【单选题】
How does PEAP protect the EAP exchange ?___
A. It encrypts the exchange using the server certificate
B. It encrypts the exchange using the client certificate
C. It validates the server-supplied certificate,and then encrypts the exchange using the client certificate
D. It validates the client-supplied certificate,and then encrypts the excha nge using the server certificate
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks?___
A. contextual analysis
B. holistic understanding of threats
C. graymail management and filtering
D. signature-based IPS
【单选题】
Refer to the exhibit【nat (inside,outside)dunamic interface】 Which translation technique does this configuration result in?___
A. DynamIc PAT
B. Dynamic NAT
C. Twice NAT
D. Static NAT
【单选题】
Refer to the exhibit which are repre sents the data center?___
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
推荐试题
【判断题】
债务重组中以现金清偿债务的,债权人应当将重组债权的账面余额与收到的现金之间的差额,计入营业外支出
【判断题】
修改其他债务条件涉及的或有应收金额,在债权人方面,或有应收金额属于或有资产,债权人应确认或有应收金额
【判断题】
对于附或有应付条件的债务重组,债务重组利得为重组债务的账面价值与重组后债务的入账价值和预计负债金额之和的差额,这部分利得应计入当期损益(营业外收入)
【判断题】
务重组,是指在债务人发生财务困难的情况下,债权人按照其与债务人达成的协议或者法院的裁定作出让步的事项
【判断题】
在混合重组方式下,债权人依次以收到的现金、接受的非现金资产公允价值、债权人享有股份的公允价值冲减重组债权的账面余额
【判断题】
以非现金资产清偿债务的,债务人应当将重组债务的账面价值与转让的非现金资产公允价值之间的差额,计入当期损益。转让的非现金资产公允价值与其账面价值之间的差额,计入当期损益
【判断题】
修改后的债务条款中涉及或有应收金额的,债权人不应当确认或有应收金额,不得将其计入重组后债权的账面价值。只有在或有应收金额实际发生时,才计入当期损益
【判断题】
债务重组以现金清偿债务、非现金资产清偿债务、债务转为资本、修改其他债务条件等方式的组合进行的,债务人应当以支付的现金、转让的非现金资产公允价值、债权人享有股份的公允价值冲减重组债务的账面价值,再按照债务人修改其他债务条件的规定进行会计处理
【判断题】
债务重组采用以现金清偿债务、非现金资产清偿债务、债务转为资本、修改其他债务条件等方式的组合进行的,债权人应当依次以收到的现金、接受的非现金资产公允价值、债权人享有股份的公允价值冲减重组债权的账面余额,再按债权人修改其他债务条件的规定进行会计处理
【判断题】
资产负债表日,如果未来期间很可能无法获得足够的应纳税所得额用以抵扣递延所得税资产的利益,应当减记递延所得税资产的账面价值
【判断题】
资产账面价值小于其计税基础,产生可抵扣暂时性差异;负债账面价值大于其计税基础,产生可抵扣暂时性差异
【判断题】
利润表中的所得税费用包括当期应交所得税和当期递延所得税两部分
【判断题】
对于因可供出售金融资产公允价值变动而确认的递延所得税资产或递延所得税负债,应该通过其他综合收益核算。虽然不影响当期所得税费用,但是在根据利润总额计算应纳税所得额时,仍然要考虑这部分可抵扣暂时性差异或应纳税暂时性差异
【判断题】
资产账面价值小于其计税基础,负债账面价值大于其计税基础,产生应纳税暂时性差异
【判断题】
因税收法规的变化,导致企业在某一会计期间适用的所得税税率发生变化的,企业需对以后期间的递延所得税按照新的税率进行计量,已经确认的递延所得税不用再做调整
【判断题】
企业确认的预收账款,其计税基础一定等于其账面价值
【判断题】
企业在收到客户预付的款项时,因不符合收入确认条件,会计上确认为负债,如税法中对于收入确认的原则与会计相同,计税时亦不能计入当期的应纳税所得额,则该负债的计税基础等于账面价值
【判断题】
可供出售金融资产公允价值变动通过“其他综合收益”科目核算,并不影响会计利润,同时税法此时也是不承认公允价值变动的,所以在计算应纳税所得额时,不需要考虑这部分暂时性差异的
【判断题】
递延所得税资产的确认原则是以可抵扣暂时性差异转回期间预计将获得的应税所得为限,确认相应的递延所得税资产
【判断题】
递延所得税资产或递延所得税负债均应以相关暂时性差异产生当期适用的所得税税率计量
【判断题】
所得税会计是针对会计与税收规定之间的差异,在所得税会计核算中的具体体现
【判断题】
所有无形资产在初始确认时其账面价值与计税基础是相同的
【判断题】
对于应付职工薪酬,超过税法扣除标准的部分产生可抵扣暂时性差异,应确认相关的递延所得税资产
【判断题】
对于罚款、滞纳金,在尚未支付之前按照会计规定确认为费用,同时作为负债反映。税法规定,罚款和滞纳金不允许税前扣除,所以形成可抵扣暂时性差异
【判断题】
暂时性差异是指资产、负债的账面价值与其计税基础不同产生的差额
【判断题】
应纳税暂时性差异在未来期间转回时,会减少转回期间的应纳税所得额和应交所得税
【判断题】
若资产的账面价值大于计税基础,则形成可抵扣暂时性差异
【判断题】
对于超标的广告费和业务宣传费支出,由于该类费用在发生时按照会计准则规定计入当期损益,不形成资产负债表中的资产,但因按照税法规定可以确定其计税基础,其账面价值0与计税基础的差异也形成可抵扣暂时性差异
【判断题】
对于享受优惠政策的企业,如国家需要重点扶持有高新技术企业,享受一定时期的税率优惠,则所产生的暂时性差异应以预计其转回期间的适用所得税税率为基础计量
【判断题】
2018年2月13日,在2017年度财务报告批准报出前,发现2017年末可供出售金融资产公允价值变动2 000万元计入了公允价值变动损益,企业应调整2017年度会计报表相关项目的期末数和本年数
【判断题】
如果会计政策变更的累积影响数能够合理确定,无论属于什么情况,均采用追溯调整法进行会计处理
【判断题】
会计实务中,有时很难区分会计政策变更和会计估计变更。如果难以区分为会计政策变更或会计估计变更,则应按会计政策变更进行处理
【判断题】
企业难以对某项变更区分为会计政策变更或会计估计变更的,遵循重要性要求,应当将其作为会计政策变更处理
【判断题】
本期发生的交易或事项与以前相比具有本质差别而采用新的会计政策、对初次发生的或不重要的交易或事项采用新的会计政策,均不属于会计政策变更
【判断题】
企业对初次发生的或不重要的交易或事项采用新的会计政策,属于会计政策变更
【判断题】
将以经营租赁方式租入的固定资产通过变更合同转为融资租赁固定资产,属于会计政策变更
