【单选题】
Which type of Layer 2 attack enables the attacker to intercept traffic that is intended for one specific recipient?___
A. BPDU attack
B. DHCP starvation I LAB
C. MAC address spoofing
D. CAM table overflow
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which about nested policy maps in a zone-based firewall is true ?___
A. They are limited to two leve ls in a hierarchical policy
B. Parent policies are previously defined policies that are defined by using the service policy command
C. A child policy is a new policy that uses a pre-existing policy.
D. A child policy is a new that uses a pre-existing policy
【单选题】
In which configuration do you configure the ip ospf authentication key 1 command?___
A. routing process
B. interface
C. privileged
D. global
【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
推荐试题
【判断题】
“KAX-1客车行车安全监测诊断系统”车辆转向架状态监测诊断子系统在车辆一/二端的车体、转向架上安装加速度传感器。监测轮轴与一系/二系悬挂系统,并根据车体的信号监测整个车辆系统的状态 。
【判断题】
TFX1型电子防滑器的4路速度传感器脉冲信号经主机进行处理后,按一定的时间间隔采样,分别计算出各轴的速度和减速度,并将各轮对的转动线速度与车辆运行速度进行比较得到相应的速度差。
【判断题】
TFX1型电子防滑器防滑作用自动切换功能是指当一转向架中某一轮对上的速度传感器发生故障时,在切断该传感器作用的同时,只要该轮对的防滑排风阀良好,则该防滑排风阀的动作交由转向架中另一轮对控制。
【判断题】
康尼MS730CP50电控气动塞拉门整列车塞拉门的电控系统主要由四个集控箱和各车箱的单车电控系统组成。
【判断题】
100V以上的交流配线在相对湿度为60%以下时绝缘电阻规定值是0.2MΩ。
【判断题】
J5 型感应子发电机属于同步直流发电机的一种。
【判断题】
TFX1型电子防滑器排风阀是防滑器的执行机构,采用双电磁铁间接作用的结构原理,安装于空气分配阀与制动缸的连接管路上,根据主机的指令控制相应的制动缸的排风和再充风。
【判断题】
康尼MS730CP50电控气动塞拉门手动操作是指当门系统有电无气的情况时,采用合适的方法,实现门的开启与关闭。
【判断题】
康尼MS730CP50电控气动塞拉门在遇到紧急情况时,用三角钥匙按箭头所示方向顺时针操作紧急解锁装置,系统将电磁阀电源切断,报警蜂鸣器报警,此时可以手动开门。
【判断题】
康尼MS730CP50电控气动塞拉门的集控处在关门状态时,各车厢单门系统的内操作不能电控开门,外操作只能实现手动开门,10s后自动关门。
【判断题】
欧特美电动内端拉门的电动门门控制系统中的控制和检测开关有:开关门到位开关,开关门位置的隔离开关二种。
【判断题】
康尼MY700DP4A电动端门的承载部件包括:左支架、右支架、螺母铰链组件、左旋丝杆、电机、无齿隙弹性边轴器、坦克链等零部件。
【判断题】
欧特美自动拉门手动操作关门:用三角钥匙转动锁芯,逆时针旋转100度,便插入锁销,实现完全锁闭,此时门扇定位,就完成了一次完整的关门操作。
【判断题】
康尼MY700DP4A电动端门电动操作电动端门是在门没有机械锁闭,手动/电动转换开关被弹出,门系统有电时,门处于自动状态,按下双面操作开关后,门自动打开。延时30秒,门自动关闭。
【判断题】
真空集便器真空发生器箱的压力开关(压力低于2.6bar保护)用于保护真空发生器,以免压缩空气压力低时造成真空发生器损坏。
【判断题】
真空集便器系统控制器箱安装在污物箱箱体上,内有继电器、延时器、温度控制器和接线排等。
【判断题】
欧特美电动内端拉门组成包括:门板组成、毛刷组成、中空玻璃、内端拉门锁组成、端门前胶条、端门后胶条、导向条和扣手。
【判断题】
“KAX-1客车行车安全监测诊断系统”的列车级主机与显示屏之间发生通讯中断故障时,首先应检查主机与显示屏之间的通讯线是否已经正确连接。
【判断题】
MS730CP50电控气动塞拉门集控操作,开左侧门时将集控箱里的开左、右侧门信号选择开关旋至开右侧门位置,揿开门按钮,各车厢门系统得到信号后,蜂鸣器响2s后,左侧车门执行打开功能。
【判断题】
当车速≥5km.h信号产生后,MS730CP50电控气动塞拉门集控的各种操作才起作用。
【判断题】
MS730CP50电控气动塞拉门的状态指示灯闪烁3次,说明故障为防挤压失效。
【判断题】
欧特美电动内端拉门正常开启,门处于关闭状态时,门可通过按钮开启。切断电供应后,可使用拉手手动开启车门。
【判断题】
康尼MY700DP4A电动端门的操作方式分为手动操作、电动操作,由电动端门安装在车体上的手动/电动转换开关切换。
【判断题】
欧特美电动内端拉门门控系统只在有电的情况下,才可手动将门从内或外打开或关闭。
【判断题】
株洲时代2×35kVA逆变电源控制箱的相关信号中2A黄灯:灯亮表示客车电源中直流接触器K2已经闭合。
【判断题】
青藏车Q1、Q2跳闸一般由短路造成,此时一定不能立即重新合闸,必须首先观察KM1、KM2接触器是否因为触头粘连而无法释放,Q3、Q15、Q16是否跳闸,防雷浪涌保护器是否过载保护(报警窗口变红色),如确认是防雷浪涌保护器动作,则断开FU17、FU18,可继续供电,入库后更换。
【判断题】
TKDT型兼容供电客车电气控制柜空调机组控制功能通过转换开关SA3分为“自动”、“停止”、“试验暖”、 “试验冷”。
【判断题】
信息显示系统,主控站只能发送一些固定信息,如列车编组情况,运行线路和车次等信息,无法发送公共信息。
【判断题】
压缩机故障灯亮,说明压缩机控制回路的热继电器、压力继电器或压缩机内埋式温度继电器保护动作。
【判断题】
一般情况下,当客车逆变器箱发生故障时,在置于车上的信息显示屏上会有相应的故障显示或故障提示。
【判断题】
全列车影视系统无任何图象处理方法有检查混合器与衰减器、衰减器与四分支器的连接线是否正常。
【判断题】
塞拉门手动打不开的处理方法是将底部轴承箱盖打开,卸下下连杆,校正下连杆上的两个弯度,使连杆上下活动时不与导筒摩擦。
【判断题】
真空集便器真空发生器不工作的原因只有真空通路一种情况。
【判断题】
25K 型空调客车在乘务员室和走廊各设一个15W灯用于应急照明。
【判断题】
“KAX-1客车行车安全监测诊断系统”列车管理器的数据下载系统是通过无线移动GPRS实现列车运行中与地面的数据通信。
【判断题】
“KAX-1客车行车安全监测诊断系统”列车级主机的人机交互界面主要包括四个主要页面:主页面,车厢监测,系统监测,修改车号。
【判断题】
“KAX-1客车行车安全监测诊断系统”车厢级主机上有9块功能独立的模盒板卡。
【判断题】
“KAX-1客车行车安全监测诊断系统”的操作人员需要了解某监测子系统在整车的工作情况,可以进入系统监测再切换至对应子系统进行查看,然后可以通过选择不同系统进行观察。
【判断题】
客车空调机组的干燥过滤器是将将来自蒸发器的氟利昂气体与未蒸发的液体分离出来,只将气体的氟利昂送给压缩机。
【判断题】
25K 型空调客车按负载的性质及用途,车上配线包括动力配线、照明配线、播音配线、电话配线及遥测控制线等。
