【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
推荐试题
【判断题】
协议定期销户转账金额50万(含),需会计主管授权。
【判断题】
协议存款是按照中国人民银行及中国银行业监督管理委员会的有关规定,银行与其他机构法人或法人授权机构,通过签订协议约定存放利率办理的固定期限、固定金额的存款业务。
【判断题】
开立的定期零值账户,在未存入钱之前,当日不能销户只能冲账。已有值的定期账户,可以当日销户。
【判断题】
协议存款开户时,录入柜员审核客户提供的一式二份的《绍兴银行人民币单位协议存款合同》是否正确、完整和法人身份证是否有效。
【判断题】
协议存款应付利息划转时,若开户时设定了转入账户,则会返显,且不可以修改。
【判断题】
开立存放同业账户,存款类型为普通存款,按季计息。
【判断题】
存放同业内部账户开户,客户号统一为999999999。
【判断题】
存放同业是指我行存入于境内、境外银行和非银行金融机构的款项。
【判断题】
存放同业内部帐户开户,可以由各分支行网点前台柜员直接在系统中开立,开立账户时,“是否计息”需要选择“Y计息”。
【判断题】
同业内部帐户开户选取产品(只能选择产品号为3开头的活期产品),不计息。
【判断题】
总行相关业务部门可根据业务发展需要在其他银行机构开立人民币存放同业银行结算账户,其中人民币投融资性存放同业银行结算账户可以在其他银行二级分行以下(含)开立。
【判断题】
分行及县域支行可以在所属地国有银行或一级法人银行开立人民币结算性存放同业银行结算账户(分行不超过2家、县域支行不超过1家),可开立人民币投融资性存放同业银行结算账户。
【判断题】
总行相关业务部门可根据业务发展需要在其他银行机构开立人民币存放同业银行结算账户,其中人民币投融资性存放同业银行结算账户只能在其他银行二级分行以上(含)开立,支行及以下分支机构不得开立。
【单选题】
我国普法工作的起始年份是:___
A. ,1985;
B. ,1986;
C. ,1987;
D. ,2001
【单选题】
中国的法制宣传日是:___
A. 每年的12月4日:
B. 每年的3月15日:
C. 每年的6月5日;
D. 每年的6月26日
【单选题】
我国的法制宣传日和消费者权益保护日分别是每年的:___
A. 12月1日和3月13日;
B. 12月4日和3月15日;
C. 12月3日和3月16日;
D. 12月5日和3月15日;
【单选题】
根据宪法和法律,可以制定行政法规的是:___
A. 全国人民代表大会;
B. 全国人民代表大会常务委员会;
C. 国务院;
D. 国家教育部
【单选题】
构成教育法律法规体系的最基本要素的是:___
A. 教育法律条文;
B. 教育法律关系;
C. 教育法律规范;
D. 教育法律责低
【单选题】
教育法规的调整对象是:___
A. 教育经济关系;
B. 教育物质关系;
C. 教育社会关系;
D. 教育思想关系;
【单选题】
在教育教学活动中,关于教育者与受教育者之间的关系的说法正确的是___
A. 权利义务平等的民事关系;
B. 上下级之间的行政关系;
C. 是一种“传道授业”、“教学相长”、尊师爱长的特殊法律关系;
D. 是阶级朋友之间的同志关系;
【单选题】
依据各类关系主体之间的身份地位不同,可将教育法律关系分为教育行政关系和___
A. 教育横向关系;
B. 教育民事关系;
C. 教育平等关系
D. 教育学习关系;
【单选题】
下列论述错误的是:___
A. 混合意义的教育法制不仅包括教育法律制度,而且还包括教育法律制度的运行;
B. 1995年3月18日,第八届全国人民代表大会第三次会议审议通过了《中华人民共和国教育法》
C. 静态意义的教育法制,是国家全部有关教育的法律制度体系。
D. 1986年4月,第六届全国人民代表大会常务委员会第四次会议通过了《中华人民共和民共和国义务教育法》;
【单选题】
不属于我国法制建设基本方针的是___
A. 有法可依;
B. 执法必严;
C. 普法全面;
D. 违法必究
【单选题】
拥有撤销地方性法规权限的机___
A. 国务院:
B. 全国人大:
C. 全国人大常委会:
D. 全国政协
【单选题】
根据我国《立法法》有关规定,在法理上,各省、自治区、直辖市的地方性教育法规与国家教育部的教育规章相比,其法律效力如何?___
A. 地方性教育法规的效力高:
B. 教育部的教育规章效力高:
C. 两者的法律效力相等;
D. 两者的法律效力无法比较;
【单选题】
教育法制建设的中心环节是:___
A. 教育法规的制定;
B. 教育法规的适用;
C. 教育法规的实施;
D. 教育法规的遵守
【单选题】
教育执法的形式不包括:___
A. 教育行政监督;
B. 教育行政措施;
C. 教育行政处罚;
D. 教育行政强制执行
【单选题】
下列机构中无权进行教育行政处罚的是:___
A. 县级教育行政机构:
B. 省级教育行政机构;
C. 国家教育部:
D. 各级各类学校
【单选题】
教育法规的实施在内容上不包括:___
A. 教育执法;
B. 教育司法;
C. 教育守法
D. 教育立法;
【单选题】
教育行政救济是指按照教育法律法规有关规定,受教育者和教师可通过()制度来对抗侵权行为以获得法律救济.___
A. 诉讼:
B. 申诉;
C. 仲裁;
D. 调解
【单选题】
如教育行政管理相对人因不服具体行政行为而提起教育行政诉讼并且人民法院已受理的,___申请行政复议。
A. 在特定情况下可以;
B. 一般不可以;
C. 可以;
D. 不得
【单选题】
学生对处分决定有异议的,在接到学校处分决定书之日起()个工作日内,可以向学校学生申诉处理委员会提出申诉。___
【单选题】
教育行政复议的申请人只能是:___
A. 教育行政管理相对人;
B. 教育行政机关;
C. 学校;
D. 教师
【单选题】
我国教育工作的总方向是:___
A. 教育必须为社会主义现代化建设服务,:
B. 教育必须面向现代化、面向世界、面向未来;
C. 必须与生产劳动相结合;
D. 培养德、智、体等方面全面发展的社会主义事业的建设者和接班人:
【单选题】
普通高校毕业证书由哪个部门制作?___
A. 高等学校;
B. 省级教育行政部门;
C. 普通高校隶属的教育行政部门;
D. 国家教育行政部门;
【单选题】
成人高等学校主要培养对象为:___
A. 18岁以上成年人:
B. 24岁以上成年人;
C. 30岁以上成年人;
D. 在职在业者
【单选题】
设立大学,其全日制在校学生计划规模应为;___
A. 3000人以上;
B. 5000人以上;
C. 80000人以上;
D. 10000
【单选题】
设立高等职业学校,其全日制在校学生计划规模应为;___
A. 500人以上;
B. 800人以上;
C. 1000人以上;
D. 2000人以上
【单选题】
高等教育行政行为一经推出,即被推定为合法有效的,其约束力随之产生。这反映高等教育行政行为的特征是:___
A. 从属法律性;
B. 效力先定性;
C. 强制性;
D. 单方意志性
