【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
推荐试题
【单选题】
"143.关于建设工程依法实行工程监理的说法,正确的是()。___
A. 建设单位应当委托该工程的设计单位进行工程监理
B. 建设单位应当委托具有相应资质等级的工程监理单位进行监理
C. 工程监理单位不能与建设单位有隶属关系
D. 工程监理单位不能与该工程的设计单位有利害关系
【单选题】
"144.关于开标的说法,正确的是()___
A. 开标应当在据标文件确定的提交投标文件截止时间之后公开进行
B. 开标地点不必为招标文件中预先确定的地点
C. 开标由招标人以外的人主持,邀请所有投标人参加
D. 开标过程应当记录,并存档备查
【单选题】
"145.关于招标人终止招标要求的说法,正确的是()___
A. 以口头形式通知被邀请的或者已经获取资格预审文件、招标文件的潜在投标人
B. 已经发售的资格预审文件、招标文件,招标人无须退还所收取的资格预审文件、招标文件的费用
C. 已经收取投标保证金的,应当及时退还投标保证金,但不必退还银行同期存款利息
D. 应当时发布公告
【单选题】
"146.根据《招标投标法》,关于投标人提交投标文件的说法,正确的是()。___
A. 在招标文件要求提交投标文件的截止时间后送达的投标文件,招标人可以拒收
B. 投标人少于5个的,招标人应当重新招枥
C. 招标人收到投标文件后,应当开启检查并签收保存
D. 投标截止后,投标人擻销投标文件的,招标人可以不退还投标保证金
【单选题】
"147.关于履约保证金的说法,正确的是()。___
A. 履约保证金不得低于中标合同金额的10%
B. 中标人不履行与招标人订立的合同的,履约保证金不予退还,给招标人造成的损失超过履约保证金数额的,对超过部分不子赔偿
C. 招标文件要求中标人提交履约保证金的,中标人应当提交
D. 施工企业不得以银行保函或担保公司保函的形式,向建设单位提供履约担保
【单选题】
"148.根据《招标投标法实施条例》,履约保证金的上限是中标合同金额的( )。___
A. 2%
B. 5%
C. 10%
D. 20%
【单选题】
"149.通常沟槽的宽度不大于()m___
【单选题】
"150.在铁路路基()m内的挖掘作业,须经铁路管理部门审核同意。___
【单选题】
"151.应用手工工具(例如铲子、锹、尖铲)来确认()以内的任何地下设施的正确位置和深度___
A. 0.8m
B. 1m
C. 1.2m
D. 1.4m
【单选题】
"152.对于挖掘深度()m以内的作业,为防止挖掘作业面发生坍塌,应根据土质的类别设置斜坡和台阶、支撑和挡板等保护系统___
【单选题】
"153.在稳固岩层中挖掘或挖掘深度小于()m,且已经过检查,认定没有坍塌可能性时,不需要设置保护系统。___
A. 1
B. 1.2
C. 1.4
D. 1.5
【单选题】
"154.保护性支撑系统的安装应()进行,支撑系统的所有部件应稳固相连___
A. 自下而上
B. 自上而下
C. 从左到右
D. 从右到左
【单选题】
"155.工程完成后,应()拆除保护性支撑系统,回填和支撑系统的拆除应同步进行。___
A. 自下而上
B. 自上而下
C. 从左到右
D. 从右到左
【单选题】
"156.挖出物或其他物料至少应距坑、沟槽边沿()m,堆积高度不得超过()m,坡度不大于(),不得堵塞下水道、窖井以及作业现场的逃生通道和消防通道。___
A. 1,1.5,40°
B. 1,1.5,45°
C. 1,1.2,45°
D. 1,1.2,40°
【单选题】
"157.挖掘深度超过()m时,应在合适的距离内提供梯子、台阶或坡道等,用于安全进出。___
A. 0.8
B. 1
C. 1.2
D. 1.4
【单选题】
"158.对深度超过()m,可能存在危险性气体的挖掘现场,应进行气体检测___
A. 0.8
B. 1
C. 1.2
D. 1.4
【单选题】
"159.采用警示路障时,应将其安置在距开挖边缘至少()之外。如果采用废石堆作为路障,其高度不得低于()。在道路附近作业时应穿戴警示背心。___
A. 1.5m,0.8m
B. 1.5m,1m
C. 1.2m,1m
D. 1.2m,0.8m
【单选题】
"160.针对项目时间紧、临时性强等情况,项目负责人未能按照本办法中要求办理前期准备及开工准备相关手续的,由部门管理层明确是否进场作业,并下发开工指令。项目负责人须在( )个日历日内完成相关手续的补办工作。___
【单选题】
"161.项目负责人应于里程碑节点至少( )个工作日内部门管理层汇报项目节点情况。___
【单选题】
"162.运维类项目立项程序:各部门每年()前提交第二年工作需求计划至技术质量部,经技术质量部和安全监察部统筹平衡,报分管领导初步批准后即可在ERP系统立项,第二年年初根据集团下发的预算和公司经营分析会决策再调整,形成公司年度工作计划___
A. 9月15 日
B. 10 月1 日
C. 10 月15 日
D. 9月20 日
【单选题】
"163.业主委托的技改和大修类项目项目立项过程中,各部门每年()月提出改造需求,经技术质量部组织讨论并由分管领导组织审查后,通过OA 行文报业主公司审批,项目批准后即立项成立___
【单选题】
"164.运行公司内部技改立,各部门每年( )月提出需求计划,技术质量部统筹平衡,由技术质量部报公司党委会批准后,上报燃气集团公司和浙能集团批准___
【单选题】
"165.对当年因特殊原因需要临时调整(包括总投资变更、项目延期和取消等)的项目,项目管理部门在当年( )前经分管领导同意后将调整计划上报业主公司。___
A. 8月20 日
B. 8月15日
C. 8月10 日
D. 7月10 日
【单选题】
"166.变更工作属于合同范围内,累计联系单的费用低于10 万(含)且低于合同总价的20%(含),由()签发,累计联系单的费用超过10 万或超过合同总价的20%,由总经理签发。___
A. 分管领导
B. 经营领导
C. 总经理
D. 董事长
【单选题】
"167.变更工作属于合同范围内,累计联系单的费用超过10 万或超过合同总价的20%,由( )签发。___
A. 分管领导
B. 经营领导
C. 总经理
D. 董事长
【单选题】
"168.联系单各审核环节最长不超出()个工作日,费用审核环节最长不超出3 个工作日。___
【单选题】
"169.收集、审查、更新、发布物资自行采购范围及限额是哪个部门___
A. 物资采购部
B. 计划发展部
C. 政治工作(监察审计)部
D. 技术质量部
【单选题】
"170.收集、审查服务自行采购范围及限额是哪个部门___
A. 物资采购部
B. 计划发展部
C. 政治工作(监察审计)部
D. 技术质量部
【单选题】
"171.对自行采购部门执行财务与廉政制度的情况进行监督是哪个部门___
A. 物资采购部
B. 计划发展部
C. 政治工作(监察审计)部
D. 技术质量部
【单选题】
"172.维抢修自行采购限额中影响管网安全运行或事关 民生抢险抢修急需且单项金额 在 ()元以下的物资。___
A. 2000
B. 5000
C. 10000
D. 20000
【单选题】
"1.下列不属于生产、综合类(施工与服务)及中介机构服务采购招标方式的是()?___
A. 公开招标
B. 邀请招标
C. SRM公开采购
D. SRM公开寻源
【单选题】
"2.中介机构服务项目限额()万元以下,属于公司自采项目?___
A. 30万元
B. 50万元
C. 100万元
D. 200万元
【单选题】
"3.检修、维护采购项目估算金额为200万元以上,属于()管理范围?___
A. 板块管理公司
B. 公司自采
C. 集团采购领导小组
D. 公司采购工作小组
【单选题】
"4.技改、科技研发、委托运营采购项目,估算金额在()范围内,属于板块公司采购管理范围?___
A. A≥200
B. 100≤A<200
C. A≥50
D. 30≤A<200
【单选题】
"5.勘察、设计、监理、调试、技术监督等采购项目,估算金额在()以上,属于板块采购管理范围?___
A. 100
B. 50
C. 30
D. 200
【单选题】
"6.物业、保洁、绿化等采购项目,估算金额在()以上,属于板块采购管理范围?___
A. 100
B. 50
C. 30
D. 200
【单选题】
"1.合同应采用()形式,公司有合同范本的,应优先选用公司范本。___
A. 书面
B. 口头
C. 书面或口头
D. 协商"
【单选题】
"2.合同文本均应按统一规则编号,公司合同编号格式为:YX◎◎-□□□□-◇◇◇,其中◎◎指的是()___
A. 年份号
B. 合同类型的代号
C. 合同的年流水号
D. 运行公司"
【单选题】
"3.金额在()万元人民币以下的合同谈判由计划发展部主任组织、项目涉及的其他相关部门负责人或代表参加,监审专职参与监督。___
A. 30
B. 40
C. 50
D. 100"
【单选题】
"4.计划发展部发起合同创建流程后,需跟踪审批流程,及时提醒参与审核的相关职能部门提出合同审核意见,必要时向审核人说明情况。每个审批流程不超过()个工作日。相关职能部门如遇特殊情况需延长审核时间时,应向合同管理专职说明理由,且延长后累计审核时间最长不得超过()个完整工作日。___
A. 1,3
B. 2,3
C. 1,2
D. 2,1"
