【单选题】
Referencing the ClA model, in which scenario is a hash- only function most appropriate ?___
A. securing data at rest
B. securing real-time traffic
C. securing data in files
D. securing wireless transmissions
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which ports must be open between a aaa server and a microsoft server to permit Active Directory authentications?___
A. 445 and 389
B. 888 and 3389
C. 636 and 4445
D. 363 and 983
【单选题】
Refer to the exhibit for which reason is the tunnel unable to pass traffic___
A. the tunnel is failing to receive traffic from the remote peer
B. the local peer is unable to encrypt the traffic
C. the ip address of the remote peer is incorrect
D. UDP port 500 is blocked
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
How can you protect CDP from reconnaissance attacks?___
A. Enable dynamic ARP inspection on all untrusted ports.
B. Enable dot1x on all ports that are connected to other switches.
C.
D. isable CDP on ports connected to endpoints.
【单选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
推荐试题
【多选题】
向单位客户销售“传世之宝”产品,必须以( )方式进行,经办人须提供有效身份证件。___
A. 现金
B. 单位借记卡
C. 转账方式
D. 开立现金支票
【多选题】
“传世之宝”业务包括( )和( )两种交易方式。___
A. 实物买卖
B. 积存账户买卖(存金通业务)
C. 期货交易
D. 延期期货交易
【多选题】
已签约“双利丰”个人通知存款的客户,可以通过重复签约修改( )等条件。___
A. 留存金额
B. 转存金额
C. 起存金额
D. 最低转存金额
【多选题】
个人自动转账业务转账方式包括( )。___
A. 指定金额
B. 留存金额差额
C. 留存金额差额取整
D. 补足余额
【多选题】
个人自动转账费用包括( )。___
A. 汇划费
B. 签约费
C. 转账手续费
D. 邮电费
【多选题】
个人自动转账业务系统功能包括( )。___
A. 自动转账签约管理
B. 自动转账关系管理
C. 自动转账公共管理
D. 自动转账维护管理
【多选题】
自动转账签约管理包括( )。___
A. 自动转账签约
B. 自动转账解约
C. 查询自动转账签约信息
D. 更换自动转账账户
【多选题】
个人客户办理“聪明账”增值账户业务需本人或者代理人到营业网点办理,且提供的资料包括( )。___
A. 本人有效身份证件原件
B. 代理人须持代理人和被代理人有效身份证件原件
C. 本人(或被代理人)金穗借记卡
D. 签订《中国农业银行“聪明账”增值账户业务协议》,一式两份
【多选题】
“聪明账”增值账户业务是将客户的个人( )和( )以系统联系起来,进行科学管理,以增加客户收益的一项理财业务。___
A. 活期存款账户
B. 零存整取定期账户
C. 整存整取存款定期子账户
D. 通知存款账户
【多选题】
个人资金归集入账方式分为( )。___
A. 多笔入账
B. 单笔入账
C. 指定笔数入账
D. 汇总入账
【多选题】
“整存整取加息智能转存”业务中合理转存天数的计算由( )决定。___
A. 旧定期利率
B. 新定期利率
C. 新活期利率
D. 存期
【多选题】
客户可以通过( )签约“整存整取加息智能转存”。___
A. 整存整取存单
B. 定期一本通
C. 金穗借记卡
D. 活期一本通
【多选题】
“整存整取加息智能转存”重新存入的账户( )发生相应的改变,存款原账号不改变。___
A. 账户余额
B. 利率
C. 起息日
D. 到期日
【多选题】
“整存整取加息智能转存”业务中转存时重新存入的账户余额为( )之和。___
A. 提前支取的存款账户余额
B. 原定期存款账户余额
C. 提前支取的税后活期利息
D. 提前支取的账户本息和
【多选题】
“聪明账”增值账户明细查询可以查询到( )等明细。___
A. 自动约转子账户明细
B. 便捷消费子账户冻结明细
C. 便捷消费子账户消费明细
D. 便捷消费子账户销转明细
【多选题】
个人资金归集签约业务办理成功后,需交还客户的相关资料包括( )等。___
A. 业务回单第二联
B. 《个人资金归集业务协议书》第二联
C. 收费凭证
D. 身份证件原件
【多选题】
确认资金归集关系交易办理成功后,需专夹保管的相关资料包括( )等。___
A. 《个人资金归集子账户扣款授权书》第一联
B. 业务回单第一联
C. 《个人资金归集子账户扣款授权书》第二联
D. 身份证复印件
【多选题】
凡因( )或其他目的需要开具资信证明的居民个人和非居民个人,均可向我行开办个人存款证明业务的营业机构申请办理。___
A. 出国留学
B. 探亲
C. 旅游
D. 移民定居
【多选题】
个人存款证明仅作为客户本人在银行个人金融资产的证明,( )或作其它用途,也不能作为办理支取的凭据。___
A. 可以质押
B. 不得转让
C. 不得为他人担保或作其他用途
D. 不能挂失
【多选题】
可用于开具个人存款证明的个人金融资产包括:( )等。___
A. 本外币定活期储蓄存款
B. 凭证式国债
C. 储蓄国债
D. 中低风险的个人理财产品
【多选题】
周末及法定节假日不办理存金通定投业务的( )。___
【多选题】
存金通非交易过户是指因( )等原因进行的贵金属份额的所有权转移。___
A. 遗产继承
B. 转让
C. 出售
D. 赠与
【多选题】
经办人员进入存金通销售交易,录入( ),审核无误后提交系统处理。___
A. 账户金代码
B. 销售重量
C. 选择客户级别
D. 销售价格
【多选题】
经办人员办理存金通销售、购回、提货等交易时,若因柜面经理操作失误、在交易系统中录入错误,在尚未同投资者进行实物黄金交割或资金收付前,报三级主管同意后可以通过柜面经理撤销交易进行撤销。本交易( )进行。___
A. 可跨日
B. 不可跨日
C. 可跨柜面经理
D. 不可跨柜面经理
【多选题】
BoEing投资理财业务客户签约时可以选择开通渠道。除系统默认的渠道外,个人可以开通的渠道包括( )。___
A. 电话银行
B. 网银渠道
C. 掌上银行
D. 自助机具
【多选题】
签约天天利滚利及半开放式产品做自动理财时,需客户选择( )作为申购周期。___
【多选题】
可以修改的自动理财签约主要信息有( )。___
A. 最低留存金额
B. 单笔最高限额
C. 理财产品
D. 申购周期
【多选题】
理财产品购买交易包括( )。___
A. 认购
B. 申购
C. 申购预申请
D. 回购
【多选题】
个人客户可在( )进行风险承受能力评测。___
A. 网银端
B. 电话银行
C. 掌上银行端
D. 柜面端
【多选题】
目前对公“双利丰”可签约活期账户类型包括( )。___
A. 基本户
B. 一般户
C. 临时户
D. 专用户
【多选题】
对公双利丰最低起存金额为等值人民币( )万元(含)以上,且原则上要求子账户最低汇总金额不得低于等值人民币( )万元。___
A. 10万元
B. 50万元
C. 500万元
D. 5000万元
【多选题】
个人客户持( )到开户行所在省内的任一营业机构办理理财产品赎回和实时赎回业务。___
A. 理财产品认购书
B. 本人有效身份证件
C. 存款证明书
D. 原交易介质
【多选题】
理财产品交割单打印,在数据保留期间支持客户补打,补打时显示补打字样。个人客户可到( )进行打印及补打,对公客户只能在( )进行打印及补打。___
A. 全国任一网点
B. 省内任一网点
C. 辖内任一网点
D. 开户网点
【多选题】
对公客户应持有( )到其开户行办理理财产品紧急退出业务。___
A. 加盖公章的企业营业执照正本或副本复印件
B. 加盖公章的组织机构代码证、事业单位法人、社会团体或其他组织提供的民政部门或主管部门颁发的注册登记证书复印件
C. 经办人有效身份证件原件及复印件
D. 非企业法定代表人(单位负责人)办理的,需提供《理财业务授权委托书》
【多选题】
企业网银端实现理财产品( )等交易功能。___
A. 购买
B. 自动理财签约
C. 赎回
D. 撤销
【多选题】
下列说法正确的有:( )___
A. 对实物贵金属的产品宣传不得使用带有诱惑性、误导性或易引发争议的语言,无虚假、过期宣传,无诋毁、贬低同业、误导客户现象。
B. 网点在实物调入前,应进行“黄金表外账户开户”,为拟调入(或购回)的每一个品种、规格开立表外账户,而且还要按照业务需要分“成品、破损、长库、短库”(破损、长库、短库根据需要开立)4个不同类型开立。
C. 对于现金及贵金属,将其与BoEing系统账务余额核对一致;贵金属还应区分销售金、回购金,按照企业代码、品种代码、规格代码、破损标识与实物进行逐一核对,并将库存明细与柜面经理黄金箱明细进行钩稽。
D. 各网点实物贵金属应“按贵金属品种规格进行表外核算。表外核算所有品种规格的贵金属均按假定价格“1元/克”或“1美元/盎司”为单位记账”。
【多选题】
客户持( )到网点办理购回,并提供借记卡或转账收款账户。___
A. 实物黄金
B. 原交易凭证(复印件有效)
C. 本人有效身份证件
D. 证书
【多选题】
实物贵金属购回时,应审核:( )___
A. 应对客户提交的产品外观、包装、原交易凭证等进行表面真实性审核
B. 对产品进行技术鉴定,如称重比对或熔金检测等
C. 客户信息,购回必须实名制
D. 超过一定额度的要进行联网核查,并留存客户身份信息
【多选题】
"115.下列关于网点营业现场基本规定的说法正确的有:( )___
A. 内勤行长监督网点内产品宣传内容是否符合有关规定。产品宣传不得使用带有诱惑性、误导性或易引发争议的语言,无虚假、过期宣传,无诋毁、贬低同业、误导客户现象。
B. 网点应按照相关规定提醒客户签约产品前应确认、了解产品相关信息,并进行风险提示。
C. 网点应公示网点营销人员资质、咨询举报电话号码,便于客户确认产品属性及相关信息,举报违规销售、私售产品等行为。
D. 业务营销人员不得劝说或者诱导客户做出是否交易的决定,不得向客户作任何形式的赢利保证,不得以任何形式与客户分享收益或承诺共担亏损。"
【多选题】
下列关于个人账户贵金属签约的说法正确的有:( )___
A. 客户持本人借记卡(附属卡除外)和本人有效身份证件,在借记卡开户行所属一级分行辖内任一网点办理
B. 该业务不可代理
C. 借记卡需已注册个人网上银行或掌上银行
D. 填写《中国农业银行账户贵金属交易业务客户风险承受能力评估问卷》,通过风险评估后,客户须签署《中国农业银行账户贵金属交易业务风险揭示书》和阅读《个人综合金融服务协议章程汇总手册》中的账户贵金属交易业务协议。
