【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
【多选题】
crypto ipsec trans form-set myset esp-md5-hmac esp-aes-256,What are two effects of the given command?___
A. It configures authentication use AES 256.
B. It configures authentication to use MD5 HMAC
C. It configures authentication use AES 256.
D. It configures encryption to ase MD5 HMAC.
E. It configures encryption to use AES 256
【多选题】
your security team has discovered a malicious program that has been harvesting the CEos email messages and the com pany 's user database for the last 6 months. What are two possible types of attacks your team discovered?___
A. social activism
B. EPolymorphic Virus
C. advanced persistent threat
D. drive-by spyware
E. targeted malware
推荐试题
【填空题】
799.工务中心依据《轨道委外管理办法》及委外合同,代表运营分公司全面负责工务委外的日常安全生产管理。___
【填空题】
800.工务中心应按要求组织委外单位建立维保设备台帐。___
【填空题】
801.工务中心安全、技术人员进行监督检查时发现委外单位人员违反安全管理规定,影响行车、设备、人身、消防等安全的应给予制止,必要时停止作业,其产生的后果由委外单位承担。___
【填空题】
802.安全是地铁运营工作的生命线,工务的维修工作必须严格执行国家的有关安全生产的法规和法令,严格遵守公司、部、中心的安全规章制度。___
【填空题】
803.工务及委外维保单位人员必须坚决坚持“安全第一、预防为主”的方针,把安全工作放在首位,落实到实处,对重要部位要有预防措施,还必须有抢修的方案。___
【填空题】
804.维修人员必须严格执行“三不动、三不离、四不放过”等基本安全生产制度。___
【填空题】
805.各特殊工种必须持证上岗,并进行必须的岗前培训,上岗证应按规定进行审验。___
【填空题】
806.各作业单位在施工结束前务必做到“工完、料尽、场地清”,确需临时存放于轨行区的垃圾,必须装袋存放在指定地点并做好标识,确保不侵限且不因活塞风而移动,并及时安排计划清理出去。___
【填空题】
807.人工巡道时要同时做好轨行区检查,发现大量施工遗留垃圾或大件物品时,要及时上报有关管理部门。___
【填空题】
808因应急需要布设在轨行区域的工具、设备、材料备品,或生产需要临时暂存于轨行区域的物品应确保远离行车线路,确保不侵限并且不因活塞风而移动,其中属于通用的物品应通过标识标贴标明所属单位。___
【填空题】
809.加强设备的维护保养,杜绝以修带保、缺项维护等不良现象,树立维护重于修理的观念。___
【填空题】
810.60kg/m钢轨9号单开道岔轨下基础采用混凝土短轨枕整体道床;道岔轨距为1435mm,曲股轨距加宽10mm。___
【填空题】
811.正线巡道开通初期3个月内每24小时巡道一次,3个月后视情况可改为每48小时巡道一次。___
【填空题】
812.50kg/m钢轨曲线型尖轨7号道岔设计动程:168mm。___
【填空题】
813.道岔辙叉部分查照间隔和护背距离应控制在1391~1394mm、1346~1348mm之间比较合适。___
【填空题】
814.总磨耗=垂直磨耗+1/2侧面磨耗。___
【填空题】
815.垂直磨耗在钢轨顶面宽1/2处___测量。___
【填空题】
816.侧面磨耗在钢轨踏面___下16mm处测量。___
【填空题】
817.目前我国线路直线地段采用的标准轨底坡为1/40。___
【填空题】
818.在拨道作业时,一般在直线地段如两股方向大小相差不多时,应以里程方向左股为基本股。___
【填空题】
819.作业未完,机具未全部下道,线路未恢复到放行列车的条件时,不得撤除防护。___
【填空题】
820.更换夹板在来车前,最低限度上足2个螺栓。___
【填空题】
821.线路施工作业时,须在符合规定的施工负责人领导下进行施工。___
【填空题】
822.轨道由钢轨、轨枕、道床、联接零件、防爬设备和道岔等部件组成。___
【填空题】
823.在视觉信号中,绿色信号的基本含义是按规定速度运行。___
【填空题】
824.使用单轨载运钢轨时,一次不得超过2根。___
【填空题】
825.混凝土轨枕扣件应经常保持位置正确,轨距挡板应靠贴轨底边。___
【填空题】
826.在线路曲线地段,应根据曲线半径和实测行车速度,在外股钢轨合理设置超高。___
【填空题】
827.温度应力式无缝线路,一般由固定区、伸缩区、缓冲区三部分构成。___
【填空题】
828.缓和曲线与直线连接处不得有反弯或“鹅头”。___
【填空题】
829.钢轨伤损分为重伤、轻伤和折断三类。___
【填空题】
830.联结零件把钢轨联结起来,使钢轨接头部分具有与钢轨一样的整体性,以抵抗弯曲和位移。___
【填空题】
831.作业休息时,不准坐钢轨、枕木头及道心。___
【填空题】
832.异性接头的联结应使两钢轨工作面轨距线与轨顶最高点水平线都相吻合。___
【填空题】
833.轨道维修贯彻“预防为主,防治结合,修养并重”的原则。___
【填空题】
834.弹条扣件的弹条中部前端下颏应靠贴轨距挡板或扭矩保持在80~150 N•m。___
【填空题】
835.复曲线应在正矢递减范围内,从较大超高向较小超高均匀顺坡。___
【填空题】
836.轨距加宽值应在缓和曲线范围内递减,无缓和曲线时,在直线地段递减。递减率不宜大于2‰。___
【填空题】
837.滑床板损坏、变形或滑床台磨耗大于5mm时,需及时更换。___
【填空题】
838.信号标志顺地铁列车运行方向设于轨道线路左侧。___
