【单选题】
Which about nested policy maps in a zone-based firewall is true ?___
A. They are limited to two leve ls in a hierarchical policy
B. Parent policies are previously defined policies that are defined by using the service policy command
C. A child policy is a new policy that uses a pre-existing policy.
D. A child policy is a new that uses a pre-existing policy
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
In which configuration do you configure the ip ospf authentication key 1 command?___
A. routing process
B. interface
C. privileged
D. global
【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
推荐试题
【多选题】
【多选题】NB-IoT网络的密钥层次架构中包含如下哪些?( )
A. 终端和MME间共享的密钥
B. 终端和HSS间共享的密钥
C. 终端和基站间共享的密钥
D. 终端和ASME共享的中间密钥
【多选题】
【多选题】NB-IoT同步过程中,帧同步和时间同步分别是通过( )信号来实现的?
A. NSSS
B. PBCH
C. NRS
D. NPSS
【多选题】
【多选题】天线增益与( )有关。
A. 天线垂直波瓣角
B. 天线的尺寸
C. 天线水平波瓣角
D. 能量转化效率
【多选题】
【多选题】LTE网络,整个数据传输过程与( )等因素相关。
A. 无线网络质量
B. 网元间配合
C. 终端能力
D. 有线传输带宽
【多选题】
【多选题】路测时发现小区间天线接反可以从那几个部分去排查?( )
A. 排查BBU-RRU光纤是否接反
B. 如果使用多通道智能天线,检查天线端口与馈线是否一一对应
C. 核查小区PCI参数是否配错
D. 排查小区间RRU-天线间的跳线是否接反
【多选题】
【多选题】TTI bundling 也称为子帧捆绑,是 LTE 系统中一种特殊的调度方式,它是针对处于小区边缘的 VoIP 用户而设计的,其定义是:( )
A. 且只在第一个 TTI 对应发射时刻有 PDCCH
B. 重传也是针对 4 个连续上行 TTI 发射
C. 在连续的 4 个上行子帧发射同一传输块
D. 只在最后一个 TTI(即,第 4 个 TTI)对应的发射时刻有 PHICH
【多选题】
【多选题】volte 新通话功能可以实现( )
【多选题】
【多选题】手机终端连接PC需要打开的端口有哪些
A. Control Modem
B. Control Diag Port
C. Control RemNet
【多选题】
【多选题】系统消息( )包含小区重选相关的其他系统邻小区信息。
A. SIB6
B. SIB8
C. SIB5
D. SIB7
【多选题】
【多选题】在LTE的QoS属性中,QCI中包括哪些参数?( )
A. 最大比特率
B. 延时
C. 业务优先级
D. 误包率
【多选题】
【多选题】Initial UL/DL BWP.Additional UL/DL BWP.SUL BWP均由哪三部分配置组成?( )
A. bwp-Common
B. bwp-Uplink?
C. bwp-id
D. bwp-Dedicated
【多选题】
【多选题】5G小区子载波间隔SCS包括( )
A. 120
B. 240
C. 30
D. 15
E. 60
【多选题】
【多选题】下面属于5G NR上行链路reference signal的是:( )。
A. Phase-tracking reference signals for PUSCH
B. Sounding reference signal
C. Demodulation reference signal for PUSCH
D. Demodulation reference signal for PUCCH
【多选题】
【多选题】通常测试直放站系统质量的仪表有: ( ).
A. 光功率计
B. TEMS
C. 频谱仪
D. Sitemaster
【多选题】
【多选题】下面关于P-CSCF说法正确的是?( )
A. 将终端的请求路由到正确的I-CSCF或者S-CSCF
B. UE使用动态或者静态配置的方式获得P-CSCF的地址
C. IMS中用户在信令平面的第一个联系节点
D. 所有的SIP信令,无论是来自用户设备(UE),还是发送给UE的,都必须经过P-CSCF
【多选题】
【多选题】室分系统中采用以下传输模式:( )
A. TM7
B. TM4
C. TM2
D. TM3
【多选题】
【多选题】Mapinfo可以基于以下哪种格式的基站信息表生成站点图层?( )
A. dbf
B. txt
C. csv
D. xls
【多选题】
【多选题】SRB (Signalling Radio Bearers)是专门用来传输RRC和NAS消息的,Rel-8 36.331中定义的SRB类型有:( )
A. SRB3
B. SRB2
C. SRB0
D. SRB1
【多选题】
【多选题】优化的基本方法( )
A. 功率调整
B. 天线高度调整
C. 重选.切换参数调整
D. 调整下倾角和方向角
E. 各制式特性配置
【多选题】
【多选题】如果发生乒乓切换的频率比较高,调大以下哪些参数可以改善?( )
A. Report On Leave
B. Time to Trigger
C. Threshold
D. Hysterisis
【多选题】
【多选题】射频系统主要由CRFU或RRU组成,其主要功能描述正确的是( )。
A. 由射频系统将调制好的射频信号有效地发射出去,并接收移动台信号
B. BTS通过射频系统接收GPS系统或GLONASS系统的信号,进行无线同步
C. 在前向链路,完成已调制发射信号的上变频和功率放大,对发射信号进行滤波,以满足相应的空中接口规范
D. 在反向链路,对基站天线接收信号进行滤波以抑制带外干扰,然后进行低噪声放大.分路.下变频和信道选择性滤波
【多选题】
【多选题】下列有关测量触发事件说法正确的是( )。
A. B1指的是异系统的邻小区的信号质量大于门限值
B. A4指的是邻小区的信号质量大于门限值
C. A1指的是服务小区的信号质量大于门限值
D. A2指的是服务小区的信号质量大于门限值
【多选题】
【多选题】弱覆盖的应对措施有哪些?( )
A. 新增基站
B. 增加天线挂高,更换高增益天线
C. 增强参考信号功率
D. 调整天线方位角和下倾角
【多选题】
【多选题】在NB-IoT技术中,UE可实现的有( )。
A. 同一时刻,UE只允许使用控制面优化或用户面优化一种模式
B. 支持控制面优化流程
C. 和网络协商NB-IoT能力
D. 支持上行速率控制
【多选题】
【多选题】以下属于5G网元UPF的功能是( )。
A. 上行业务类型识别,路由到相应数据网络
B. 分组路由及转发
C. 下行数据缓冲.发起数据到达的通知
D. 业务转发的配置
【多选题】
【多选题】 CDMA系统中,移动台通过登记通知基站自己的位置.状态.识别等,登记发生在以下哪些过程中?( )
A. 切换过程中
B. 呼叫过程中
C. 开.关机
D. 空闲状态
【多选题】
【多选题】常见的IP网络结构有如下哪些类型( )?
A. 树型组网
B. 环型组网
C. 星型组网
D. 总线型组网
【多选题】
【多选题】MIB块里包含下列( )信息
A. PLMN信息
B. 系统帧号
C. 下行系统带宽
D. PHICH配置信息
【多选题】
【多选题】SIB4包含以下哪些?( )
A. 同频邻小区信息
B. 小区重选相关的服务频率和
C. 公共和共享信道信息
D. 包含ETWS辅助通知
【多选题】
【多选题】在Google Earth中创建的点.线可以另存为哪种格式的文件?( )
A. KML
B. TXT
C. TAB
D. KMZ
【多选题】
【多选题】统计切换过程用户面中断时间需要考虑哪几方面因素?( )
A. 可区分intra-eNinter-eNinter-RAT等。
B. 可区分有竞争冲突和无竞争冲突两种随机接入模式。
C. 可区分配置天线是单天线和双天线。
D. 可区分有data forwarding 和没有data forwarding 两种。
【多选题】
【多选题】造成速率低原因有哪些?( )
A. 弱覆盖
B. 测试终端异常
C. SINR较差
D. 频繁切换
E. FTP异常
【多选题】
【多选题】下述对网规网优工程师职责描述正确的是哪几项?( )
A. 进行每周例行工作:参数核对
B. 处理并分析路测数据和OMC统计数据。
C. 检查和解决所有相关的告警。
D. 提供如覆盖.掉话.接入等网络性能问题的解决方法。
【多选题】
【多选题】PDCP层的主要功能包括::( )。
A. 执行安全机制
B. IP包头压缩和解压缩
C. 数据与信令的加密
D. 丢弃无效数据
【多选题】
【多选题】下列哪些技术属于VOLTE的关键技术?( )
A. eSRVCC
B. SIP&SDP
C. 半持续调度
D. 头压缩
【多选题】
【多选题】NB–IoT上行子载波带宽有哪几种选择?( )
A. 7.5KHz
B. 3.75KHz
C. 15KHz
D. 180 KHz
【多选题】
【多选题】为了达到涵盖范围延伸(Coverage Enhancement, CE),定义了三种等级CE Level,分别对抗最大耦合损失(Maximum Coupling Loss, MCL)为( ).( ).( )信号能量衰减。
A. 144dB
B. 134dB
C. 154dB
D. 164dB
【多选题】
【多选题】 天线增益的单位有( )。
A. dBi
B. dBm
C. dB
D. dBd
【多选题】
【多选题】关于LTE的帧结构(FDD)下列说法正确的是( )。
A. PBCH之间的间隔为80ms
B. PSS和SSS在第0号子帧和第5号子帧发送
C. 以上答案都正确
D. 每个子帧又分为2个slot
E. PSS和SSS占用载频中央62个子载波