【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
推荐试题
【判断题】
运行中,司机要密切注意地面信号的变化,当地面信号和机车信号不一致时,必须以机车信号为准
【判断题】
211中间站摘挂补机时,首位轨道车须保持车列缓解
【判断题】
212停车超过十分钟,开车前应进行制动试验
【判断题】
213作业车组进出综合工区,须在进出综合工区进路中的第一付非集中联锁道岔前一度停车
【判断题】
214轨道车在运行中,随时注意各部件声响和运行速度,如有异常及时处理
【判断题】
215常用制动时,初次减压量一般为50 kPa,追加减压量一般不得超过初次减压量
【判断题】
216常用制动时,最大减压量一般为140 kPa
【判断题】
217轨道车发车时,除认真确认行车凭证和发车信号显示正确外,须待车辆全部缓解后,方可启动车辆
【判断题】
218轨道车在中间站等会列车时,应保压位停车,开车前缓解
【判断题】
219在长大下坡道上,严禁制动后将制动手柄推向缓解、运转位后,又立即移回中立位
【判断题】
220紧急制动时,应迅速将制动机手柄推向紧急制动位,并立即切断发动机动力
【判断题】
发动机润滑系统的任务就是把清洁、压力和温度适宜的润滑油送至各摩擦表面进行冷却
【判断题】
发动机润滑系统的作用,是通过润滑油带走零件所吸收的部分热量,进行冷却作用
【判断题】
发动机润滑系统的作用,是循环流动的润滑油可冲洗零件表面,带走零件表面上由于磨损造成的金属细沫和其他杂质,起到清洗作用
【判断题】
发动机润滑系统利用润滑油的黏性,可附着于零件表面,提高零件间的润滑效果
【判断题】
发动机润滑油附着于零件表面,减少了零件与水、空气、燃气等的直接接触,起到防止或减少化学腐蚀的作用,从而延长零件的使用寿命,起到防锈作用
【判断题】
在润滑系统中装有几个不同滤清能力的滤清器、集滤器、粗滤器和精滤器
【判断题】
动车前,经司机确认撤除止轮器,将止轮器放到指定位置并关好车门
【判断题】
司机在停车熄火并按规定设好防护后,按《接触网作业车保养检修项目》检查和保养车辆,对不能处理的故障要及时上报,做到故障不过夜、不隔班
【判断题】
《接触网作业车行车日志》是记录轨道车运用、检修、调度命令等情况的原始记录簿,是分析行车事故、设备故障,进行轨道车修理的重要依据,《接触网行车日志》存档时间为3年
【判断题】
驾驶接触网作业运行最高速度不能超过线路允许最高速度、车辆构造速度、调车规定速度、侧向通过道岔的最高允许速度以及机车监控装置所设定的运行速度
【判断题】
重型轨道车采用空气制动与基础制动两种制动方式
【判断题】
接触网作业车所采用的制动机是以压缩空气作为动力,通过各部件的作用,推动闸瓦与车轮产生摩擦力制止车轮转动实现制动
【判断题】
接触网作业车空气制动系统的充风时间(即主风缸压强由0~0.69kPa)不大于5min
【判断题】
常用制动时,初次减压量一般为50kPa,追加减压量一般不得超过初次减压量
【判断题】
常用制动时,最大减压量一般为140kPa
【判断题】
接触网作业车发车时,除认真确认行车凭证和发车信号显示正确外,须待车辆全部缓解后,方可启动车辆
【判断题】
接触网作业车在中间站等会列车时,应保压位停车,开车前缓解
【判断题】
在长大下坡道上,严禁制动后将制动手柄推向缓解、运转位后,又立即移回中立位
【判断题】
紧急制动时,应迅速将制动机手柄推向紧急制动位,并立即切断发动机动力
【判断题】
为使接触网作业车和轨道平车经常处于良好状态,作业车车检修工作包括保养和修理
【判断题】
轴的作用是承受由活塞经连杆传来的启动力,把活塞的往复直线运动转变为热能,并通过连杆推动活塞完成进气、压缩、排气这三个辅助行程
【判断题】
排障器底面距轨面高度为90~120mm,并可作调整
【判断题】
使用中的大车钩在关锁状态时,钩舌最大开度为120mm
【判断题】
排障器的作用是排除轨面上的异物,以防止车轮压上异物发生脱轨事故
【判断题】
轨道车在运行过程中,要经常注意各种仪表显示是否正常,车辆各部有无异响、异味
【判断题】
线路采用的道岔号码越大,允许的侧向过道岔速度越高
【判断题】
联锁是指信号、道岔、进路之间的相互制约关系
