【填空题】
49.核武器具有____、冲击波、____ ___、核电磁脉冲和放射性沾染等五种杀伤破坏因素。
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【填空题】
50.精确制导技术是指采用高技术直接命中概率超过___以上的武器。
【单选题】
What is an example of social engineering?___
A. gaining access to a computer by observing the user login credentials
B. gaining access to a build through an unguarded entrance
C. gaining access to a server by using a USB stick
D. gaining access to a server room by posing as local IT
【单选题】
Which type of Layer 2 attack enables the attacker to intercept traffic that is intended for one specific recipient?___
A. BPDU attack
B. DHCP starvation I LAB
C. MAC address spoofing
D. CAM table overflow
【单选题】
Which about nested policy maps in a zone-based firewall is true ?___
A. They are limited to two leve ls in a hierarchical policy
B. Parent policies are previously defined policies that are defined by using the service policy command
C. A child policy is a new policy that uses a pre-existing policy.
D. A child policy is a new that uses a pre-existing policy
【单选题】
In which configuration do you configure the ip ospf authentication key 1 command?___
A. routing process
B. interface
C. privileged
D. global
【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
推荐试题
【单选题】
QUESTION 24 VRP操作平台对于输入命令不完整使用下列哪条信息提示?___
A. Error:Wrong parameter found at ‘^' position
B. Error:Incomplete command found at '^'position
C. Error:Too many parameters found at '^' position
D.
E. rror:Ambiguous command found at ‘^'position
【单选题】
QUESTION 25下面关于生成树指定端口的描述正确的是()。___
A. 根交换机上的端口一定不是指定端口
B. 指定端口可以向与其相连的网段转发配置BPDU报文
C. 每台交换机只有一个指定端口
D. 指定端口转发从此交换机到达根交换机的配置BPDU报文
【单选题】
QUESTION 29路由器在转发某个数据包时,如果未匹配到对应的明细路由且无默认路由时,将直接丢弃该数据包。___
【单选题】
QUESTION 30 管理员通过Telnet成功登录路由器后,发现无法配置路由器的接口IP地址。那么可能的原因有()。___
A. SNMP参数配置错误
B. 管理员使用的Telnet终端软件禁止相应操作
C. Telnet用户的级别配置错误
D. Telnet用户的认证方式配置错误
【单选题】
QUESTION 34 PPP协议LCP协商阶段,如果完全接受对方发送的参数,则发送以下哪个据文?___
A. Configure-Reject
B. Configure-Ack
C. Configure-Request
D. Configure-Nak
【单选题】
QUESTION 36 Router C的输出信息如下,则Router C发送OSPFv3 LSU报文时的源IPv6地址为?___
A. 2003::1/64
B. FE80::2E0:FCFF:FE48:4EC8
C. 2005::1/64
D. 2009::1/64
【单选题】
QUESTION 37 IPv6无状态自动配置使用的RA报文在以下哪种报文类型中承载?___
A. IGMPv6
B. ICMPv6
C. UPv6
D. TCPv6
【单选题】
QUESTION 38 FEC(Forwarding Equivalence Class)转发等价类,是一组具有某些共性的数据流的集合;FEC可以根据地址进行划分,但是不能根据业务类型、QoS等要素进行划分。 ___
【单选题】
QUESTION 39 关于OSI参考模型中网络层的功能说法正确的是? ___
A. OSI参考模型中最靠近用户的一层,为应用程序提供网络服务
B. 在设备之间传输比特流,规定了电平、速度和电缆针脚
C. 提供面向连接或非面向连接的数据传递以及进行重传前的差错检测
D. 提供逻辑地址,供路由器确定路径
E. 将比特组合成字节,再将字节组合成帧,使用链路层地址(以太网使用MAC地址)来访问介质,并进行 差错检测
【单选题】
QUESTION 41 如果应用层协议为Telnet,那么IPv4首部中Protocol字段取值为?___
【单选题】
QUESTION 44 在VRP平台上,直连路由、静态路由、RIP、OSPF的默认协议优先级从高到低的排序是()。___
A. 直连路由、OSPF、静态路由、RIP
B. 直连路由、OSPF、RIP、静态路由
C. 直连路由、RIP、静态路由、OSPF
D. 直连路由、静态路由、RIP、OSPF
【单选题】
QUESTION 45 如下图所示的网络,假设所有路由器同时运行OSPF协议,这个网络中的DR是哪一台路由器?___
A. Router A
B. Router B
C. Router C
D. Router D
【单选题】
QUESTION 46 OSPF的Router ID必须和路由器的某个接口IP地址相同。___
【单选题】
QUESTION 48 缺省情况下,广播网络上OSPF协议Deadtime是?___
A. 20s
B. 40s
C. 10s
D. 30s
【单选题】
QUESTION 49 当两台OSPF路由器形成TWO-WAY邻居关系时,LSDB已完成同步,但是SPF算法尚未运行。___
【单选题】
QUESTION 50 以下哪种协议不属于文件传输协?___
A. TFTP
B. HTTP
C. FTP
D. SFTP
【单选题】
QUESTION 51以下关于VLANIF接口说法正确的是? ___
A. VLANIF接口不需要学习MAC地址
B. 不同的VLANIF接口可以使用相同的IP地址
C. VLANIF接口没有MAC地址
D. VLANIF接口是三层接口
【单选题】
QUESTION 52 华为交换机上创建VLAN的规则是不能创建VLAN4095,且不可以删除VLAN1。___
【单选题】
QUESTION 55 PPP帧中的Protocl字段取以下哪个值时表示核有是一个IP数据包?___
A. 0x8821
B. 0x0021
C. 0x8021
D. 0x8863
【单选题】
QUESTION 59 OSPFv3报文在IPv6报文首部中的Protacol字段取十进制的值为?___
【单选题】
QUESTION 62 链路本地单播地址的接口标识总长度为多少bit?___
A. 48bit
B. 32bit
C. 64bit
D. 96bit
【单选题】
QUESTION 63 MPLS域中的LER全称为Label Egress Router。___
【单选题】
QUESTION 66 通用路由平台VRP的全称是? ___
A. Virtual Routing Platform
B. Versatile Redundancy Platform
C. Versatile Routing Protocol
D. Versatile Routing Platform
【单选题】
QUESTION 67 如图所示,三台二层交换机与一台HUB互联,交换机均开启STP功能,交换机STP的桥ID设置请参考下图, 其它均是默认配置。以下说法错误的是()。___
A. 经过桥ID的比较,LSW1为根桥
B. LSW3的G0/0/1口为AP端口,处于阻塞状态
C. LSW1的两个端口都为指定端口,处于转发状态
D. LSW1的G0/0/2口为阻塞状态
【单选题】
QUESTION 68 如下图所示的交换网络,所有交换机都运行了STP协议。当拓扑稳定后,在下列那台交换机上修改配置 BPDU的发送周期,可以影响SWD配置BPDU的发送周期。___
A. SWD
B. SWC
C. SWB
D. SWA
【单选题】
QUESTION 69 如下图所示的网络,交换机的MAC地址已标出。在SWD交换机上输入命令stp root secondary,下列哪台交换机出成为此网络的根桥。___
A. SWD
B. SWB
C. SWC
D. SWA
【单选题】
QUESTION 70 公司有用户反映在使用网络传输文件时,速度非常低,管理员在网络中使用Wireshark软件抓包发现了一些 重复的帧,下面关于可能的原因或解决方案描述正确的是()。___
A. 公司网络的交换设备必须进行升级改造
B. 网络在二层存在环路
C. 网络中没有配置VLAN
D. 交换机在MAC地址表中查不到数据帧的目的MAC地址时,会泛洪该数据帧
【单选题】
QUESTION 71 动态路由协议能够自动适应网络拓扑的变化。___
【单选题】
QUESTION 73 路由器所有的接口属于同一个广播域。___
【单选题】
QUESTION 74 下列配置默认路由的命令中,正确的是()。___
A. [Huawei]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
B. [Huawei-Serial0]ip route-static 0.0.0.0 0.0.0.0 0.0.0.0
C. [Huawei]ip route-static 0.0.0.0 255.255.255.255 192.168.1.1
D. [Huawei]ip route-static 0.0.0.0 0.0.0.00.0.0.0
【单选题】
QUESTION 77 交换机的端口在收到不携带VLAN TAG数据帧时,一定添加PVID。___
【单选题】
QUESTION 78 下面哪项参数不能用于高级访问控制列表?___
A. 物理接口
B. 时间范围
C. 目的端口号
D. 协议号
【单选题】
QUESTION 81 路由器输出信息如下,则此接口获取到的IPv6地址为?___
A. 2000::1/64
B. 3000::2/64
C. 3000::3000/64
D. 3000::1/64
【单选题】
QUESTION 83 OSPFv3使用哪个区域号标识骨干区域?___
【单选题】
QUESTION 84 某路由器OSPFv3邻接关系如下,则本路由器是ABR。___
【单选题】
QUESTION 85 IPv6地址中不包括下面哪种类型的地址?___
A. 任播地址
B. 广播地址
C. 组播地址
D. 单播地址
【单选题】
QUESTION 86 如果一个网络的网络地址为10.1.1.0/30,那么它的广播地址是()?___
A. 10.1.1.4
B. 10.1.1.2
C. 10.1.1.3
D. 10.1.1.1
