【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
推荐试题
【单选题】
单播MPLS标签头包含了2个字节的报文类型,其标准值为( )___
A. 8847
B. 8100
C. 8147
D. 88A8
E.
F.
【单选题】
单元格地址R5C8的另一种表示是( )___
A. E5
B. H5
C. E8
D. H8
E.
F.
【单选题】
当4E1协议转换器2M线接好后,如线路指示灯闪烁,说明( )___
A. 近端2M线路故障
B. 近端2M线路正常
C. 远端2M线路正常
D. 远端2M线路故障
E.
F.
【单选题】
当VPDN用户在BRAS承载VPDN业务,L2TP隧道建立过程的第一次握手是( )___
A. 由LNS发起隧道建立请求SCCRQ
B. 由LAC发起隧道建立请求SCCRQ
C. 由LNS发起隧道建立请求ICRP
D. 由LAC发起隧道建立请求ICRQ
E.
F.
【单选题】
关于华为Metro 1000指示灯说明错误的是( )___
A. 运行灯RUN灯每2秒钟闪烁一次,表明设备运行正常
B. 运行灯RUN灯每4秒钟闪烁一次,表明电路板和主控单元邮箱通信中断
C. 运行灯RUN灯每1分钟闪烁五次,表明单板处于未开启状态
D. 运行灯RUN灯每1秒钟闪烁二次,表明未加载主机软件
E.
F.
【单选题】
当WEB认证用户使用portal协议进行CHAP认证时,网络设备要产生挑战字challenge和根据challenge、用户名、密码等按MD5生成加密的认证信息,那么产生这些信息的设备依次是( )___
A. BRAS、WEB认证服务器
B. WEB认证服务器,BRAS
C. BRAS,客户端
D. WEB认证服务器、客户端
E.
F.
【单选题】
当采用ping命令测试业务,且PON内路由没有问题时,是否肯定能够抓到icmp的包( )___
【单选题】
IP协议的特征是( )?___
A. 可靠,无连接
B. 不可靠,无连接
C. 可靠,面向连接
D. 不可靠,面向连接
E.
F.
【单选题】
当采用单层vlan时一个包的帧长度为1518时,如果改成双层vlan,则这个包长度变为( )___
A. 1514
B. 1518
C. 1522
D. 1536
E.
F.
【单选题】
当测试MTU值时所用的ping命令需要输入参数( )___
A. -l
B. -f
C. -t
D. -d
E.
F.
【单选题】
当出现线路故障的时候,需要使用以下那一类型的仪表进行故障点的判断?()___
A. 误码仪
B. OTDR
C. 频谱分析仪
D. 可变光衰减器
E.
F.
【单选题】
当触电伤员神志清醒时,应使( )___
A. 就地平躺观察
B. 人工呼吸
C. 心肺复舒
D. 送医院抢救
E.
F.
【单选题】
当电脑的MTU值设置为1500时,采用不拆包的拼包时,最大能够ping( )数值___
A. 1464
B. 1468
C. 1472
D. 1500
E.
F.
【单选题】
当二层交换网络中出现冗余路径时,用什么方法可以阻止环路的产生,提高网络的可靠性.( )___
A. 生成树协议
B. 水平分割
C. 毒性逆转
D. 最短路径树
E.
F.
【单选题】
当发生了交通事故,首先要做好事故现场的秩序维护、遇难人员营救、必要的公众隔离、保证交通畅通等,并拨打 电话。___
A. 122
B. 119
C. 110
D. 114
E.
F.
【单选题】
关于路由器Quidway AR2-31说法正确的是___
A. system灯常亮表明系统正常运行
B. B. ready模块正常指示灯,灯灭表示对应的槽位没有安装模块或模块工作不正常
C. C. active灯亮表示相应的槽位正在进行数据传输
D. D. LAN黄色表示接口正常
E.
F.
【单选题】
当负载发生短路时,UPS应能立即自动关闭(),同时发出声光告警___
A. 输入
B. 电压
C. 输出
D. 电流
E.
F.
【单选题】
当激光器的输入电流与阈值电流满足( )的关系,才能发出激光。___
A. 小于
B. 大于
C. 等于
D. 无关
E.
F.
【单选题】
当接收端检测到上游段缺陷时,回送 ()___
A. 全“1”码
B. 全“0”码
C. MS-RDI
D. MS-RFI
E.
F.
【单选题】
IS-IS 的IS 是( )的缩写.___
A. Internet System
B. Inter-domain System
C. Integrated System
D. Intermediate System
E.
F.
【单选题】
当近端4E1协议转换器2M线接好,远端设备未接,如线路指示灯长亮,表示___
A. 线路连通
B. 近端2M线路故障
C. 线路中有环
D. 远端2M线路故障
E.
F.
【单选题】
当路由器接收的IP报文的TTL值等于1时,采取的策略是___
A. 丢掉该分组
B. 将该分组分片
C. 转发该分组
D. 以上答案均不对
E.
F.
【单选题】
当前MDU线路模板的配置,gemport映射vlan规格最多不超过( )个___
A. 32
B. 64
C. 128
D. 8
E.
F.
【单选题】
当前MXU与IMS对接时,ptime值需要设置为多少 。___
A. 0
B. 30
C. 10
D. 20
E.
F.
【单选题】
当前OLT的每块GPBD业务板有几个PON口( )___
A. 2
B. 3
C. 4
D. 8
E.
F.
【单选题】
当前常见的集客专线主要的组网形式为?___
A. SDH(协转+光收)
B. PON
C. PTN
D. 裸纤
E.
F.
【单选题】
关于瑞斯康达RC953-FE4E1,下面说法错误的是()。___
A. LNK常亮绿灯表明连接正常
B. A、B、C、D、四路E1链路状态指示灯亮红色表明E1接口出现输入信号丢失
C. A、B、C、D、四路E1链路状态指示灯亮绿色表明连接正常
D. A、B、C、D、四路E1链路状态指示灯亮黄色表明连接正常
E.
F.
【单选题】
当前最流行的网络管理协议是( )___
A. TCP/IP
B. SNMP
C. SMTP
D. UDP
E.
F.
【单选题】
当身上衣服着火时,可立即 ( )。___
A. 就地打滚,压灭身上火苗
B. B.奔跑离开火场,灭掉身上火苗
C. C.用手或物品扑打身上火苗
D. D.脱下衣服
E.
F.
【单选题】
当受理投诉服务超出处理权限时应该怎么处理___
A. 及时上报
B. 及时上报并告知服务对象已经上报另行处理
C. 让服务对象另行投诉
D. 告知服务对象无法处理
E.
F.
【单选题】
当数据在网络层时,我们称之为以下哪一项( )?___
A. 段
B. 包
C. 位
D. 帧
E.
F.
【单选题】
IS-IS 路由协议的接口开销采用Narrow 方式时,接口开销的取值范围是( )___
A. 0~63
B. 0~64
C. 0~1023
D. 0~1024
E.
F.
【单选题】
当双绞线仅用作数据传输时,只用到8根线缆中的4根,那么用到的是哪4根___
A. 1,2,3,4
B. 1,2,3,6
C. 1,2,5,6
D. 1,3,5,6
E.
F.
【单选题】
当网管出现TEMP_OVER时,处理方法不包括( )___
A. 清洗防护网
B. 检查空调制冷设备
C. 检查风扇
D. 拔插单板
E.
F.
【单选题】
当网管数据和网元数据不一致时,通常进行( )操作___
A. 数据上载
B. 数据下载
C. 不予理会
D. 进行数据库比较,具体情况具体分析
E.
F.
【单选题】
当线路传递功率一定时,线路损耗与功率因数的关系是___
A. 成正比
B. 成反比
C. 无关
D. 与用户用电要求有关
E.
F.
【单选题】
当用ftp方式传送非文本文件时必须用( )格式传送___
A. Binary mode
B. 十六进制
C. ASCII码
D. 十进制
E.
F.
【单选题】
关于生成树的描述正确的是 ___
A. RSTP 不能实现STP 的功能
B. MSTP 可以实现不同的VLAN 创建不同的生成树
C. MSTP 不需要选择根桥
D. RSTP 只有防止环路的功能,没有链路备份的功能
E.
F.
【单选题】
当用户业务不能使用,故障原因已确认是由我方原因造成,用户追问确切原因时,应如何回答( )___
A. 对不起,我们负责的这段网络是好的,是其它部门负责的网络有问题,你们可以向他们询问故障原因。
B. 故障原因我们正在分析中,稍后将通过客户经理/故障受理台向您提交详细的故障原因。
C. 对客户询问不做回答
D. 对不起,由于我方原因,使您的业务不能正常使用,我们深表歉意
E.
F.
【单选题】
当在单元格中直接输入数字并按回车键确认输入后,默认采用()对齐方式。___
A. 居中
B. 左
C. 右
D. 不动
E.
F.