【单选题】
Which quantifiable item should you consider when you organization adopts new technologies?___
A. exploits
B. vulnerability
C. threat
D. Risk
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
推荐试题
【填空题】
在成本管理信息<V5.0>系统中,责任成本清单分解审批,其项目编码、项目名称、项目特征、计量单位、工程量、综合单价、合价、总控数量等数据都取至客户端的___。
【填空题】
在成本管理信息<V5.0>系统中,支持责任成本预算调整,调整后责任成本预算:___。
【填空题】
在成本管理信息<V5.0>系统中,责任成本计价中合同内明细表中本季完成数量优先默认等于参考数量中的___,且可以修改。
【填空题】
在成本管理信息<V5.0>系统中,清单分解审批可以发起___次。
【填空题】
在成本管理信息<V5.0>系统中,总控数量变更可以发起___次。
【填空题】
在成本管理信息<V5.0>系统中,由于某单价合同签订时工程量小,单价确定的较高,但是实际施工时由于变更引起量增加较多,需进行对原合同细目单价进行调减,在发起劳务合同变更流程后,可通过 ___ 来实现。
【填空题】
在成本管理信息<V5.0>系统中,项目在发起机械结算时的前置流程为___,在单机油料核算中无扣款,复选框是指当该合同没有油料扣款时才勾选。
【填空题】
在成本管理信息<V5.0>系统中,现场经费全周期预算表中的预算现场经费总额取自经审批的___。
【填空题】
在成本管理信息<V5.0>系统中,各公司___可以通过文档管理模板模块,上传本公司的合同文本,供项目使用。
【填空题】
在成本管理信息<V5.0>系统中,三项指标计算分析表中的实际产值的数据来源取自 ___。
【填空题】
中铁四成本〔2018〕717 号文规定,变更索赔评审的内容应重点从___进行评估,经评审通过后方可实施,严禁未经评审先行实施变更。
【填空题】
根据《铁路建设项目变更设计管理办法》<铁建设[2012]253号文>规定,铁路项目巳签合同中非责任事故、问题的 II 类变更设计,增减工程费用在300 万元以内的,纳入风险包干费;增减工程费用在 300 万元及以上的,由建设单位在___找那个列支并相应调整施工合同额。
【填空题】
根据《铁路建设项目变更设计管理办法》<铁建设[2012]253号文>规定,变更索赔是工程项目增盈减亏的重要手段,是企业实现效益的重要途径,应在确保质量、安全、工期和环保的前提下,围绕效益最大化的目标进行,应始终贯穿于___的全过程。
【填空题】
中铁股份成本〔2018〕61 号文,铁路Ⅱ类变更程序分四个步骤:提出变更设计建议→___→确定变更设计方案→审核下发变更施工图等。
【填空题】
中铁股份成本〔2018〕61 号文,施工图招标铁路项目投资控制程序为:可研批复投资估算<项目总投资控制法定限额>→初步设计概算→鉴修概算→___→分标预算<招标预算>→投标合同清单→概算清理→审价→办理末次计价。
【填空题】
根据中铁股份成本〔2018〕61 号文,商品混凝土调差,在城市施工时,若因地方政府要求,不允许施工单位自行建站拌制混凝土,需采购商品砼时,采购的商品砼也可以争取按___进行调差。
【填空题】
根据中铁股份成本〔2018〕61 号文,轨料运杂费界定,首先要划分好界面,一般情况下,在铺轨基地之前发生的运杂费都在___中,铺轨基地之后发生的运杂费,则在清单单价中考虑。
【填空题】
根据铁建设〔2013〕99 号文《中国铁路总公司关于铁路工程推广应用高强钢筋有关工作的通知》,自通知颁布之日<2013年8月7日>起,在建暂未施工的项目,原设计的HRB35 钢筋,应用 HRB400 钢筋代替,增加的相关费用按___办理。
【填空题】
根据中铁股份成本〔2018〕61 号文, 二次经营各章节要点提示提出,围岩变更,可结合不同围岩单价分析情况,办理正变更或负变更。变更过程中须注意:一是办理正变更时,要努力办理成___,围岩连续问题要合理策划,分步实施推进。
【填空题】
根据中铁股份成本〔2018〕61 号文,价差是指应调材料整期与编制期的差价,对应的应调材料数量为___消耗数量。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,项目经理部的工经部是项目变更索赔工作的___部门。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,各层级要贯彻落实变更索赔“___”工作思路和“六要”工作方法,建立有计划、切实可行的目标管理制度。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,要把___指标纳入生产经营考核指标体系,增强二次经营工作的严肃性,促进各级切实提高抓好这项工作的自觉性。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,明确项目经理部___至少要召开一次变更索赔<工程经济>管理分析会。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,明确在单项变更索赔批复计价后、项目整体完工后,应对各项变更索赔进行___,总结经验、查找得失、指导后续变更索赔工作。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,文明确变更索赔工作应强化法制意识和风险防范意思,确保经得起审计、___和各类执法检查;应强化风险控制,杜绝隐患,并做好反索赔相关工作。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,明确在项目开工___,项目经理部应成立变更索赔工作小组,明确分工,责任到人;项目经理为变更索赔管理的第一负责人,全面负责变更索赔工作。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,根据工程项目变更设计管理流程,提出并编制变更设计建议书由___负责提出。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,变更索赔是工程项目增盈减亏的重要手段,是企业实现效益的重要途径,应在确保___、___、___和___的前提下,围绕利益最大化的目标进行,应始终贯穿于企业生产经营管理的全过程。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,___与___是股份公司变更索赔工作的主责部门,主要负责全系统变更索赔工作的日常管理。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,___主要负责前期经营策划,在一次经营的基础上,为中标后的变更索赔埋下伏笔;负责就股份公司直属工程项目向成本与___进行营销交底。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,铁路工程项目变更索赔额指___优化、___<不含保险费>及___收入之和,其中负变更金额按绝对值计列。
【填空题】
《中国中铁工程项目变更索赔指导意见》<中铁股份成本[2018]213号>,股份公司每年、二级公司___、三级公司___、项目经理部每月至少要召开一次变更索赔管理分析会。
【填空题】
中铁四成本<2018>717 号文明确,特殊变更事项是指负变更设计实现项目减亏、___、PPP项目设计方案优化节约等内容。
【填空题】
中铁四成本<2018>717 号文明确,项目收尾结算阶段,___是第一责任人。
【填空题】
中铁四成本<2018>717 号文明确,项目准备阶段。项目合同开工日期后___个月内,局指组织参建单位,分析合同、结合实际、研究策略,制订变更索赔策划方案,录入成本管理信息系统审批。
【填空题】
中铁四成本<2018>717 号文明确,变更索赔奖励以实现___为考核指标,按实现的变更索赔利润额为奖励计取基数。
【填空题】
中铁四成本<2018>717 号文明确,项目竣工结算完成后,依据局审计部认定的实际利润,遵照___等项目成本管理六大理念,由局指配合局成本管理部区分“三项指标”对项目利润贡献大小,并配合局相关部门综合评价,评价结果与项目考核兑现挂钩。
【填空题】
中铁四成本<2018>717 号文规定,变更索赔收入按___的原则进行分劈。
【填空题】
《公路工程标准施工招标文件》2018版,如果工程的变更指示是因___引起的任何额外费用应由承包人承担。
