【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
【多选题】
crypto ipsec trans form-set myset esp-md5-hmac esp-aes-256,What are two effects of the given command?___
A. It configures authentication use AES 256.
B. It configures authentication to use MD5 HMAC
C. It configures authentication use AES 256.
D. It configures encryption to ase MD5 HMAC.
E. It configures encryption to use AES 256
【多选题】
your security team has discovered a malicious program that has been harvesting the CEos email messages and the com pany 's user database for the last 6 months. What are two possible types of attacks your team discovered?___
A. social activism
B. EPolymorphic Virus
C. advanced persistent threat
D. drive-by spyware
E. targeted malware
推荐试题
【判断题】
96:本行为外国政要客户提供开立账户服务时,应当报本行行长批准后方可开立
【判断题】
97:自然人客户的“身份基本信息”中,客户的住所地与经常居住地不一致的,登记客户的住所地
【判断题】
98:对于成年人代理未成年人或者老年人开户预留本人联系电话等合理情形的,由相关当事人出具说明后,联系电话可以保持不变
【判断题】
99:当自然人客户由他人代理办理人民币单笔5万元(含)以上或者外币等值1万元美元(含)以上的现金存款业务时,如果存款人因合理理由无法提供被代理人有效身份证件或者身份证明文件,各营业机构可参照有关一次性金融服务时履行客户身份识别的要求,只对代理人开展相关客户身份识别工作
【判断题】
100:本行各营业机构为自然人客户办理人民币单笔5万元(含)以上或者外币等值1万元美元(含)以上的现金存取及转账业务时,应核对客户的有效身份证件或其他身份证明文件,无需摘录身份证号码(或在综合前端系统内录入身份证号码)
【判断题】
101:反洗钱系统中,针对客户风险评级模块,如果编辑岗和审核岗对同一个客户的等级意见不统一,审批岗拥有最终决定客户等级的权限
【判断题】
102:新反洗钱系统中,较高风险客户至少应该半年进行一次持续评级
【判断题】
103:在可疑案例上报过程中,当反洗钱系统中信息补录不完整时,需要首先补录完整客户信息和交易信息,否则无法排除或上报可疑案例
【判断题】
1:享档档起存金额1万元,存期1年,存取灵活,支持多次支取,享活期便利定期收益,按实际存期向下靠档计息
【判断题】
2:个人手机银行开通指纹登录后即可进行5万元以上的转账交易
【判断题】
3:某客户办理了我行个人电子银行,之后由于出差身在外地,加之手机丢失,让其家人拿户口本前来变更手机号,柜员考虑到情况特殊,直接进行了变更,其做法是否正确
【判断题】
4:个人客户开立电子银行必须到账户开户网点办理
【判断题】
5:新版手机银行中,客户使用“验证码+密码”认证方式时,所输入的密码为客户设定的支付密码
【判断题】
6:手机银行登录密码遗忘时客户必须到我行营业网点进行重置
【判断题】
7:客户有我行金燕卡,之前并未在我行开立过电子渠道,可直接下载我行手机银行APP,自主注册成为我行手机银行客户
【判断题】
8:张三是我行电子银行个人客户,开通了转账单笔5000万元的特殊限额业务,某日通过网银单笔跨行转出5000万元后,又欲通过我行手机银行跨行转出5万元,咨询我行工作人员,我行工作人员告知其无法转出,必须到柜面办理。是否正确?
【判断题】
9:李四是我行电子银行个人客户,开通了转账单笔5000万元的特殊限额业务,某日通过网银单笔跨行转出5000万元后,又欲通过我行手机银行向其本人同行账户转出5万元,咨询我行工作人员,我行工作人员告知其无法转出,必须到柜面办理。是否正确?
【判断题】
10:王五开通了特殊限额设置后,咨询我行工作人员是否可以在手机银行上进行特殊限额转账,我行工作人员告知其暂时不能,只能在网银上进行,是否正确?
【判断题】
11:手机闪付开通后,必须要打开手机银行APP才能支付
【判断题】
12:金燕e贷中,客户将支用的额度进行归还后,该笔合同则注销
【判断题】
13:客户想关闭小额免密免签必须到柜面进行
【判断题】
14:电子银行中的客户级限额,客户可以自主改动,但只可调低
【判断题】
15:电子银行中的渠道限额(认证方式限额),客户可以自主改动,但只可调低
【判断题】
16:自助设备刷脸取款时,系统会把客户脸部信息存储到后台,并和你的账户直接关联
【判断题】
17:自助设备刷脸取款时,不用输入账户取款密码即可取款
【判断题】
18:金燕e贷,客户当天支用形成的电子合同,若发现期限选择错误,可以当天注销合同
【判断题】
19:手机银行无卡取款,可以预约550元
【判断题】
20:客户办理特殊限额业务后,跨行转战时可以突破客户级限额
【判断题】
21:签约1张记账卡冻结300元,签约第2张记账卡无需再额外冻结
【判断题】
22:若账户活期余额<通行费,会扣款失败并将客户列入“黑名单”,系统将连续3天短信提醒客户补足余额并每天批扣一次,若某次扣款成功,则自动解除黑名单状态
【判断题】
23:若动用了保证金,“黑名单”不会自动解除,客户需前往柜台,柜员做【E0017】ETC记账卡保证金恢复交易,保证金恢复后ETC记账卡状态最长48小时内(含节假日)会自动移除
【判断题】
25:车辆办理ETC实行“一车一卡一标签”,专车专用。即一辆车上只能配备一张中原通卡,一个电子标签使用
【单选题】
1:1090交易,当年错账冲正用___字,隔年错账冲正只能用反方向___字补帐。___
A. 红 蓝
B. 红 红
C. 蓝 红
D. 蓝 蓝
【单选题】
2:可通过1090交易进行冲账的存款账户,下列选项错误的是___
A. 活期账户
B. 个人零整账户
C. 教育储蓄账户
D. 个人整存整取账户
【单选题】
3:代发错误时,应与代发单位和账户所有人协商采取适当的方式进行处理,未签署代发/代扣协议或代发/代扣协议不符合要求的,不能通过___交易进行代扣处理。
A. 5625代理文件上送处理
B. 6747一记双讫红蓝字
C. 1202法定机关扣划
D. 6674一记双讫
【单选题】
4:开户次日起6个月未发生业务的账户进行非柜面渠道业务发生控制, 解控的交易码为___。
A. 1206
B. 1204
C. 1109
D. 1219
【单选题】
5:以下哪种凭证不得作为质押的权利凭证___
A. 单位定期存单
B. 股金证
C. 个人定期存单
D. 单位定期存款开户证实书
【单选题】
6:以下关于存款证明的表述,不正确的是___
A. 时点存款证明证明的存款余额是上一日日终账户的全部余额
B. 当天开立的账户不允许当天开具时点存款证明
C. 存款证明申请份数最多可以开具10份
D. 客户丢失存款证明书,可以进行挂失
【单选题】
7:芯片存单开户后,客户前来支取时芯片损坏,且密码遗忘,前台应如何操作___
A. 有凭证,先做7128密码挂失,再做7125挂失后重置;
B. 先想办法修复芯片,修复后座7125挂失及重置;
C. 进行双挂;
D. 有凭证,直接做7125挂失及重置。