【单选题】
What' s the technology that you can use to prevent non malicious program to runin the computer that is disconnected from the network?___
A. Firewall
B. Sofware Antivirus
C. Network IPS
D. Host IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
推荐试题
【多选题】
可办理质押的理财产品需满足下列___条件。
A. 我行自主设计发行
B. 我行直接营销发售
C. 我行代理销售
D. 保证收益型
【多选题】
下列关于理财产品质押的说法正确的有___
A. 理财产品可以是由我行自主设计发行的,并由我行直接营销发售的可以质押的各类理财产品。
B. 理财产品可以是由他行设计发行的,并由他行营销发售的可以质押的各类理财产品。
C. 由发售行开具理财产品权利凭证。
D. 无需提供理财产品解除止付联系函
【多选题】
现金支票单笔大额付款___万元以上(含)必须严格执行复核制度,换人卡把复点。
【多选题】
下列不属于支票的绝对记载事项的是___。
A. 无条件支付的承诺
B. 表明"支票"的字样
C. 付款人名称
D. 确定的金额
【多选题】
支票的付款人是___
A. 存款人
B. 出票人的开户银行
C. 出票人
D. 背书人
【多选题】
支票可以通过支票影像交换系统跨区域使用,最高金额不得超过___
A. 100万
B. 50万
C. 50万(不含)
D. 100万(不含)
【多选题】
持票人向持票人开户银行提交支票要求收款, 应办理 ___
A. 委托收款背书
B. 转让背书
C. 质押背书
D. 保证背书
【多选题】
支票是___签发的,委托办理支票存款业务的银行或者其他金融机构在见票时无条件支付确定金额给收款人或者持票人的票据。
A. F、出票人
B. 汇款人
C. 付款人
D. 申请人
【多选题】
下列哪种票据在任何情况下都不可以背书转让。___
A. 转帐支票
B. 银行本票
C. 现金支票
D. 商业汇票
【多选题】
基本户使用现金支票大额取现,应提交有权人审批,对于审批权限说法正确的是___
A. 金额低于10万元(不含)无需审批
B. 主办会计审批10-50 万元(不含)
C. 开户银行负责人审批50-100 万元(不含)
D. 开户银行负责人审批100 万以上
【多选题】
出票人签发存款不足的空头支票、与预留签章不符或支付密码有误的支票,不以骗取财物为目的的,由中国人民银行处以票面金额___,最高不超过()元的罚款。
A. 1% 100
B. 1% 1000
C. 5% 1000
D. 5% 2000
【多选题】
四十二、支票的___可以由出票人授权补记。
A. 出票人
B. 出票的日期
C. 金额
D. 付款人名称
【多选题】
出票人签发存款不足的空头支票、与预留签章不符或支付密码错误的支票,出票人开户行应退票并登记___。
A. 支票处罚系统
B. 公安系统
C. 中国人民银行
D. 银监会
【多选题】
支票必须记载下列事项___
A. 表明“支票”的字样
B. 无条件支付的委托
C. 确定的金额
D. 收款人名称
E. 出票日期
F. 出票人签章
【多选题】
可用于现金支票取现的账户包括:___
A. 基本账户
B. 一般账户
C. 可取现的专用账户
D. 可取现的临时账户
【多选题】
现金支票属于大额取现的,应提交有权人审批,以下审批权限正确的是___
A. 基本账户5-50 万元(不含50 万),临时专用账户5-20 万元(不含20 万)由会计主管审批;
B. 基本账户5-50 万元(含50 万),临时专用账户5-20 万元(含20 万)由会计主管审批;
C. 基本账户50-100 万元(不含100 万),临时专用账户20-50 万元(不含50 万)由开户银行负责人审批;
D. 基本账户50-100 万元(含100 万),临时专用账户20-50 万元(含50 万)由开户银行负责人审批
E. 基本账户100 万以上,临时专用账户50 万元以上的现金支取由开户银行管辖行负责人审批;
【多选题】
我国《票据法》规定,支票的记载事项可以授权补记的有___
A. 金额
B. 出票人签章
C. 付款人名称
D. 收款人名称
【多选题】
哪类支票不得背书转让___
A. 现金支票
B. 未填写金额和收款人名称
C. 支票正面填明“不得背书转让”字样、
D. 填明“委托收款”字样的支票
【多选题】
以下说法正确的是___
A. 现金支票只能用于支取现金;转账支票只能用于转账;未印有“现金”或“转账”字样的为普通支票,可以支取现金,也可以转账。
B. 签发支票应用碳素墨水或墨汁填写,人民银行另有规定的除外。
C. 出票人签发存款不足的空头支票、与预留签章不符或支付密码错误的支票,出票人开户行应退票并登记支票处罚系统。
D. 支票没有金额起点也没有最高限额。
【多选题】
大额取现主办会计的审批权限为:___
A. 基本账户5-50万元(不含50万)
B. 基本账户5-50万元
C. 临时专用账户5-20万(不含20万)D、临时专用账户5-20万
【多选题】
三十七、关于支票的表述、下列哪些是正确的___
A. 现金支票在其正面注明后,可用于转账
B. 支票出票人所签发的支票金额不得超过其付款时在付款人处实有的存款金额
C. 支票上不得另行记载付款日期,否则该记载无效
D. 支票上未记载收款人名称的,该支票无效
【多选题】
现金支票或支取现金的普通支票的收款人向出票人开户行提示付款时,应在支票背面“收款人签章”处签章,持票人为个人的,还需交验个人有效身份证件,并在支票背面注明___,不得委托代取。
A. 证件名称
B. 证件号码
C. 发证机关
D. 证件地址
【多选题】
浙江省本票提示付款期限自出票日起最长不得超过___,持票人超过付款期限提示付款的,代理付款行不予受理。
A. 10天
B. 20天
C. 1个月
D. 6个月
【多选题】
签发现金银行本票时,申请人和收款人为___。
A. 均为单位
B. 均为个人
C. 单位或个人
D. 单位和个人
【多选题】
签发的本票欠缺哪项记载事项的,代理付款行不予受理___。
A. 加编的密押
B. 收款人名称
C. 出票日期
D. 出票人签章
【多选题】
出票银行签发银行本票需编制不超过___位密押。
【多选题】
代理付款行拒绝受理银行本票时,应向持票人出具___
A. 退票理由书
B. 退票通知书
C. 拒绝付款通知书
D. 拒绝受理通知书
【多选题】
依托小额支付系统办理银行本票业务是指___受理持票人提交的银行本票。
A. 付款行
B. 代理付款行
C. 委托行
D. 出票行
【多选题】
目前本票的使用范围为___。
A. 票据交换区域
B. 绍兴县市
C. 浙江省
D. 三省一市
【多选题】
下列关于本票的表述哪个是错误的___
A. 我国《票据法》上的本票包括银行本票和商业本票
B. 本票的基本当事人只有出票人和收款人(持票人)
C. 本票无须承兑
D. 本票是由出票人本人对持票人付款的票据
【多选题】
根据《票据法》的规定,下列关于本票的表述中,不正确的是___
A. 到期日是本票的绝对应记载事项
B. 本票的基本当事人只有出票人和收款人
C. 本票无须承兑
D. 本票是由出票人本人对持票人付款的票据
【多选题】
本汇票签发时复核柜员在本汇票打印出错,或本汇票和底卡联次没有对齐等时复核柜员需进行___。
A. 录入冲正
B. 复核冲正
C. 复核驳回
D. 录入修改
【多选题】
签发本票时,结算业务申请书的备注栏内注明“不得转让”的,出票行应当在本票___注明。
【多选题】
本票复核中发现录入有误,可驳回修改的事项是___
A. 付款凭证日期
B. 收款人名称
C. 付款人账号
D. 出票金额
【多选题】
___是银行签发的,承诺自己在见票时无条件支付确定的金额给收款人或者持票人的票据。
A. 银行汇票
B. 银行本票
C. 支票
D. 商业汇票
【多选题】
签发银行本票必须记载下列事项:___
A. 表明“银行本票”的字样;
B. 无条件支付的承诺;
C. 确定的金额;
D. 收款人名称;
E. 出票日期;
F. 出票人签章;
G. 加编的密押。
【多选题】
本票被复核柜员驳回修改时,录入柜员操作方式选“修改”,其中本票的___不得修改。
A. 付款凭证日期
B. 付款人账号
C. 收款人名称
D. 出票金额
【多选题】
本票行内兑付时,收款人是个人的,应在本票背面填明哪些内容___
A. 本人身份证件名称
B. 本人身份人证件号码
C. 本人身份证发证机关
D. 本人签名
【多选题】
哪类本票不得背书转让___?
A. 现金本票
B. 未填写金额和收款人名称的
C. 本票正面已写明“不得背书转让”字样的
【多选题】
以下关于本票录入修改的说法正确的有___
A. 付款凭证日期、付款人账号、出票金额不得修改
B. 票据状态必须为“录入”状态
C. 修改必须由原网点处理
D. 修改必须由原录入柜员处理
E. 修改必须在录入交易当日
