【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
D
解析
暂无解析
相关试题
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
A. 4
B. 3
C. 2
D. 5
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
A. 2
B. 3
C. 4
D. 5
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
【单选题】
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?___
A. authPriv
B. authNo Priv
C. noAuthNoPriv
D. NoauthPriv
【单选题】
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for usiness pur poses. Which action can you take to retain the blacklist while allowing users to access the approve d sites?___
A. Create a whitelist and manually add the approved addresses.
B. Disable the dynamic blacklist and deny the specif ic address on a whitelist while permitting the others
C. Edit the dynamic blacklist to remove the approved addresses
D. Disable the dynamic blacklist and create a static blacklist in its place
推荐试题
【单选题】
商品是使用价值和价值的统一体,因此___
A. 没有使用价值的东西就不会有价值
B. 没有价值的东西就不会有使用价值
C. 具有使用价值的东西就一定有价值
D. 产品中只要有劳动就一定有使用价值
【单选题】
产业资本在其循环运动中所采取的三种职能形式是___
A. 固定资本、流动资本、货币资本
B. 不变资本、可变资本、商品资本
C. 产业资本、商业资本、借贷资本
D. 货币资本、生产资本、商品资本
【单选题】
资本的周转速度和___
A. 周转时间成正比,周转次数成反比
B. 周转时间成反比,周转次数成正比
C. 周转时间成正比,周转次数成正比
D. 周转时间成反比,周转次数成反比
【单选题】
平均利润率的形成是___
A. 不同生产部门的资本家之间竞争的结果
B. 同一部门内部的资本家之间竞争的结果
C. 同一部门资本家追求超额利润的结果
D. 资本有机构成提高的结果
【单选题】
某钢铁厂因铁矿石价格上涨,增加了该厂的预付资本数量,这使得该厂的资本构成发生了变化,所变化的资本构成是___
A. 资本技术构成
B. 资本价值构成
C. 资本物质构成
D. 资本有机构成
【单选题】
劳动力成为商品是货币转化为资本的前提条件,这是因为___
A. 资本家购买的是劳动力的价值
B. 劳动力商品具有价值和使用价值
C. 货币所有者购买的劳动力能够带来剩余价值
D. 劳动力自身的价值能够在消费过程中转移到新的商品中去
【单选题】
马克思把商品转换成货币称为“商品的惊险的跳跃” ,“这个跳跃如果不成功,摔坏的不是商品,但一定是商品占有者”。这是因为只有商品变为货币___
A. 货币才能转化为资本
B. 价值才能转化为使用价值
C. 抽象劳动才能转化为具体劳动
D. 私人劳动才能转化为社会劳动
【单选题】
在资本主义社会里,资本家雇佣工人进行劳动并支付相应的工资。资本主义工资的本质是___
A. 工人所获得的资本家的预付资本
B. 工人劳动力的价值或价格
C. 工人所创造的剩余价值的一部分
D. 工人全部劳动的报酬
【单选题】
2011年9月以来美国爆发的“占领华尔街”抗议活动中,示威者打出“我们是 99%”的标语,向极富阶层表示不满。美国社会财富占有的两极分化,是资本主义制度下___
A. 劳资冲突的集中体现
B. 生产社会化的必然产物
C. 资本积累的必然结果
D. 虚拟资本泡沫化的恶果
【单选题】
《资本论》中有这样的表述“对上衣来说,无论是裁缝自己穿还是他的顾客穿,都是一样的”,这主要是因为无论谁穿___
A. 上衣都起着使用价值的作用
B. 上衣都起着价值的作用
C. 上衣都是抽象劳动的结果
D. 上衣都是社会劳动的结果
【单选题】
社会生产是连续不断进行的,这种连续不断重复的生产就是再生产,每次经济危机发生期间,总有许多企业或因产品积压、或因订单缺乏等致使其无法继续进行再生产而被迫倒闭。那些因产品积压而倒闭的企业主要是由于无法实现其生产过程中的___
A. 实物补偿
B. 价值补偿
C. 增值补偿
D. 劳动补偿
【单选题】
第二次世界大战以后,资本主义国家经历了第三次科技革命,机器大工业发展到自动化阶段,智能化工厂创造出了较高的生产效率,显露出巨大的竞争力,企业在“机器换人”中取得了一定的经济效益。这意味着率先使用机器人的个别企业___
A. 资本技术构成的提高
B. 剩余价值来源的改变
C. 所生产商品价值的提高
D. 获得更多的社会平均利润
【单选题】
《资本论》(德文版)第一卷于1867年9月在汉堡出版,其影响力历经150年风雨而不衰,至今对我们分析、理解现实经济问题依然具有很强的指导意义。其中“理解政治经济学的枢纽”理论是___
A. 剩余价值论
B. 价值规律论
C. 劳动二重性
D. 商品二因素
【单选题】
国家垄断资本主义是___
A. 国家政权与垄断资本相结合的垄断资本主义
B. 国家政权与垄断资本相分离的垄断资本主义
C. 消除了生产无政府状态的垄断资本主义
D. 解决了资本主义基本矛盾的垄断资本主义
【单选题】
国家垄断资本主义条件下,政府对经济生活进行干预和调节的实质是___
A. 维护垄断资产阶级的整体利益和长远利益
B. 维持资本主义经济稳定增长
C. 消除或防止经济危机的爆发
D. 提高资本主义社会的整体福利水平
【单选题】
20 世纪70 年代以来,西方资本主义国家的金融资本急剧膨胀,这一方面促进了资本主义的发展,另一方面也造成了经济过度虚拟化,致使金融危机频繁发生。西方资本主义金融资本快速发展壮大的重要制度条件是___
A. 去工业化与大力发展现代服务业
B. 全面私有化与放松金融监管
C. 技术创新与大力发展互联网金融
D. 金融自由化与金融创新
