【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
A. 4
B. 3
C. 2
D. 5
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
A. 2
B. 3
C. 4
D. 5
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
推荐试题
【单选题】
硬盘、光驱及软驱-操作规范错误的是___
A. 安装新硬盘或者光驱正确的连接电源线与数据线
B. 开机加电确认BIOS中硬盘或者光驱被正确的识别。
C. 硬盘能够正确的进行分区格式化操作读写操作有异响也没事。
D. 硬盘更换之后用户还原备份硬盘数据后请用户签字确认。
【单选题】
键盘、鼠标检验规范错误的是___
A. 检查键盘、鼠标外部连线是否破损、扭曲、非正常压迫等现象
B. 检查键盘、鼠标接头是否有断针、歪针现象。
C. USB键盘、USB鼠标需要注意防呆塑料是否有断裂
D. 笔记本键盘进液没关系。
【单选题】
显示器/LCD检验规范错误的是___
A. 观察信号线有无折断、信号线接口内有无断针或歪曲。
B. 闻故障显示器内有无焦臭等异味并对异常现象作详细记录
C. 观察LCD表面有无划伤有无漏液迹象。
D. LCD有1个亮点可以给予更换。
【单选题】
液晶屏操作注意事项错误的是___
A. 液晶屏操作需要液晶保护套或袋保护避免液晶屏划伤和弄脏;
B. 液晶屏只要扣到桌面上就行;
C. 不用金属等硬物挤压或撬液晶边框;
D. 液晶屏不得叠放、液晶屏上不允许放置其他物品。
【单选题】
维修完毕注意事项___
A. 由用户操作进行验机工程师对用户进行协助;
B. 工程师必须为用户做一个简短的金钥匙验机。
C. 参考技术话术给用户对主机故障给与合理的解释对用户的疑问耐心解释;
D. 验机过程中为客户讲述计算机小常识。
【单选题】
对于电脑运行中不断出现黑屏(即一会有显示一会无显示)的情况你会检查___
A. 是否是所运行的软件造成
B. 检查是否在系统中有病毒
C. 重新安装操作系统
D. 检查显示器电缆是否连接牢靠
【单选题】
用户反映“电脑开机时出现烟雾”情况你到达现场后会___
A. 先软后硬的原则检查软件方面的问题
B. 查看有无相关的技术通报
C. 检查哪个部件上的电路有烧毁的痕迹
D. 通电复现故障
【单选题】
在Windows下按动键盘上的某个键后出现你不需要的响应你会最先检查___
A. 检查系统中有无病毒
B. 系统下是否正在运行的某个软件
C. 更换键盘
D. 运行键盘测试程序
【单选题】
当你看到一台电脑在使用一段时间后就会死机的现象你最先应该观察下列哪方面的问题___
A. 系统中是否有病毒
B. 电脑中是否安装了新的硬件
C. 系统中是否删除了某个重要文件
D. 电脑摆放的位置是否通风良好
【单选题】
你遇到这样一种现象电脑在运行过程中总会突然自动关机。对于这一现象你最先应观察的内容是___
A. 市电电压的稳定性
B. 电脑电源输出电压的稳定性
C. 系统中是否有相关的软件控制电脑关机
D. 系统中是否存在病毒
【单选题】
一用户向你反映他重新安装了操作系统但他想用一键恢复来恢复到原来的操作系统可是他发现一键恢复功能不能用了。对于这样的问题你最先应该了解的是___
A. 一键恢复的按键是否已按下
B. 一键恢复功能功能是否已被删除
C. 用户是否安装了正确的操作系统版本
D. 键盘驱动是否被删除了
【单选题】
一用户有台电脑突然发生在播放声音时不出声音的现象(无声)对于此现象你应最先观察的是___
A. 操作系统是否被破坏
B. 声卡驱动是否已安装
C. 系统中是否有病毒
D. 音量是否被调到最小或静音
【单选题】
对于在进行一键恢复时出现类似分区大小不一致这样的提示时你会观察电脑的哪些方面___
A. 了解用户在这之前是否对硬盘进行过分区操作
B. 检查系统中是否有病毒
C. 是否系统分区的空余空间太少
D. 以上都是
【单选题】
用户的机器经常出现死机的现象你在一个标准的硬件配置下重新安装了操作系统发现不再有死机的现象发生。这时你想逐步添加其它程序来确认是什么软件或硬件导致死机你的顺序是___
A. 应用软件、驱动程序、系统补丁
B. 系统补丁、驱动程序、应用软件
C. 驱动程序、系统补丁、应用软件
D. 无所谓
