【单选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which product can be used to provide application layer protection for tcp port 25 traffic?___
A. ESA
B. CWS
C. WSA
D. ASA
【单选题】
which iPS mode is less secure than other options but allows optimal network through put ?___
A. inline mode
B. inline-bypass mode
C. transparent mode
D. Promiscuous mode
【单选题】
Which feature of the Cisco Email security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attack?___
A. reputation based filtering
B. signature based IPS
C. contextual analysis
D. graymail management and filtering
【单选题】
Which type of social-engineering attack uses normal tele phone service as the attack vector?___
A. smishing
B. dialing
C. phishing
D. vishing
【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
推荐试题
【多选题】
在下列辅助生产费用的分配方法中,计算分配工作最为准确的是___
A. 直接分配法
B. 代数分配法
C. 交互分配法
D. 计划成本分配法
【多选题】
在计件工资制度下,产品生产工人的工资费用___。
A. 是直接生产费用,也是直接计入费用
B. 是直接生产费用,但属于间接计入费用
C. 是间接生产费用,也是间接计入费用
D. 是间接生产费用,但属于直接计入费用
【多选题】
基本生产车间计提的固定资产折旧费,应计入___科目。
A. “制造费用”
B. “财务费用”
C. “管理费用”
D. “销售费用”
【多选题】
企业行政管理部门计提的固定资产折旧费,应计入___科目。
A. “制造费用”
B. “财务费用”
C. “管理费用”
D. “销售费用”
【多选题】
长期待摊费用的摊销的期限应该是___
A. 1年以内
B. 1年以上
C. 2年以内
D. 视情况而定
【多选题】
直接分配法是将辅助生产费用___。
A. 直接分配给受益的各基本生产车间的方法
B. 直接计入管理费用的方法
C. 直接分配给辅助车间以外的各受益单位的方法
D. 直接分配给各受益单位的方法
【多选题】
在交互分配法下,交互分配后的实际费用,应在___
A. 辅助车间以外的受益单位之间进行分配
B. 各受益单位之间进行分配
C. 各辅助车间之间进行分配
D. 各受益的基本车间之间进行分配
【多选题】
辅助生产费用的分配方法中,便于考核和分析受益单位的经济责任,能够反映辅助生产产品或劳务的成本差异的是___。
A. 直接分配法
B. 交互分配法
C. 顺序分配法
D. 计划成本分配法
【多选题】
基本生产车间用于生产的低值易耗品,其价值摊销额应计入的会计科目是___
A. “基本生产成本”
B. “制造费用”
C. “销售费用”
D. “管理费用”
【多选题】
在下列制造费用分配方法中,适用于季节性生产企业的是___
A. 生产工时比例法
B. 生产工人工资比例法
C. 机器工时比例法
D. 按年度计划分配率分配法
【多选题】
在下列制造费用分配方法中,使“制造费用”科目在每月分配制造费用后可能有余额的是___。
A. 生产工时比例法
B. 生产工人工资比例法
C. 机器工时比例法
D. 按年度计划分配率分配法
【多选题】
基本生产车间领用的材料费用,按照其用途进行分配,可能记入的会计科目有___。
A. “基本生产成本”
B. “制造费用”
C. “管理费用”
D. “销售费用”
【多选题】
直接材料费用的分配标准有___。
A. 直接材料定额消耗量
B. 直接材料定额费用
C. 产品的体积
D. 产品的重量
【多选题】
在下列方法中,属于低值易耗品摊销方法的有___。
A. 一次摊销法
B. 分次摊销法
C. 五五摊销法
D. 定额比例法
【多选题】
在计时工资制度下,产品生产工人工资的分配标准一般有___。
A. 产品的售价
B. 产品的体积
C. 产品的实际生产工时
D. 产品的定额生产工时
【多选题】
应计入产品成本的职工薪酬费用,按其用途进行分配,可能记入的会计科目有___。
A. “销售费用”
B. “基本生产成本”
C. “制造费用”
D. “管理费用”
【多选题】
在下列职工薪酬费用中,应计入产品成本的有___。
A. 产品生产工人的薪酬费用
B. 基本生产车间管理人员的薪酬费用
C. 基本生产车间辅助工人的薪酬费用
D. 企业专设销售机构人员的薪酬费用
【多选题】
用于企业生产经营管理的固定资产的折旧费用,按其用途进行分配,可能记入的会计科目有___。
A. “基本生产成本”
B. “制造费用”
C. “销售费用”
D. “管理费用”
【多选题】
经过要素费用的分配,记入“基本生产成本”科目借方的费用,同时也记入其所属明细账的___成本项目。
A. “直接材料”
B. “直接人工”
C. “直接燃料和动力”
D. “制造费用”
【多选题】
在下列辅助生产费用分配方法中,对所有受益单位都分配费用的有___。
A. 顺序分配法
B. 直接分配法
C. 交互分配法
D. 代数分配法
【多选题】
在下列辅助生产费用分配方法中,对辅助生产费用进行两次或两次以上分配的有___。
A. 顺序分配法
B. 直接分配法
C. 交互分配法
D. 代数分配法
【多选题】
辅助生产费用分配的计划成本分配法的优点有___。
A. 分配结果最为正确
B. 可以简化和加速计算分配工作
C. 便于考核和分析受益单位的经济责任
D. 可以反映辅助生产车间产品或劳务的成本差异
【多选题】
在按年度计划分配率分配法下,要计算年度计划分配率,必须取得的数据有___。
A. 年度制造费用计划总额
B. 年度各种产品的计划产量
C. 各种产品的工时定额
D. 各种产品的计划销售单价
【多选题】
在五五摊销法下,应在“低值易耗品”总账科目下分设的二级科目有___。
A. “在库低值易耗品”
B. “在用低值易耗品”
C. “低值易耗品摊销”
D. “低值易耗品成本差异”
【多选题】
辅助生产车间的制造费用不通过“制造费用”科目核算,应符合的条件有___。
A. 辅助生产车间规模较大,发生的制造费用较多
B. 辅助生产车间规模很小,发生的制造费用很少
C. 辅助生产不对外销售产品或提供劳务
D. 辅助生产对外销售产品或提供劳务
【多选题】
在下列方法中,属于制造费用分配方法的有___。
A. 生产工时比例法
B. 机器工时比例法
C. 按年度计划分配率分配法
D. 定额比例法
【多选题】
废品损失包括的内容有___。
A. 不可修复废品的生产成本扣除废品残值和应收赔款后的数额
B. 可修复废品的修复费用
C. 不合格品的降价损失
D. 产品入库后因保管不善造成的损失
【多选题】
“废品损失”科目借方对应的科目可能有___。
A. “基本生产成本”
B. “制造费用”
C. “应付职工薪酬”
D. “原材料”
【多选题】
“废品损失”科目贷方对应的科目可能有___。
A. “其他应收款”
B. “基本生产成本”
C. “原材料”
D. “销售费用”
【多选题】
下列费用中,属于财务费用的抵减项目的有___。
A. 固定资产盘盈
B. 存货盘盈
C. 汇兑收益
D. 利息收入
【判断题】
直接生产费用都是直接计入费用,间接生产费用都是间接计入费用
【判断题】
若辅助生产车间未设“制造费用”明细账,则对于直接或间接用于辅助生产的各项费用,均记入“辅助生产成本”科目
【判断题】
基本生产车间直接用于产品生产,但没有专设成本项目的各项费用,应先记入“制造费用”科目
【判断题】
基本生产车间间接用于产品生产的各项费用应先记入“制造费用”科目
【判断题】
各项期间费用均不计入产品成本,应全部计入当期损益
【判断题】
由几种产品共同耗用的、有助于产品形成的辅助材料费用,可以直接计入各种产品成本
【判断题】
由几种产品共同耗用的原材料费用,按原材料定额消耗量比例分配与按原材料定额费用比例分配的计算结果是不同的
【判断题】
基本生产车间用于生产的低值易耗品,其摊销额应计入制造费用
【判断题】
五五摊销法适用于各月领用和报废比较均衡、各月摊销额相差不多的低值易耗品的推销
【判断题】
一次摊销法适用于一些单位价值较低、使用期限较短、一次领用数量不多以及容易损坏的低值易耗品的推销