【单选题】
Which option is a key security compone nt of and MDM deployment ?___
A. using network-specific installer packages
B. using an application tunnel by default
C. using self-signed certificates to validate the server
D. using MS-CHAPv2 as the primary
E. AP method
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which Firepower Management Center feature detects and block exploits and hack attempts?___
A. Content blocker
B. file control
C. intrusion prevention
D. advanced malware protection
【单选题】
hich description of the nonsecret numbers that are used to start a Diffie- Hellman exchange is ture?___
A. They are preconfigured prime integers.
B. They are large pseudorandom numbers.
C. They are very small numbers chosen from a table of known valuses
D. They are numeric values extracted from ha shed system hostnames
【多选题】
Which two characteristics of an application layer firewall are true?___
A. provides stateful firewal functionality
B. has low processor usage
C. provides protection for multiple applications
D. provides rever se proxy services
E. is immune to URL manipulation
【多选题】
Which two devices are components of the BYOD architectural framework?___
A. Nexus 7010 switch
B. Cisco 3945 Router
C. Identify Services Engine
D. Wireless Access oints
E. Prime Infrastructure
【多选题】
Which two actions can a zone based firewall take when looking at traffic? ___
A. forward
B. inspect
C. drop
D. broadcast
E. filter
【多选题】
n which two situations should you use in-band management?___
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
推荐试题
【填空题】
530、银行账户按照开户人类型分为___。 、A、单位银行账户 B、个人银行账户 C、结算银行账户 D、非结算银行账户
【填空题】
531、个人银行结算账户按照功能分为___。 A、Ⅰ类结算账户 B、Ⅱ类结算账户 C、Ⅲ类结算账户 D、非结算银行账户
【填空题】
532、Ⅱ类结算账户是指个人用于办理___等用途的银行账户。 A、存款 B、购买投资理财产品 C、限额消费和缴费 D、限额向非绑定账户转出资金业务
【填空题】
533、Ⅰ类结算账户可通过___开立Ⅰ类户开立。 A、柜面 B、自助机具 C、网上银行 D、手机银行
【填空题】
534、Ⅱ类户非绑定账户转入资金、存入现金日累计限额合计为___万元。 A、1万元 B、5万元 C、10万元 D、20万元
【填空题】
535、单位银行结算账户按用途分为___。 A、基本存款账户 B、一般存款账户 C、专用存款账户 D、临时存款账户
【填空题】
536、单位存款人开立的下列存款账户需经人民银行核准后核发开户许可证的有___? A、事业单位开立的基本存款账户 B、企业开立的一般存款账户 C、预算单位开立的专用存款账户 D、企业开立的临时存款账户
【填空题】
537、《企业银行结算账户管理办法》中规定的企业存款人包括___。 A、企业法人 B、非法人企业 C、个体工商户 D、社会团体法人
【填空题】
538、临时存款账户是单位存款人因临时需要并在规定期限内使用而开立的银行结算账户。有下列___情况的,单位存款人可以申请开立临时存款账户。 A、异地借款 B、设立临时机构 C、异地临时经营活动 D、注册验资
【填空题】
539、单位存款人有下列情形之一的,可以在异地开立有关银行结算账户。___ A、营业执照注册地与经营地不在同一行政区域___需要开立基本存款账户的。 B、办理异地借款和其他结算需要开立一般存款账户的。 C、存款人因附属的非独立核算单位或派出机构发生的收入汇缴或业务支出需要开立专用存款账户的。 D、异地临时经营活动需要开立临时存款账户的
【填空题】
540、单位设立的独立核算的附属机构是指单位附属独立核算的___。 A、工会 B、食堂 C、招待所 D、幼儿园
【填空题】
541、存在哪些情形时,营业机构在必要时应当拒绝为单位存款人开户?___ A、对企业身份信息存在疑义,要求出示辅助证件,企业拒绝出示的 B、组织企业同时或者分批开立账户的 C、有明显理由怀疑开立账户从事违法犯罪活动的 D、被全国企业信用信息公示系统列入“严重违法失信企业名单”的 E、经核实企业注册地址不存在或者虚构经营场所的F、企业不能提供有效的税收居民声明文件或提供的税收居民声明文件存在不合理信息但企业无法提供合理解释的
【填空题】
543、一般存款账户可以办理___等业务。 A、现金缴存 B、现金支取 C、转账存入 D、转账支取
【填空题】
544、下列专用存款账户不得支取现金的有___。 A、财政预算外资金专用存款账户 B、证券交易结算资金专用存款账户 C、期货交易保证金专用存款账户 D、信托基金专用存款账户
【填空题】
545、对涉及可疑交易报告的账户,开户行应当按照反洗钱有关规定采取适当后续控制措施,包括___等措施 A、暂停账户非柜面业务 B、限制账户交易规模或频率 C、对账户采取只收不付控制 D、对账户采取不收不付控制
【填空题】
546、下列属于定期存款的是___。 A、整存整取储蓄存款 B、零存整取储蓄存款 C、整存零取储蓄存款 D、存本取息储蓄存款 E、个人通知存款 F、定活两便储蓄存款
【填空题】
542、符合企业存款人开立银行结算账户条件的,营业机构应在开户后立即至迟于___将开户信息通过账户管理系统向人民银行当地分支机构备案,企业开立基本存款账户或临时存款账户的,还应在____内通过开户信息管理系统 向当地人民银行分支机构报送开户资料。___ A、当日 B、次日 C、两个工作日 D、五个工作日
【填空题】
547、零存整取储蓄存款存期分为___。 A、1年 B、2年 C、3年 D、5年
【填空题】
存本取息储蓄存款存期分为___。 A、1年 B、2年 C、3年 D、5年
【填空题】
整存零取储蓄存款存期分为___。 A、1年 B、2年 C、3年 D、5年
【填空题】
定活一本通是将定期、活期存款集中于一本存折上的存款产品,支持___等存款种类。 A、个人活期存款 B、个人通知存款 C、定活两便储蓄存款 D、整存整取储蓄存款
【填空题】
551、联名账户严格遵循实名制规定,以借记卡为账户介质,分为___和___。___ A、联名亲情账户 B、联名家庭账户 C、联名共管账户 D、联名附属账户
【填空题】
552、营业机构为企业开立银行结算账户前,应当通过账户管理系统审核企业基本存款账户的唯一性,在系统中准确录入___等信息。 A、法人身份证号码 B、企业名称 C、统一社会信用代码 D、注册地地区代码
【填空题】
553、下列关于支付生效日的说法,正确的有___。 A、企业存款人开立的银行结算账户支付生效日期可设置为当日及以后的日期 B、注册验资的临时存款账户转为基本存款账户支付生效日期可设置为当日及以后的日期 C、因借款转存开立的一般存款账户支付生效日期可设置为当日及以后的日期 D、除企业以外的存款人开立单位银行结算账户,支付生效日期应设置为自正式开立之日起3个工作日后的日期
【填空题】
554、单位银行结算账户通兑业务包括以下___业务种类。 A、现金取款业务 B、转账支票取款业务 C、汇兑汇出业务 D、签发银行汇票业务 E、签发银行本票业务
【填空题】
555、下列哪些支付凭证代理行不予受理?___ A、支付密码核验错误的 B、支付凭证上仅记载支付密码未签章的 C、支付凭证上签章不全的 D、支付凭证上签章验印未通过的
【填空题】
556、撤销企业存款人___应通过开户信息管理系统向当地人民银行分支机构报送账户变更资料。 A、基本存款账户 B、一般存款账户 C、专用存款账户 D、临时存款账户
【填空题】
557、单位协定存款合同按期限分为___和___。___ A、短期合同 B、固定期限合同 C、长期合同 D、无固定期限合同
【填空题】
558、单位协定存款通过单位活期存款科目并使用存款人的单位银行结算账户进行核算,遵循___的原则。 A、一个账户 B、一个余额 C、两个积数 D、两种利率
【填空题】
559、多级账簿功能开通后系统自动生成___。 A、一级账簿 B、待清分账簿 C、有权机关扣款待调整账簿 D、非有权机关扣款待调整账簿
【填空题】
560、多级账簿的计息方式分为___。 A、按账户计息 B、各账簿按同一利率计息 C、各账簿按自定义利率计息 D、按账户和账簿分别计息
【填空题】
561、人民币通知存款按存款人提前通知的期限分为___天通知存款和___天通知存款。___ A、1天 B、5天 C、7天 D、10天
【填空题】
562、借记卡处于下列哪些状态时,不能办理自动转账服务签约。___ A、挂失 B、冻结 C、质押 D、销户
【填空题】
563、存款人预留印鉴中公章或财务专用章的名称与其申请开立的银行结算账户的账户名称、出具的开户证明文件上记载的存款人名称应保持一致,以下哪些情形除外___。 A、因注册验资开立的临时存款账户,其账户名称为政府有关部门批文中注明的名称,其预留印鉴应是全部投资人或其授权的代理人的签名或盖章。 B、预留印鉴中公章或财务专用章的名称依法可使用简称的,应与账户名称保持一致,并在单位银行结算账户服务协议中明确简称的约定。 C、没有字号的个体工商户开立的银行结算账户,其预留印鉴中公章或财务专用章的名称应是“个体户”字样加营业执照上载明的经营者的姓名。 D、中国人民银行规定的其他情形
【填空题】
564、营业机构可根据新印鉴卡片数量等实际情况,确定封存保管的频率,可选择___封存保管。 A、按月 B、按季 C、按年 D、随时
【填空题】
565、营业机构可根据客户交回原印鉴卡片数量等实际情况,确定对已封存保管印鉴卡片拆包封抽卡的频率,可选择___抽卡。 A、按月 B、按季 C、按年 D、随时
【填空题】
根据《山东省农村信用社客户身份识别和客户身份资料及交易记录保存管理办法》规定,一次性金融服务是指,为不在农村商业银行开立账户的客户提供___等一次性金融服务。 A、票据兑付 B、现钞兑换 C、现金存取 D、现金汇款
【填空题】
1146、金融机构除核对有效身份证件或者其他身份证明文件外,可以采取以下的一种或者几种措施,识别或者重新识别客户身份 ___ A、要求客户补充其他身份资料或者身份证明文件 B、电话查访 C、回访客户 D、向公安、工商行政管理等部门核实
【填空题】
1147、银行对符合规定条件的大额交易,如未发现该交易可疑的,可以不报告。以下属于该种情形的是___。 A、自然人实盘外汇买卖交易过程中不同外币币种间的转换 B、国际金融组织和外国政府贷款项下的债务掉期交易 C、活期存款的本金或者本金加全部或者部分利息转为在同一金融机构开立的同一户名下的另一账户内的活期存款 D、个体工商户50万元大额现金存取
【填空题】
1148、汇出汇款业务环节,银行应登记 ___ A、汇款银行的地址 B、汇款人账号、住所 C、收款人的姓名、住所 D、汇款人的姓名或者名称