【单选题】
In which configuration do you configure the ip ospf authentication key 1 command?___
A. routing process
B. interface
C. privileged
D. global
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
推荐试题
【填空题】
生产经营单位应当在有较大危险因素的生产经营场所和有关设施、设备上,设置明显的___。
【填空题】
安全设备的设计、制造、安装、使用、检测、维修、改造和报废,应当符合___。
【填空题】
生产经营单位必须对安全设备进行___维护、保养,并定期检测,保证正常运转。维护、保养、检测应当作好记录,并由有关人员签字。
【填空题】
生产经营单位对___应当登记建档,进行定期检测、评估、监控,并制定应急预案,告知从业人员和相关人员在紧急情况下应当采取的应急措施。生产经营单位应当按照国家有关规定将本单位重大危险源及有关安全措施、应急措施报有关地方人民政府安全生产监督管理部门和有关部门备案。
【填空题】
生产经营单位应当建立健全生产安全事故隐患排查治理制度,采取技术、管理措施,及时发现并消除事故隐患。事故隐患排查治理情况应当如实记录,并向___通报。
【填空题】
生产经营单位应当教育和督促从业人员严格执行本单位的安全生产规章制度和安全操作规程;并向从业人员如实告知作业场所和工作岗位存在的___。
【填空题】
生产经营单位必须为从业人员提供符合国家标准或者行业标准的___,并监督、教育从业人员按照使用规则佩戴、使用。
【填空题】
生产经营单位的安全生产管理人员应当根据本单位的生产经营特点,对安全生产状况进行经常性检查;对检查中发现的安全问题,应当___;不能处理的,应当及时报告本单位有关负责人,有关负责人应当及时处理。检查及处理情况应当如实记录在案。生产经营单位的安全生产管理人员在检查中发现重大事故隐患,依照上述规定向本单位有关负责人报告,有关负责人不及时处理的,安全生产管理人员可以向主管的负有安全生产监督管理职责的部门报告,接到报告的部门应当依法及时处理。
【填空题】
两个以上生产经营单位在同一作业区域内进行生产经营活动,可能危及对方生产安全的,应当签订___,明确各自的安全生产管理职责和应当采取的安全措施,并指定专职安全生产管理人员进行安全检查与协调。未签订安全生产管理协议或者未指定专职安全生产管理人员进行安全检查与协调的,责令限期改正,可以处五万元以下的罚款,对其直接负责的主管人员和其他直接责任人员可以处一万元以下的罚款;逾期未改正的,责令停产停业。
【填空题】
从业人员有权对本单位安全生产工作中存在的问题提出___;有权拒绝违章指挥和强令冒险作业。
【填空题】
从业人员发现直接危及人身安全的紧急情况时,有权停止作业或者___撤离作业场所。
【填空题】
从业人员发现事故隐患或者其他不安全因素,应当立即向现场安全生产管理人员或者___报告;接到报告的人员应当及时予以处理。
【填空题】
任何单位或者个人对事故隐患或者安全生产违法行为,均有权向___报告或者举报。
【填空题】
危险物品的生产、经营、储存、运输单位以及矿山、金属冶炼、城市轨道交通运营、建筑施工单位应当配备必要的___,并进行经常性维护、保养,保证正常运转。
【填空题】
事故抢救过程中应当采取必要措施,避免或者减少对___造成的危害。任何单位和个人都应当支持、配合事故抢救,并提供一切便利条件。
【填空题】
事故调查处理应当按照科学严谨、依法依规、实事求是、注重实效的原则,及时、准确地查清事故原因,查明事故性质和责任,总结事故教训,提出整改措施,并对事故责任者提出处理意见。事故调查报告应当依法及时___。
【填空题】
生产经营单位与从业人员订立协议,免除或者减轻其对从业人员因生产安全事故伤亡依法应承担的责任的,___;对生产经营单位的主要负责人、个人经营的投资人处二万元以上十万元以下的罚款。
【填空题】
生产经营单位的从业人员不服从管理,违反安全生产规章制度或者操作规程的,由生产经营单位给予批评教育,依照有关规章制度___;构成犯罪的,依照刑法有关规定追究刑事责任。
【填空题】
【重大责任事故罪;强令违章冒险作业罪】在生产、作业中违反有关安全管理的规定,因而发生重大伤亡事故或者造成其他严重后果的,___;情节特别恶劣的,处三年以上七年以下有期徒刑。强令他人违章冒险作业,因而发生重大伤亡事故或者造成其他严重后果的,___;情节特别恶劣的,处五年以上有期徒刑。
【填空题】
城市轨道交通运营险性事件是指在城市轨道交通运营过程中因隐患排查治理不到位造成风险失控而发生的,对城市轨道交通运营安全和服务造成较大影响的事件。达到国务院规定的事故等级的,按国务院规定的等级和分类标准,分为___。
【填空题】
发生运营险性事件的,城市轨道交通运营单位___应在___向城市轨道交通运营主管部门报告。其中构成特别重大和重大运营安全事故的,按照国务院规定报告。
【填空题】
运营单位应组织设备供应商以及相关责任单位对运营险性事件开展技术分析,并在运营险性事件发生之日起___形成分析报告。
【填空题】
运营单位应在形成运营险性事件技术分析报告后___,报送至城市轨道交通运营主管部门。
【填空题】
运营单位应___对本单位城市轨道交通运营险性事件的发生情况、发生原因、发展趋势、变化规律,以及既往运营险性事件整改及防范措施实施效果等进行总结评估,形成书面报告并及时报送至城市轨道交通运营主管部门。
【填空题】
城市轨道交通运营主管部门应督促运营单位及时对本单位发生的运营险性事件制作___等多种形式的安全警示材料,开展警示教育活动。安全警示片内容应包括运营险性事件基本情况、主要原因、造成后果、经验教训等。
【判断题】
混合酸滴定可行性的判断依据是C'aK'a≥10-8,C''aK"a≥10-8。
【判断题】
水解盐类直接滴定法的判据是根据盐类由强(弱)酸弱(强)碱组成的解离度的大小。
【判断题】
选择指示剂时,主要以滴定曲线上的pH突跃范围为依据,只要指示剂的变色范围全部或部分落在滴定突跃范围内,都可保证测定有足够的准确度。
【判断题】
配位化合物中心原子和配位体时共价键结合的。
【判断题】
氨羧配位剂是一类分子中含有胺基和羧基基团的有机螯合试剂的总称。
【判断题】
在pH=2.0的水溶液中乙二胺四乙酸的最主要存在形式是H2Y。
【判断题】
EDTA多与金属离子形成无色配合物,因此有利于滴定分析。
【判断题】
在测定含镁的钙溶液时,若溶液pH值控制不当造成的,用EDTA法测定结果偏高的主要原因是被测离子水解,对被测离子配位平衡的影响。
【判断题】
EDTA的酸效应系数可用公式计算: 。
【判断题】
毛细管色谱柱的分流的作用是防止柱可以不用分流而直接进样。
【判断题】
大口径(≥0.53mm)的毛细管色谱柱可以不用分流而直接进样。
【判断题】
气相色谱用的分流/不分流进样口是毛细管GC最常用的进样口,它在分流出口只要装一个流量调节阀即可使用。
【判断题】
毛细管气相色谱法的分流比必须要通过实验来选择。
【判断题】
高效液相色谱仪工作的基本流程是高压输液系统提供高压稳定的流动相,流动相先将试样带入预柱、色谱柱进行分离,然后将分离后的各组分带入检测器进行检测,检测到的信号被送至工作站记录、处理和保存。
