【多选题】
What are two ways to prevent eavesdropping when you perform device management tasks?___
A. Use an SSH connection.
B. Use SNMPv3
C. Use out-of-band management
D. Use SNMP
E. Use in-band management
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two features are commonly used CoPP and CPPr to protect the control plane? ___
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
【多选题】
Which four tunne ling prot ocols are enabled in the Dfit GrpPolicy group policy ?___
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
【多选题】
Which two statements regarding the aSA VPN configurations are correct?___
A. The asa has a certificate issued by an external certificate authority associated to the ASDM TrustPoint1
B. The Default WEBVPNGroup Connection Profile is using the aaa with RADIUS server method
C. The Inside-srvbook mark references the https://192.168.1.2url
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. Any Connect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside -SRV bookmark has not been applied to the Sales group policy
【多选题】
Which three ESP fields can be encrypted during transmission?___
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad length
F. Next Header
【多选题】
.Which three statements de scribe DHCP spoofing attacks?___
A. They can modify traffic in transit.
B. They are used to perform man- in-the-middle attacks
C. They use ARP poisoning
D. They can access most network devices
E. They protect the ide ntity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
【多选题】
Which statement about the communication between interfaces on the same security level is true?___
A. Interfaces on the same security level require additional configuration to permit interinterface communication
B. Configuring interfaces on the same security level can cause asymmetric routing
C. All traffic is allowed by default between interfaces on the same security level
D. You can configure only one interface on a n individual security level
【多选题】
In which two situations should you use in band management? ___
A. when the control plane fails to respond
B. when you require administrator access from multiple locations
C. when you require ROMMON access.
D. where a network device fails to forward packets
E. when multiple ma nagement applications need concument access to the device.
【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
推荐试题
【单选题】
西方经济学家对金融创新的动因提出了不同的理论观点,其中,希克斯和尼汉斯等学者认为,金融创新的支配因素是_____。___
A. 消除经营约束
B. 制度变革
C. 降低交易成本
D. 规避管制
【单选题】
商业银行存款业务创新的最终目的是_____.___
A. 扩大原始存款的资金来源,创造更多的派生存款
B. 调整表外业务的结构
C. 降低中间业务的成本
D. 减少资产业务的风险
【单选题】
关于期权交易双方损失与获利机会的说法,正确的是_____。___
A. 买方和卖方的获利机会都是无限的
B. 买方的损失是有限的,卖方的获利机会是无限的
C. 买方的获利机会是无限的,卖方的损失是无限的
D. 买方和卖方的损失都是有限的
【单选题】
金融深化程度可以用"货币化"程度衡量,即_____.___
A. 商品交易总额中货币交易总值所占的比例
B. 国民生产总值中货币交易总值所占的比例
C. 商品交易总额占金融资产总值的比例
D. 国民生产总值占金融资产总值的比例
【单选题】
在分析货币给中,弗里德曼等人认为,高能货币的一个典型特征是能随时转化为_____。___
A. 基础货币
B. 强力货币
C. 原始存款
D. 存款准备金
【单选题】
在政府对商品价格和货币工资进行严格控制的情况下,隐蔽型通货膨胀可以表现为_____。___
A. 市场商品供过于求
B. 商品过度需求通过物价上涨吸收
C. 居民实际消费水平提高
D. 商品黑市、排队和凭证购买等
【单选题】
强制性的国民收入再分配是通货膨胀对社会再生产的负面影响之一,其表现在债权债务关系中,就是由于通货膨胀_____。___
A. 降低了实际利率,债务人受益
B. 提高了实际利率,债务人受益
C. 降低了实际利率,债权人受益
D. 提高了实际利率,债权人受益
【单选题】
在为治理通货膨胀而采取的紧缩性财政政策中,政府可以削减转移性支出。下列支出中,属于转移性支出的是_____。___
A. 政府投资、行政事业费
B. 福利支出、行政事业费
C. 福利支出、财政补贴
D. 政府投资、财政补贴
【单选题】
弗里德曼等经济学家针对通货膨胀治理而提出的收入指数化政策,是指将工资、利息等各种名义收入自动随物价指数升降而升降。这种政策_____。___
A. 加重通货膨胀给收入阶层带来的损失,且不能消除通货膨胀
B. 减轻通货膨胀给收入阶层带来的损失,但不能消除通货膨胀
C. 加重通货膨胀给收入阶层带来的损失,但能消除通货膨胀
D. 减轻通货膨胀给收入阶层带来的损失,并能消除通货膨胀
【单选题】
关于金融宏观调控机制中第二阶段的说法,正确的是_____。___
A. 调控主体为中央银行
B. 货币政策工具为再贴现率等
C. 变换中介为商业银行
D. 调控受体为企业与居民
【单选题】
在经济学中,充分就业并不等于社会劳动力100%就业,通常将_____排除在外。___
A. 摩擦性失业和自愿失业
B. 摩擦性失业和非自愿失业
C. 周期性失业和自愿失业
D. 摩擦性失业和周期性失业
【单选题】
短期债券、中期债券、长期债券的期限分别为___________
A. 1年期以内、1年至10年、10年以上
B. 1年期以内、1年至5年、5年以上
C. 半年以内、半年至10年、10年以上
D. 半年以内、半年至5年、5年以上
【单选题】
在2003年新巴塞尔资本协议中,巴塞尔委员会继承了过去以________为核心的监管思想___
A. 治理结构
B. 资本充足率
C. 监管当局的监督检查
D. 内部评级模型
【单选题】
由发行人为了筹措短期资金或弥补短期资金缺口,在货币市场上向投资者发行并承诺在将来一定时期偿付本息的凭证是___________
A. 企业债券
B. 商业票据
C. 银行大额可以转让定期存单
D. 银行承兑汇票
【单选题】
下列各项中,不属于流动资产的是___________
A. 货币资金
B. 交易性金融资产
C. 无形资产
D. 应收账款
【单选题】
企业应当以实际发生的交易或者事项为依据进行会计确认、计量和报告,如实反映确认和计量要求的各项会计要素及其它相关信息,如实反映企业的财务状况.经营成果和现金流量这是对会计信息质量________的要求___
A. 可靠性
B. 清晰性
C. 相关性
D. 谨慎性
【单选题】
在比率分析中常用的财务比率类型不包括___________
A. 效率比率
B. 结构比率
C. 相关比率
D. 相对比率
【单选题】
商业银行应确定一个管理部门或委员会统一审核批准对客户的授信,不能由不同部门分别对同一或不同客户进行授信,这是指授信要做到________ ___
A. 授信主体的统一
B. 授信形式的统一
C. 授信对象的统一
D. 不同币种授信的统一
【单选题】
下列哪个项目不属于流动资产________ ___
A. 货币资金
B. 应收账款
C. 应付账款
D. 存货
【单选题】
在中央银行的一般性货币政策工具中,与存款准备金政策相比,公开市场业务的优点之一是_____。___
A. 富有弹性,可对货币进行微调
B. 对商业银行具有强制性
C. 时滞较短,不确定性小
D. 不需要发达的金融市场条件
【单选题】
根据凯恩斯学派的货币政策传导机制理论,货币政策增加国民收入的效果,主要取决于_____。___
A. 投资的利率弹性和货币需求的利率弹性
B. 投资的利率弹性和货币供给的利率弹性
C. 投资的收入弹性和货币需求的收入弹性
D. 投资的收入弹性和货币供给的收入弹性
【单选题】
债务依存度是指___________
A. 当年国债累计余额占当年国内生产总值的比重
B. 当年债务收入占当年国内生产总值的比重
C. 当年债务收入与当年财政支出的比例关系
D. 当年债务收入与当年财政收入的比例关系
【单选题】
我国某企业从德国进口一批设备,以欧元计价结算,在对德国出口商进行支付时,正逢欧元兑人民币升值,结果为购买同款欧元支付的人民币金额增多。这种情形是该企业承受的_____。___
A. 利率风险
B. 汇率风险
C. 投资风险
D. 操作风险
【单选题】
政府对外汇市场的干预,在货币模型下非冲销式干预是_______,而在资产组合分析法下非冲销式干预是__________
A. 有效/有效
B. 有效/无效
C. 无效/有效
D. 微效/无效
【单选题】
风险价值法(VaR法)主要用于_____的评估。___
A. 信用风险
B. 市场风险
C. 汇率风险
D. 投资风险
【单选题】
在市场风险的管理中,做远期外汇交易用于_____管理。___
A. 信用风险
B. 利率风险
C. 汇率风险
D. 投资风险
【单选题】
我国商业银行实行贷款的五级分类管理。这是我国商业银行进行_____管理的举措。___
A. 信用风险
B. 市场风险
C. 操作风险
D. 国家风险
【单选题】
根据资产组合分析法,当该国中央银行为融通财政赤字而发行本国债券时,本国汇率和利率会__________
A. 升值/上升
B. 升值/下降
C. 贬值/上升
D. 贬值/下降
【单选题】
在保险法律体系中,保险公司与投保人、被保险人及受益人通过保险合同建立主体间的权利义务法律关系,适用保险_____法律规范。___
【单选题】
如果一国出现国际收支逆差,则该国_____。___
A. 外汇供不应求,外汇汇率上升,本币贬值
B. 外汇供不应求,外汇汇率下降,本币升值
C. 外汇供过于求,外汇汇率上升,本币贬值
D. 外汇供过于求,外汇汇率下降,本币升值
【单选题】
当一国出现国际收支顺差时,该国货币当局会投放本币,收购外汇,从而导致_____。___
A. 外汇储备增多,通货膨胀
B. 外汇储备增多,通货紧缩
C. 外汇储备减少,通货膨胀
D. 外汇储备减少,通货紧缩
【单选题】
按存款创造原理,货币乘数随法定存款准备金率作__________
A. 同向变化
B. 反向变化
C. 同向同比变化
D. 反向同比变化
【单选题】
某人或某企业的经济活动会给社会上其他人带来损害,但该人或该企业却不必为这种损害进行补偿,这称为___________
A. 外部经济
B. 规模经济
C. 外部不经济
D. 规模不经济
【单选题】
下列项目中属于流动资产的是________ ___
A. 银行存款
B. 短期借款
C. 应付票据
D. 预提费用
【单选题】
2011年9月,某不锈钢制品有限公司董事长失踪,欠银行贷款5亿多元未还。这种情形对于该公司的债权银行而言,属于该银行的_____。___
A. 流动性风险
B. 操作风险
C. 法律风险
D. 信用风险
【单选题】
当资金不完全流动时,如果一国内部经济均衡点处于BP曲线右下方时,此时该国国际收支处于_______状态,在固定汇率之下,对国际收支进行自动调整时,该国的货币供应量会__________
A. 顺差/增加
B. 顺差/减少
C. 逆差/减少
D. 逆差/增加
【单选题】
当国际收支平衡表上的贷方数字大于借方数字时,其国际收支差额则列入_______,以使国际收支平衡表达到平衡。___
A. “错误和遗漏”项目的贷方
B. “错误和遗漏”项目的借方
C. “储备资产”项下的借方
D. “储备资产”项下的贷方
【单选题】
金融租赁公司属于_____。___
A. 非金融机构
B. 非银行类金融机构
C. 政策性金融机构
D. 投资性金融机构
【单选题】
货币市场工具一般具有期限短、流动性强、对利率敏感等特点,有_____之誉。___
A. 货币
B. 票据
C. 基础货币
D. 准货币
【单选题】
证券回购业务实际上是一种_____行为。___
A. 证券交易
B. 短期质押融资
C. 商业贷款
D. 信用贷款
