【单选题】
In which configuration do you configure the ip ospf authentication key 1 command?___
A. routing process
B. interface
C. privileged
D. global
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
推荐试题
【判断题】
有关部门和单位拥有专项附加扣除涉税信息,但未按规定要求向税务部门提供的,拥有涉税信息的部门或者单位的主要负责人或者相关人员承担相应责任。
【判断题】
纳税人王某和李某均符合住房租金扣除条件,其中王某在天津市区工作,李某在天津市下辖区县工作,王某的住房租金扣除金额高于李某。
【判断题】
赡养老人专项附加扣除,约定或者指定分摊的须签订书面分摊协议,约定分摊优先于指定分摊。
【判断题】
纳税人享受子女教育专项附加扣除,应当填报配偶及子女的姓名、身份证件类型及号码、子女当前受教育阶段及起止时间、子女就读学校以及本人与配偶之间扣除分配比例等信息。
【判断题】
税务机关不定期对纳税人提供的专项附加扣除信息开展抽查。
【判断题】
纳税人另有要求外,扣缴义务人应当于年度终了后一个月内,向纳税人提供已办理的专项附加扣除项目及金额等信息。
【判断题】
税务机关核查时,纳税人无法提供留存备查资料,或者留存备查资料不能支持相关情况的,税务机关可以要求纳税人提供其他佐证;不能提供其他佐证材料,或者佐证材料仍不足以支持的,不得享受相关专项附加扣除
【判断题】
超范围或标准享受专项附加扣除,主管税务机关应当责令其改正;情形严重的,应当纳入有关信用信息系统,并按照国家有关规定实施联合惩戒
【判断题】
纳税人在任职、受雇单位报送扣除信息,超范围或标准享受专项附加扣除的,税务机关责令改正的同时,通知扣缴义务人。
【判断题】
一个纳税年度内,纳税人在扣缴义务人预扣预缴税款环节未享受或未足额享受专项附加扣除的,可以在当年内向该扣缴义务人申请补充扣除。
【判断题】
纳税人次年需要由扣缴义务人继续办理专项附加扣除的,每年12月份应当对相关专项附加扣除信息进行确认。
【判断题】
对个体工商户业主、个人独资企业和合伙企业自然人投资者、企事业单位承包承租经营者2018年取得的生产经营所得,减除费用按照5000元/月执行。
【判断题】
对个体工商户业主、个人独资企业和合伙企业自然人投资者、企事业单位承包承租经营者2018年取得的生产经营所得不适用税法修改后规定的税率。
【判断题】
非居民个人在一个纳税年度内税款扣缴方法保持不变,达到居民个人条件时,应当告知扣缴义务人基础信息变化情况,年度终了后按照居民个人有关规定办理汇算清缴。
【判断题】
扣缴义务人领取的扣缴手续费可用于提升办税能力,不可以用于奖励办税人员。
【判断题】
税务机关责令税款扣缴义务人补扣税款,扣缴义务人按税务机关规定足额补扣补缴税款的,可以付给扣缴义务人百分之二的手续费。
【判断题】
居民个人向扣缴义务人提供有关信息并依法要求办理专项附加扣除的,扣缴义务人可以按照规定在工资、薪金所得按月预扣预缴税款时予以扣除,也可以拒绝,让纳税人向税务机关进行汇算清缴进行扣除。
【判断题】
预扣预缴税款时,劳务报酬所得、稿酬所得、特许权使用费所得每次收入减除费用按收入的百分之二十计算。
【判断题】
支付工资、薪金所得的扣缴义务人应当于年度终了后两个月内,向纳税人提供其个人所得和已扣缴税款等信息;纳税人年度中间需要提供上述信息的,扣缴义务人不予提供;纳税人取得除工资、薪金所得以外的其他所得,扣缴义务人应当在扣缴税款后,及时向纳税人提供其个人所得和已扣缴税款等信息。
【判断题】
享受大病医疗专项附加扣除的时间为医疗票据中记录的医药费用实际支出的当年。
【判断题】
扣缴义务人对纳税人报送的专项附加扣除等相关涉税信息和资料具有保密义务。
【判断题】
扣缴义务人依法履行代扣代缴义务,纳税人不得拒绝。
【判断题】
纳税人应当于取得经营所得的次年3月1日至6月30日内,向任职、受雇单位所在地主管税务机关办理汇算清缴,并报送《个人所得税年度自行纳税申报表》。
【判断题】
纳税人从两处以上取得经营所得的,选择向其中一处经营管理所在地主管税务机关办理年度汇总申报,并报送《个人所得税经营所得纳税申报表(B表)》。
【判断题】
纳税人(含居民个人和非居民个人)取得利息、股息、红利所得,财产租赁所得,财产转让所得,偶然所得的,扣缴义务人未扣缴税款的,应当在取得所得的次年3月31日前,按相关规定向主管税务机关办理纳税申报,报送《个人所得税年度自行纳税申报表》。
【判断题】
居民个人从中国境外取得所得的,应当在取得所得的次年6月30日内,向中国境内任职、受雇单位主管税务机关办理纳税申报,并报送《个人所得税自行纳税申报表(A表)》。
【判断题】
《个人所得税经营所得纳税申报表(B表)》。该表适用于个体工商户业主、个人独资企业投资者、合伙企业个人合伙人、承包承租经营者以及其他从事生产、经营活动的个人在中国境内取得经营所得,按查账征收办理预缴纳税申报,或者按核定征收办理纳税申报。
【判断题】
《个人所得税经营所得纳税申报表(A表)》。该表适用于查账征收的个体工商户业主、个人独资企业投资者、合伙企业个人合伙人、承包承租经营者个人以及其他从事生产、经营活动的个人在中国境内取得经营所得的汇算清缴申报。
【判断题】
《个人所得税经营所得纳税申报表(C表)》。该表适用于个体工商户业主、个人独资企业投资者、合伙企业个人合伙人、承包承租经营者个人以及其他从事生产、经营活动的个人在中国境内两处及以上取得经营所得,办理个人所得税的年度汇总纳税申报。
【判断题】
《个人所得税年度自行纳税申报表》。该表适用于居民个人取得综合所得以外的所得扣缴义务人未扣缴税款,非居民个人取得应税所得扣缴义务人未扣缴税款,非居民个人在中国境内从两处以上取得工资、薪金所得等。
【判断题】
《个人所得税自行纳税申报表(A表)》。该表适用于居民个人取得境内综合所得汇算清缴申报。
【判断题】
《个人所得税基础信息表(B表)》。该表适用于扣缴义务人办理全员全额扣缴申报时,填报支付所得的自然人纳税人的基础信息。
【判断题】
《个人所得税基础信息表(A表)》。该表适用于扣缴义务人办理全员全额扣缴申报时,填报支付所得的自然人纳税人的基础信息。
【判断题】
对于担任境内居民企业的董事、监事及企业正、副(总)经理、各职能总师、总监及其他类似公司管理层的职务的个人,无论是否在境内履行职务,取得由境内居民企业支付或者负担的董事费、监事费、工资薪金或者其他类似报酬,属于来源于境内的所得。
【判断题】
合伙企业的合伙人以合伙企业的生产经营所得和其他所得,按照合伙协议协商决定的分配比例确定应纳税所得额。
【判断题】
合伙企业的合伙人以合伙企业的生产经营所得和其他所得按照合伙协议约定的分配比例确定应纳税所得额。合伙协议可以约定将全部利润分配给部分合伙人。
【判断题】
可以享受免征个人所得税优惠待遇的探亲费,仅限于外籍个人在我国的受雇地与其家庭所在地(包括配偶或父母居住地)之间搭乘交通工具且每年不超过3次的费用。
【判断题】
个人出售已购公有住房,其应纳税所得额为个人出售已购公有住房的销售价,减除住房面积标准的经济适用住房价款、原支付超过住房面积标准的房价款、向财政或原产权单位缴纳的所得收益以及税法规定的合理费用后的余额。
【判断题】
人通过拍卖市场取得的房屋拍卖收入在计征个人所得税时,其房屋原值应按照纳税人提供的合法、完整、准确的凭证予以扣除;不能提供完整、准确的房屋原值凭证,不能正确计算房屋原值和应纳税额的,统一按转让收入全额的2%计算缴纳个人所得税
【判断题】
2001年1月1日起,对个人出租房屋取得的所得暂减按10%的税率征收个人所得税。
