【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
推荐试题
【单选题】
( )是指在票据签章人之后签章的其他票据债务人。 ___
A. 签章人
B. 持票人
C. 前手
D. 后手
【单选题】
( )是指汇票付款人承诺在汇票到期日支付汇票金额的票据行为。 ___
A. 背书连续
B. 承兑
C. 前手
D. 后手
【单选题】
见票后定期付款的汇票,持票人应当自出票日起( )内向付款人提示承兑。 ___
A. 1个月
B. 2个月
C. 3个月
D. 4个月
【单选题】
付款人对向其提示承兑的汇票,应当自收到提示承兑的汇票之日起( )内承兑或者拒绝承兑。 ___
【单选题】
持票人应当自收到被拒绝承兑或者被拒绝付款的有关证明之日起3日内,将被拒绝事由书面通知其前手;其前手应当自收到通知之日起( )内书面通知其再前手。持票人也可以同时向各汇票债务人发出书面通知。 ___
【单选题】
( )是出票人签发的,承诺自己在见票时无条件支付确定的金额给收款人或者持票人的票据。 ___
【单选题】
本票自出票日起,付款期限最长不得超过( )。 ___
A. 1个月
B. 2个月
C. 3个月
D. 5个月
【单选题】
( )是出票人签发的,委托办理支票存款业务的银行或者其他金融机构在见票时无条件支付确定的金额给收款人或者持票人的票据。 ___
【单选题】
支票的持票人应当自出票日起( )内提示付款;异地使用的支票,其提示付款的期限由中国人民银行另行规定。 ___
A. 10日
B. 15日
C. 20日
D. 30日
【单选题】
下列有关汇票的表述中,正确的是:( )。 ___
A. 汇票未记载收款人名称的,可由出票人授权补记
B. 汇票未记载付款日期的,为出票后10日内付款
C. 汇票未记载出票日期的,汇票无效
D. 汇票未记载付款地的,以出票人的营业场所、住所或经常居住地为付款地
【单选题】
汇票的保证不得附有条件,附有条件的,是( )。 ___
A. 该保证无效
B. 视为未保证
C. 不影响对汇票的保证责任
D. 保证人对所附条件承担责任
【单选题】
汇票的保证人在汇票上或者粘单上未记载被保证人的名称,对于未承兑的汇票,( )为被保证人。 ___
A. 持票人
B. 出票人
C. 承兑人
D. 付款人
【单选题】
以下关于支票付款的有关说法,不正确的是:( )。 ___
A. 支票限于见票即付,不得另行记载付款日期;另行记载付款日期的,该票据无效
B. 支票的持票人应当自出票日起10日内提示付款
C. 超过付款提示期限的,付款人可以不予付款
D. 持票人超过付款提示期限的,并不丧失对出票人的追索权
【单选题】
刘某没有代理权,冒充王某的代理人,在票据上以代理人名义签章,该票据责任的承担者是( )。 ___
A. 王某
B. 刘某
C. 刘某和王某
D. 票据相对人
【单选题】
个人客户是指接受支付机构支付服务的( )。 ___
A. 自然人
B. 商户
C. 法人
D. 其他组织客户
【单选题】
支付机构应当遵循( )原则,建立健全客户身份识别机制。 ___
A. 业务发展优先
B. 客户第一
C. 了解你的客户
D. 风险防控优先
【单选题】
支票影像交换业务处理遵循( )的原则。 ___
A. 先付后收、收妥抵用
B. 全额清算
C. 银行不垫款
D. 以上都对
【单选题】
提入行收到支票影像业务,应在规定时间内通过小额支付系统返回支票业务回执。目前,中国人民银行规定的返回时间为( )。 ___
A. T+1
B. T+2
C. T+3
D. T+4
【单选题】
出票人开户银行收到支票影像信息,可以拒绝付款的情形有( ) ___
A. 约定使用支付密码的,支付密码未填写或错误
B. 电子清算信息与支票影像不相符
C. 数字签名或证书错误
D. 以上都对
【单选题】
支票影像信息包括( )。 ___
A. 电子清算信息
B. 支票影像
C. 支票影像和电子清算信息
D. 以上都对
【单选题】
农村信用社电子银行承兑汇票单张出票金额原则上不得超过( )(含)。 ___
A. 500万元
B. 1000万元
C. 1500万元
D. 2000万元
【单选题】
行内电票系统运行时间原则上支持( )运行,每日运行时间从( ),具体的时间安排参照人行规定执行。 ___
A. 7*12 ,8:00-20:00
B. 5*12 ,8:00-20:00
C. 7*24 ,9:00-16:00
D. 5*24 ,9:00-16:00
【单选题】
票据当事人对票据信息有异议的,最终由( )向票据当事人作出解释。 ___
A. 接入机构
B. 票据业务管理部门
C. 出票人
D. 持票人
【单选题】
持票人对支票出票人的权利,自出票日起( )内不行使而消灭。 ___
A. 10天
B. 一个月
C. 三个月
D. 六个月
【单选题】
银行承兑汇票的提示付款期自到期之日起( )。 ___
A. 3日
B. 5日
C. 10日
D. 30日
【单选题】
银行承兑汇票承兑行按规定向出票人收取工本费,并按票面金额的( )计收手续费。 ___
A. 万分之一
B. 万分之三
C. 万分之五
D. 万分之十
【单选题】
保证人必须按照《中华人民共和国票据法》的规定在票据上记载保证事项。为出票人保证的,应将保证事项记载在票据的( )。 ___
A. 背面
B. 正面
C. 粘单上
D. 备注中
【单选题】
银行汇票的提示付款期限自出票日起( ),持票人超过提示付款期限提示付款的,代理付款行不予受理。 ___
A. 10天
B. 一个月
C. 三个月
D. 六个月
【单选题】
银行承兑汇票承兑期限最长不得超过( )。 ___
A. 3个月
B. 6个月
C. 9个月
D. 12个月
【单选题】
商业承兑汇票的付款期限,最长不超过( )。 ___
A. 一个月
B. 三个月
C. 六个月
D. 1年
【单选题】
银行本票自出票日起,付款期限最长不超过( ),超过提示付款期限的,代理付款人不予受理。 ___
A. 一个月
B. 二个月
C. 三个月
D. 六个月
【单选题】
行内汇划的运行时序由省联社统一规定,一般情况下与( )运行时序一致,特殊情况省联社另行通知。 ___
A. 小额支付系统
B. 大额支付系统
C. 同城票据交换系统
D. 支票影响交换系统
【单选题】
大额支付系统的运行工作日未国家法定工作日,每个工作日分为五个阶段,正确的处理流程是( ) ___
A. 营业准备→日间处理→业务截止→清算窗口→日终处理
B. 营业准备→日间处理→清算窗口→业务截止→日终处理
C. 营业准备→日间处理→日终处理→业务截止→清算窗口
D. 营业准备→日间处理→业务截止→日终处理→清算窗口
【单选题】
大额支付系统的业务处理原则是往账业务( )。 ___
A. 谁发起、谁负责
B. 谁确认,谁负责
C. 谁发起、谁确认
D. 谁负责、谁发起
【单选题】
大额支付系统的业务处理原则是来账业务( )。 ___
A. 谁确认,谁负责
B. 谁发起、谁负责
C. 谁发起、谁确认
D. 谁接收、谁确认
【单选题】
小额支付系统实行7×24小时不间断运行,前一日( )至当日( )为小额支付系统的一个工作日。 ___
A. 10:00 10:00
B. 12:00 12:00
C. 16:00 16:00
D. 17:00 17:00
【单选题】
小额支付系统的业务处理原则是往账业务( )。 ___
A. 谁发起、谁确认、谁负责
B. 谁确认、谁回执、谁负责
C. 谁发起、谁负责
D. 谁发起、谁确认
【单选题】
小额支付系统的业务处理原则是来账业务( )。 ___
A. 谁发起、谁确认、谁负责
B. 谁确认、谁回执、谁负责
C. 谁接收、谁确认、谁负责
D. 谁接收、谁负责、谁回执
【单选题】
办理跨行通存业务,规定时间内未收到开户行返回的回执, 系统自动向人民银行发起业务冲正申请,收到人民银行冲正成功的通知,则说明原通存交易失败,系统自动进行账务冲正,更新业务状态为( )。 ___
A. 已处理
B. 已确认
C. 已冲正
D. 失败
【单选题】
农信银汇出社可以对已经发送的处在( )状态的汇兑、委托收款、托收承付等往账业务进行撤销。 ___