It is configured by default
【多选题】
Which two models of A sa tend to be used in a data center?___
A. 5555X
B. 5585X
C. ASA service module
D. 5512X
E. 5540
F. 5520
【多选题】
Which two statements about hardware-based encrption are true?___
A. It is widely accessible
B. It is potentially easier to compromise than software-based encryption. It requires minimal configuration
C. It requires minimal configuration
D. It can be implemented without impacting performance
E. It is highly cost-effective
【多选题】
In which two modes can the Cisco We b Security appliance be de ployed?___
A. as a transparent proxy using the Secure Sockets Layer protocol
B. as a transparent proxy using the Web Cache Communication Protocol
C. explicit proxy mode
D. as a transparent proxy using the Hyper Text Transfer Protocol
E. explicit active mode
推荐试题
【单选题】
十九大报告指出,用新时代中国特色社会主义思想武装全党。要把___作为党的思想建设的首要任务。
A. 坚定理想信念
B. 树立马克思主义世界观
C. 树立无产阶级价值观
D. 树立无产阶级人生观
【单选题】
深刻认识党面临的___的尖锐性和严峻性,坚持问题导向,保持战略定力,推动全面从严治党向纵深发展。
A. 精神懈怠危险、能力不足危险、脱离群众危险、消极腐败危险
B. 精神懈怠危险、封闭僵化危险、脱离群众危险、消极腐败危险
C. 精神懈怠危险、能力不足危险、官僚主义危险、消极腐败危险
D. 精神懈怠危险、能力不足危险、脱离群众危险、腐化堕落危险
【单选题】
要尊崇党章,严格执行新形势下党内政治生活若干准则,增强党内政治生活的___。
A. 政治性、时代性、原则性、战斗性
B. 思想性、政治性、时代性、原则性
C. 政治性、思想性、时代性、原则性
D. 政治性、思想性、时代性、战斗性
【单选题】
坚决防止和反对___,坚决防止和反对宗派主义、圈子文化、码头文化,坚决反对搞两面派、做两面人。
A. 个人主义、享乐主义、自由主义、本位主义、好人主义
B. 个人主义、分散主义、山头主义、本位主义、好人主义
C. 个人主义、分散主义、自由主义、本位主义、好人主义
D. 个人主义、分散主义、自由主义、本位主义、享乐主义
【单选题】
___是中国共产党人的精神支柱和政治灵魂,也是保持党的团结统一的思想基础。
A. 共产主义远大理想和新时代中国特色社会主义共同理想
B. 共产主义远大理想和中国特色社会主义共同理想
C. 共产主义崇高理想和新时代中国特色社会主义共同理想
D. 共产主义崇高理想和中国特色社会主义共同理想
【单选题】
要坚持党管干部原则,___,把好干部标准落到实处。
A. 坚持立场坚定、素质过硬,坚持五湖四海、任人唯贤,坚持事业为上、公道正派
B. 坚持德才兼备、以德为先,坚持立场坚定、素质过硬,坚持事业为上、公道正派
C. 坚持德才兼备、以德为先,坚持五湖四海、任人唯贤,坚持立场坚定、素质过硬
D. 坚持德才兼备、以德为先,坚持五湖四海、任人唯贤,坚持事业为上、公道正派
【单选题】
要坚持无禁区、全覆盖、零容忍,坚持___,坚持受贿行贿一起查,坚决防止党内形成利益集团。
A. 重预防、强高压、长震慑
B. 重遏制、强高压、长震慑
C. 重遏制、不减压、长震慑
D. 重遏制、强高压、长威慑
【单选题】
严肃党内生活,最根本的是认真执行党的___,着力解决发扬民主不够,正确集中不够、开展批评不够、严肃纪律不够等问题。
A. 民主集中制
B. 少数服从多数
C. 批评与自我批评
D. 下级服从上级
【单选题】
《习近平关于严明党的纪律和规矩论述摘编》提出,要完善党内法规制定体制机制,注重党内法规同国家法律的衔接和协调,构建以___为根本、若干配套党内法规为支撑的党内法规制度体系,提高党内法规执行力。
A. 党章
B. 党内法规
C. 制度
D. 以上都不是
【单选题】
《习近平关于严明党的纪律和规矩论述摘编》强调,从严治党,最根本的就是要使全党各级组织和全体党员、干部都按照___和党的各项规定办事。
A. 宪法
B. 行政监察法
C. 党内政治生活准则
D. 纪律处分条例
【单选题】
我们把严明政治纪律,组织纪律作为重要任务,严肃查处有令不行、有禁不止的行为,在查办违纪案件中重点审查违反___的问题,坚决维护党的团结统一。
A. 工作纪律、廉洁纪律
B. 群众纪律、工作纪律
C. 廉洁纪律、群众纪律
D. 政治纪律、组织纪律
【单选题】
党员领导干部要做学习党章、遵守党章的模范。各级领导干部要把学习党章作为___,走上新的领导岗位的同志要把学习党章作为(D),带头遵守党章各项规定。
A. 人生课、第一课
B. 自选课、第一课
C. 重要课、第一课
D. 必修课、第一课
【单选题】
各级领导干部要带头依法办事,带头遵守法律,始终对宪法和法律保持敬畏之心,牢固确立___不能触碰,法律底线不能逾越的观念,不要去行使依法不该由自己行使的权利,更不能以言代法、以权压法、徇私枉法。
A. 纪律高线
B. 规矩高线
C. 规矩规定
D. 法律红线
【单选题】
在现阶段,我国社会的主要矛盾是___。
A. 阶级矛盾
B. 人民内部矛盾
C. 物质文化需要同落后的社会生产之间的矛盾
D. 人民日益增长的美好生活需要和不平衡不充分的发展之间的矛盾
【单选题】
坚持社会主义道路、坚持人民民主专政、坚持___、坚持马克思列宁主义毛泽东思想这四项基本原则,是我们的立国之本。
A. 中国共产党的领导
B. 改革开放
C. 以经济建设为中心
D. 建设社会主义强国
【单选题】
中国共产党领导人民发展社会主义民主政治。坚持___、人民当家作主、依法治国有机统一,走中国特色社会主义政治发展道路。
A. 党的领导
B. 物质生产
C. 精神文明建设
D. 发展经济
【单选题】
要以改革创新精神全面推进党的建设新的伟大工程,以党的政治建设为纲领,全面推进党的思想建设、组织建设、作风建设、___、制度建设。
A. 先进性建设
B. 反腐倡廉建设
C. 纯洁性建设
D. 纪律建设
【单选题】
坚持解放思想,实事求是,与时俱进,___。党的思想路线是一切从实际出发,理论联系实际,实事求是,在实践中检验真理和发展真理。
A. 求真务实
B. 艰苦奋斗
C. 执政为民
D. 开拓创新
【单选题】
“一切为了群众,一切依靠群众,从群众中来,到群众中去,把党的正确主张变为群众的自觉行动。”这是党章对___的表述。
A. 党的思想路线
B. 党的政治路线
C. 党的群众路线
D. 党的民主路线
【单选题】
在党组织讨论决定对党员的党纪处分或作出鉴定时,下列说法中,正确的应该是___。
A. 本人无权参加和进行申辩
B. 其他党员不可以为他作证和辩护
C. 其他党员可以为他作证和辩护
D. 本人有权参加和进行申辩,其他党员可以为他作证和辩护
【单选题】
当党员对党的决议和政策有不同意见时,下列说法中,正确的应该是___。
A. 可以不执行党的决议和政策
B. 在坚决执行的前提下,可以声明保留,并且可以把自己的意见向党的上级组织直至中央提出
C. 必须坚决执行,不可以声明保留,也不允许向上级组织提出
D. 坚决执行,可以声明保留,但不允许向上级组织提出
【单选题】
党的各级委员会按照___、会议决定的原则决定重大事项。
A. 个别酝酿、集体领导、民主集中
B. 民主集中、集体领导、个别酝酿
C. 集体领导、民主集中、个别酝酿
D. 个别酝酿、民主集中、上级决定
【单选题】
不断提高党的领导水平和执政水平、提高___的能力,是党巩固执政地位、实现执政使命必须解决好的重大课题。
A. 依法执政和民主执政
B. 科学发展
C. 拒腐防变和抵御风险
D. 治国理政
