【单选题】
When users login to the Client less Ssl Vpn using https://209.165.201.2/test ,which group policy will be applied?___
A. test
B. clientless
C. sales
D. DfitGrp Policy
E. Default RAGroup
F. Default WEB VPN
G. roup
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?___
A. AAA with LOCAL database
B. AAA with RADIUS server
C. Certificate
D. :Both Certificate and aaa with LoCAL database
E. Both Certificate and AAA with RADIUS server
【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
推荐试题
【判断题】
各开户机构为企业开立账户,应当按规定履行客户身份识别义务,落实账户实名制,不得为企业开立匿名账户或者假名账户,不得为身份不明的企业提供服务或者与其进行交易
【判断题】
与企业法人(单位负责人)核实的开户意愿视频资料由客户经理导出,按照“机构号+户名”的方式命名
【判断题】
企业申请开立基本存款账户的,在核心系统完成账户开立后,须最迟第二个工作日在人民币银行结算账户管理系统中录入企业账户信息后进行备案
【判断题】
开户行将打印好的《基本存款账户信息》、存款人查询密码直接交给客户,无需交接
【判断题】
企业存款人密码遗失的,可以向基本存款账户开户机构申请重置
【判断题】
企业申请开立基本存款账户的,在核心系统完成账户开立后,由网点人行账户系统2级操作员在账户管理系统录入企业账户信息,然后打印《基本存款账户信息》和存款人查询密码
【判断题】
“银行结算账户”,是指我行为存款人开立的办理资金收付结算的人民币定期存款账户
【判断题】
单位存款账户销户时,可将剩余空白支票自行销毁
【判断题】
其他单位银行结算账户自正式开立之日起,3个工作日后正式生效,生效后方可办理对外支付
【填空题】
1. 运用客车车辆限度要求,轮踏面擦伤深度,本属出库不大于___mm,外属不大于___mm,途中不大于___ mm。
【填空题】
2. 运用客车车辆限度要求,车钩中心线距轨面最高___mm,最低___mm,两钩连挂中心线互差不大___ mm。钩体磨耗不大于 ___ mm。钩舌销与钩耳孔或钩舌销孔间隙不大于___mm。
【填空题】
3. 运用客车车辆限度要求,车体倾斜不得大于___mm。
【填空题】
4. 普客列车制动机的安定性是指:制动时,制动管减压___Kpa,制动机不发生紧急作用的性能。
【填空题】
5. 运用客车车辆限度要求,车轮直径之差,同一辆车___0mm。同一转向架___mm,标记速度160km/h客车同一转向架___mm,
【填空题】
6. 运用客车车辆限度要求,TPDS报警当量非空气弹簧客车___ mm, 空气弹簧客车___ mm.
【填空题】
7. 运用客车车辆限度要求,轮缘厚度不少于___mm;轮辋厚度不少于___mm;轮缘垂直磨耗不大于___mm;
【填空题】
8. 运用客车车辆限度要求,空气弹簧充气状态密接式车钩车钩中心高度:___mmmm;密接式车钩两车钩连接间隙___mm。
【填空题】
9. 运用客车车辆限度要求,制动缸活塞行程规定,装用J型闸调器的为___mm。ST1-600型闸调器的为___ mm。
【填空题】
10. 运用客车车辆限度要求,标记速度160km/h客车,各圆销与孔组装间隙不超过___mm。
【填空题】
11. 运用客车车辆限度要求,车轮踏面圆周磨耗深度不得超过___mm。
【填空题】
12. 运用客车车辆限度要求,各垂下品与轨面距离不小于___mm,电器装置不小于___ mm,闸瓦插销不小于___mm.
【填空题】
13.运用客车车辆限度要求,钩舌与钩腕内侧面距离闭锁位置时不大于___mm,全开位置时不大于___mm。
【填空题】
14. 运用客车车辆限度要求,轴箱顶部与构架间隙,25K型不小于___ mm。
【填空题】
15. 运用客车车辆限度要求,车轮踏面剥离长度一处___ mm,二处___ mm;列检测量时,两端宽度不足___mm的剥离尖端部分不计算在内;长条状剥离,其最宽处不足___mm者,不计;两剥离外边缘相距小于___ mm时,每处长不得超过___ mm,连续剥离长度不超过___mm;剥离前期未脱落部分,客列检可___。
【填空题】
16. 运用客车车辆限度要求,轴箱轮对提吊间隙___mm。
【填空题】
17. 运用客车车辆限度要求,闸片厚度不小于___ mm。闸片掉块___ mm。闸片与制动盘两侧间隙之和___mm.
【填空题】
18. 运用客车车辆限度要求,制动盘摩擦盘面热裂纹距内和外边缘≥10mm时,___ mm,距内或外边缘<10mm时,___mm.
【填空题】
19. 运用客车车辆限度要求,制动夹钳装置各圆销磨耗不大于___mm。
【填空题】
20. 运用客车车辆限度要求,闸瓦厚度不小于___ mm.
【填空题】
21. 运用客车车辆限度要求,闸片裂纹长度,当摩擦面距边缘≥30mm时,不大于___ mm。
【填空题】
22. 运用客车车辆限度要求,同一转向架左右旁承游间之和______ mm。
【填空题】
23. 普客列车总风管规定压力___kPa。
【填空题】
24. 客车A1修周期为:运行___万km或距上次A1修以上修程1年。
【填空题】
1. 库内检查列车干线及发电车DC48V绝缘测试:车辆乘务员在列车端部使用___级兆欧表对车体绝缘进行检测,空气相对湿度≥85%:线间绝缘不低于___MΩ、线地间绝缘不低于___MΩ。发电车DC48V绝缘使用___试灯进行检测,以灯丝不红为准。
【填空题】
2.始发 机次位车辆乘务员作业范围:开车前___分钟开启各车厢用电设备对各车厢进行___。检查旅客上车后或行李车装货后___无压死、车钩互差不超过___mm
【填空题】
3. 始发尾部车辆乘务员作业: 确认列车尾部___关闭、防开开口销安装、___安装及___吊起状态。列车尾部车辆乘务员按规定参加列车___:试风作业时参与核对尾部制动风表,确认风表变化符合规定。必须在列车尾部待___后方可向机后巡视。
【填空题】
4. 单班单司机机次位乘务员作业:机车到达后,检查机车___作用良好;检查列车管及___正常后,开启机车列车管___进行排风,确认___关闭机车折角塞门,撤除防护信号,手持信号旗或灯;在列车机次一辆非站台侧___外,面向司机来向人方向显示信号:昼间-展开的___在下部左右摇动;夜间___在下部左右摇动。[非单班单司机时车辆乘务员不执行本条规定]
【填空题】
5. 途中巡视作业:必须对全列___、小走廊、厕所、盥洗室、乘务室、___等所有的明锁锁舌、暗锁封签及门板进行检查。进行巡视时,要身感车辆___,耳听车辆___,鼻闻车内___,眼观车内___,在___处要进行短暂停留,重点检查,发现问题及时记录在车统-15本。
【填空题】
6. 空调列车始发后的第一次巡视、接班后的第一次巡视及终到前最后一次巡视,车辆乘务员须打开控制柜,用红外测温仪对电源柜___,___进出线接线处,___进出线接线处温升状态等进行检查,目测检查各配电柜___有无变色,并将测温记录填写在《乘务日志》内。
【填空题】
7. 发电车乘务员应在监控室值乘,离开监控室时,不得超过___分钟。每间隔___分钟,进入发电车机房、冷却间进行一次巡视检查,巡视时并用巡检记录仪在机房与控制屏安装的巡检扣处打点作为巡检依据,巡视重点是___、冷却风扇、排气扇及___运转状态、___水量、消音器状态。
