【单选题】
Refer to the exhibit which are repre sents the data center?___
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
While trouble shooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?___
A. IKE Phase 1 main mode was created on 10.1.1.5, but it failed to negotiate with 10.10 10.2
B. IKE Phase 1 main mode has successfully negotiated between 10.1.1.5 and 10.10..
C. IKE Phase 1 aggressive mode was created on 10.1.1.5, but it failed to negotiate with
【单选题】
Refer to the exhibit All ports on switch 1 have a primary vLan of 300 Which devices can host 1 reach?___
A. host 2
B. server
C. host 4
D. other devices within VLAN303
【单选题】
Which option is the cloud-based security service from Cisco the provides URL filtering, web browsing content security, and roaming user protection?___
A. Cloud Web service
B. Cloud Advanced Malware Protection
C. Cloud We b Security
D. Cloud Web Protection
【单选题】
How can you detect a false negative on an IPS?___
A. View the alert on the ips
B. Review the ips log
C. Review the is console
D. Use a third- party system to perform penetration testing.
E. Use a third- party to audit the next generation firewall rules
【单选题】
If a switch port goes directly into a blocked state only when a superior BPDU is received, what mechanism must be in use?___
A. STP BPDU guard
B. Loop guard
C. EtherChannel guard
D. STP Root guard
【单选题】
what improvement does EAP-FASTv2 provide over EAP-FAST? ___
A. It allows multiple credentials to be passed in a single EAP exchange.
B. It supports more secure encryption protocols
C. It allows faster authentication by using fewer packets.
D. It addresses security vulnerabilities found in the original protocol
【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
推荐试题
【判断题】
52:双挂时,挂失约定天数填写时,应勾选“是7天”
【判断题】
53: 根据电子银行业务相关规定,开立电子银行的个人客户,应当具备完全民事行为能力。其中为16周岁(含)至18周岁(不含),以自己劳动收入为主要生活来源的客户开立电子银行,无需提供能够证明其收入的交易流水或工作证明
【判断题】
54:【1206睡眠户转正常户】不允许由他人代理
【判断题】
55:金额冻结可以一次性冻结该账户的全部子账户
【判断题】
56:客户账户已被法院进行只收不付冻结,另一家法院可以申请对该账户进行只收不付轮候冻结
【判断题】
57:享档档、智能通知存款支持存折开立账户
【判断题】
58:向Ⅱ类户做批量代发业务,代发金额不受使用限额限制
【判断题】
59:Ⅱ类户、Ⅲ类户可以下挂网上银行、手机银行,但使用额度受限额限制
【判断题】
60:修改代发标志使用【1123个人账户维护】交易,挂失状态修改代发标志要选择“非客户”,授权时,需按非客户发起提交授权资料
【判断题】
61:手工清分应组织专门人员进行清点处理,临柜人员对收入现金进行手工挑剔、鉴伪后付出的行为是办理业务的必要步骤,具有小额、分散的性质,不属于手工清分范围
【判断题】
62:2018年1月1日起,县级及以下银行网点缴存人民银行发行库的钱捆必须经过清分
【判断题】
63: 5625代理文件上送处理有自己专用的逆向交易,不适用8899进行撤销
【判断题】
64:特殊情况下(如电信诈骗等),为防范出现更大风险,保护客户资金安全,可以由客户发起8899撤销交易,撤销时应提供客户影像(如原交易需要提交证件的同时提交证件),交回银行回执,并由客户出具声明(说明撤销原因,由此引起的一切经济纠纷和法律责任,由其承担等)
【判断题】
66:对于1090账户隔日冲补账交易,补账金额不得大于冲账金额
【判断题】
67:使用【7127凭证挂失解挂】交易时要注意,凭证正式解挂非当天处理时无需提交挂失申请书客户联
【判断题】
68:差错处理后再做1204对账户进行解控维护,解控时的审批人应是机构主管
【判断题】
69:持有人对银行业金融机构认定的兑换结果持有异议的,银行业金融机构受理网点应报告人行,由人行进行鉴定
【判断题】
70:特殊残缺、污损人民币剩余面积是指票面图案、文字、纸张能按原样连接的实物面积,包括与票面原样连接的炭化、变形部分。不能按原样连接的部分,同样作为票面剩余面积计算
【判断题】
71:对盖有“假币”字样戳记的人民币纸币,经鉴定为假币的,由鉴定单位交收缴单位按照面额兑换完整券退还持有人,收回持有人的《假币收缴凭证》,盖有“假币”戳记的人民币按损伤人民币处理
【判断题】
72:使用通过两次进钞分别完成鉴伪和清分操作的现金处理设备(业内称作“一口半清分机”),需严格采用两种模式进钞的操作流程,其中一次进钞使用设备的鉴伪功能挑剔出假币,另一次进钞使用设备的清分功能区分宜流通和不宜流通钞票
【判断题】
74:会计内部账户的记账错误时用6220进行抹账,其他交易记账不能用此交易进行抹账
【判断题】
76: 客户实行资金结算应该开立银行结算账户,但是有的预算单位无账户开立的文件,不符合人行的账户开立的标准,我行可在系统中开立5069内部户,为客户提供资金结算服务
【判断题】
77: 对于客户要求进行代发的资金,在资金未代发成功时,可以不原路退回,而是转入其他的内部账管理
【判断题】
78:为客户代发工资时,可不开立5069的代发工资户,直接将各代发单位的资金转入一个账户506950001的账户中
【判断题】
79:347450001这个账户的作用仅用于我们在做汇兑业务时系统进行的资金挂账,这个账户不能手工随便使用
【判断题】
80:内部账错账冲正交易应该使用1090账户隔日冲补账交易
【判断题】
81:尾号为347850001的内部帐账户应使用6002挂账处理完成,不能手工记账
【判断题】
82:转账代收客户需缴纳的印花税时,使用8080系统内转账交易将客户账转入3475应解汇款过渡户500元,然后使用6674一记双讫交易,将3475应解汇款过渡户资金转入3490印花税500元
【判断题】
83:使用【1057】交易开立的单位活期保证金账户可以作为结算账户使用,做【1058】启用后,即可正常办理结算业务
【判断题】
84:单位定期提前支取,授权时需提供单位公函(若提交的授权委托书中写明提前支取单位定期的,则无需再提供公函)
【判断题】
85:单位定期存单质押贷款结清后,使用1101 交易操作,选择“转换类型”为“7-单位定期存单转存款证实书”,录入账号与原凭证序号,核对账户名称与系统相符,输入原证实书凭证序号
【判断题】
86:客户凭证作废时,发现通过【7152】交易打印的凭证状态显示异常,需做相关处理后,再进行作废处理
【判断题】
87:单位账户销户时,销户方式可以选择正常销户和挂失销户;当选择挂失销户时,需输入挂失处理编号
【判断题】
88:【7122】交易用于客户账号与印鉴卡片的关联、更换、销卡等操作。印鉴更换生效日期必须为次日或者次日以后,而其他操作生效日期则为当日操作提交成功以后
【判断题】
89:【1058】单位账户启用交易,一般户启用时必须选择开户原因,选择借款原因的系统默认启用天数为3天
【判断题】
90:机构客户号合并过程中,如果保留客户和被合并客户号下都有基本账户,则不能进行合并,操作员必须将其中一个不合法的基本户销户后才能合并
【判断题】
91:基本存款账户可以通过【1132】交易将账户分类维护为验资户,同时验资户也可通过1132交易维护为其他类账户
