【多选题】
Which two features are supported in a VRF-aware softwar infrastructure before VRF-lite?___
A. multicast
B. fair queuing
C. WCCP
D.
E. IGRP
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
.Which loS command do you enter to test authentication again a AAA server?___
A. dialer aaa suffix <suffix> password <password>
B. ppp authentication chap pap test
C. test aaa-server authentication dialer group user name <user> password <password>
D. aaa authentication enable default test group tacases
【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
推荐试题
【单选题】
某旅客携带自用单行本图书35册进境,海关应__________。___
A. 对全部图书予以免税放行
B. 对全部图书予以征税放行
C. 按照进口货物依法办理相关手续
D. 对超出规定数量的部分予以征税放行
【单选题】
某旅客携带自用单行本书籍60册进境,海关应__________。___
A. 对全部书籍予以征税放行
B. 对全部书籍按照进口货物办理手续
C. 对于超出规定数量的部分予以征税放行
D. 对超出规定数量的部分按照进口货物办理手续
【单选题】
外国一记者应某学校邀请短期来华采访,经审核该校无担保资质。记者携运采访器材进境时,应向进境地海关提交__________出具的担保函或者缴纳税款等值的保证金。___
A. 国家教育行政主管部门
B. 经海关认可的银行或者非银行金融机构
C. 中华全国新闻工作者协会
D. 国家新闻出版行政主管部门
【单选题】
来大陆采访的台湾记者携带采访器材进境时,无须向海关提交__________。___
A. 邀请函
B. 担保函
C. 采访器材清单
D. 器材通关批准书
【单选题】
旅客不准携带__________出境。___
【单选题】
旅客携带进境的药用羚羊角超出50克的,海关凭__________征税放行。___
A. 进口许可证
B. 入境货物通关单
C. 自动进口许可证
D. 濒危物种进出口管理办公室批件
【单选题】
对旅客携带进境的人体组织,海关应予以没收并移交__________处理。___
A. 当地医院
B. 缉私部门
C. 卫生主管部门
D. 检验检疫部门
【单选题】
血液样本非法出境被海关查获的,应及时通报__________。___
A. 当地医院
B. 缉私部门
C. 地方卫生部门
D. 检验检疫部门
【单选题】
旅客携运卫星电视接收设备进境并向海关申报的,海关予以__________。___
A. 免税放行
B. 限期退运
C. 征税放行
D. 移交没收
【单选题】
旅客申报携运出境秘密级国家秘密文件,应向海关交验__________。___
A. 保密部门出具的介绍信
B. 国家秘密载体出境许可证
C. 加盖保密部门印章的证明书
D. 出境人员所在保密单位工作证
【单选题】
非法携运国家秘密文件出境的,海关应予处罚,并扣留文件移交查扣地__________处理。___
A. 边防检查部门
B. 地市级以上公安机关
C. 地市级以上档案管理部门
D. 地市级以上政府保密工作部门
【单选题】
个人携运自用的无线电发射设备入境,向海关申报时应当交验__________。___
A. 机电产品进口证明书
B. 机电产品进口登记表
C. 无线电设备进关审查批件
D. 无线电发射设备型号核准证
【单选题】
__________不属于国家规定应当征税的“20种商品”。___
A. 手机
B. 家具
C. 照相机
D. 游戏机
【单选题】
香水、防晒霜、发胶的进口税税率分别是:___
A. 30%;20%;10%
B. 50%;30%;20%
C. 50%;30%;30%
D. 50%;50%、50%
【单选题】
进境居民旅客携带在境外获取的个人自用进境物品,总值在__________人民币以内的,海关予以免税放行。___
A. 10000元
B. 8000元
C. 6000元
D. 5000元
【单选题】
旅检现场行邮X光机机检量是指经行邮X光机查验的__________。___
A. 旅客人数
B. 案件数量
C. 开箱次数
D. 行李件数
【单选题】
在“旅客通关子系统”查验管理中录入查获旅客携带海洛因毒品入境,流转方向应选择__________。___
A. 待鉴定
B. 现场收缴
C. 移送缉私
D. 入仓待处理
【单选题】
进出境快件是指进出境快件运营人以向客户承诺的__________方式承揽、承运的__________。___
A. 快速邮递;进出境物品
B. 快速邮递;进出境货物、物品
C. 快速商业运作;进出境货物
D. 快速商业运作;进出境货物、物品
【单选题】
未经国家邮政部门批准,快件运营人不得承揽、承运__________。___
A. 文件
B. 个人物品
C. 私人信件
D. 外交邮袋
【单选题】
__________快件是指法律、法规规定予以免税且无商业价值的文件、单证、票据及资料。___
A. 文件类
B. 个人物品类
C. 货样、广告品类
D. 货物类
【单选题】
某企业因生产急需,通过快件渠道从境外购进一批价值人民币20000元的塑胶粒。按照规定,这批塑胶粒需按照__________快件办理报关手续。___
A. 文件类
B. 货物I类
C. 货物Ⅱ类
D. 普通货物类
【单选题】
某企业通过快件渠道进口一件价值为人民币100元的服装样品,可按照__________快件办理报关手续。___
A. 文件类
B. 货物I类
C. 货物Ⅱ类
D. 个人物品类
【单选题】
进境快件应当自装载快件的运输工具申报进境之日起________内向海关申报。___
A. 10日
B. 14日
C. 15日
D. 20日
【单选题】
出境快件应当在装载快件的运输工具离境__________之前,向海关申报。___
A. 3小时
B. 6小时
C. 12小时
D. 24小时
【单选题】
__________应按文件类快件办理海关手续。___
A. 私人信件
B. 法律、法规规定予以免税且无商业价值的单证
C. 境内收件人向境外订购的需要对外付汇的印刷品
D. 境内收件人向境外订购的需要对外付汇的文件及资料
【单选题】
文件类快件报关时,运营人应当向海关提交__________。___
A. 进出境快件KJ1报关单
B. 进出境快件KJ2报关单
C. 进出境快件KJ3报关单
D. 进出境快件个人物品申报单
【单选题】
__________快件报关时,运营人应当向海关提交进境快件收件人或出境快件发件人身份证件影印件。___
A. 文件类
B. 货物I类
C. 货物Ⅱ类
D. 个人物品类
【单选题】
货物Ⅱ类快件是指:___
A. 应予征税的进境货物(实行许可证件管理的、需进口付汇的除外)
B. 货样、广告品(实行许可证件管理的、应征出口关税的、需出口收汇的、需出口退税的除外),
C. 应予征税的货样、广告品(实行许可证件管理的、需进口付汇的除外)
D. 应予免税的货样、广告品(实行许可证件管理的、需进口付汇的除外)
【单选题】
“货物Ⅱ类快件”进境申报,应当提交__________。___
A. KJ2报关单
B. KJ3报关单
C. 进口货物报关单
D. 个人物品申报单
【单选题】
某公司通过DHL公司从美国进口新研发的手机10部,作为以后大批量采购该手机的样品。这些手机应以__________方式进口。___
A. 个人物品类
B. 货物I类
C. 货物Ⅱ类
D. 普通货物
【单选题】
“货物I类快件”进境申报,应当提交__________。___
A. KJ2报关单
B. KJ3报关单
C. 进口货物报关单
D. 个人物品申报单
【单选题】
某公司从韩国邮递进境10台具有发射、接收无线电功能电视机顶盒,经查验该机顶盒上有DVB-S.2字样(数字卫星广播标准)。该批快件应以__________申报。___
A. 个人物品类
B. 普通货物
C. 货物I类
D. 货物Ⅱ类
【单选题】
海关查验进出境快件时,__________应派员到场,并负责进出境快件的搬移、开拆和重封包装。___
A. 快件收货人
B. 快件发货人
C. 快件运营人
D. 运输工具负责人
【单选题】
进出境快件开箱查验后,要在快件包装内明显位置放置统一格式的__________。___
A. 查验通知书
B. 查验告知单
C. 查验货物清单
D. 进出境快件报关单
【单选题】
对进出境快件开箱查验后,查验关员应填写__________。___
A. 进出境货物查验记录单
B. 进出境快件查验通知书
C. 进出境快件查验记录单
D. 进出境快件查验告知单
【单选题】
快件机检图像保存时间不得少于__________。___
A. 3个月
B. 6个月
C. 1年
D. 3年
【单选题】
快件机检图像与快件报关单信息同屏对比时,机检关员对每件快件的判图时间应大于__________。___
【单选题】
快件运营人不得承揽、承运禁止进出境物品,如有发现,快件运营人应当__________。___
A. 立即作退运处理
B. 立即作销毁处理
C. 立即通知海关
D. 立即告知收发件人
【单选题】
文件类、货物Ⅰ类、货物Ⅱ类快件通过__________接受申报。___
A. H2010通关管理系统
B. 快件通关管理系统
C. 公自用物品管理系统
D. 旅客通关子系统
【单选题】
快件通关管理系统发生故障时,凭__________提交的纸质进出境快件报关单及随附单证办理海关手续。___
A. 快件运营人
B. 快件收货人
C. 快件发货人
D. 快件监管场所运营人
