【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
推荐试题
【多选题】
目前各级组织、各类人员绩效等级评定结果已广泛应用于___等企业管理领域。
A. 薪酬分配
B. 岗位调整
C. 人才评价
D. 评优评先
【多选题】
基本条件评定为A等级的员工,除业绩考核优秀外,必须满足以下基本条件___
A. 品德端正,有较高的职业素养
B. 具有较强的事业心、责任感和团队精神
C. 具有较好的基础理论与专业知识、丰富的实践经验
D. 工作年限满足一定的要求
【多选题】
年度考核期出现以下哪种情况的员工,直接认定为C等级员工___。
A. 因个人问题受到各单位正式通报批评的
B. 未完成公司统一纳入考核的培训学习任务的
C. 经各单位核实的长期不在岗人员
D. 其他经各单位认定的一般违规违纪问题
【多选题】
凡年度考核期内出现以下___情况的员工,直接认定为C等级员工。
A. 未完成公司统一纳入考核的培训学习任务的
B. 未经各级人力资源管理部门办理正式手续的违规借用、借调和帮扶人员
C. 在公司各单位考勤管理中违反日常管理条例或工作律的(一年达到2次)
D. 因个人问题受到各单位正式通报批评的
【多选题】
各级绩效经理人要提高思想认识、增强情感强度,切实维护绩效等级评定___的企业内部环境。
【多选题】
年度考核期,党员受到___处分的,直接认定为D等级员工。
A. 党内警告
B. 党内严重警告
C. 撤销党内职务
D. 留党察看
【多选题】
各单位要广泛征求基层意见,摸清情况,结合自身实际制定本单位操作细则,明确___级员工评定条件,鼓励试点开展月度绩效等级评定,推动绩效等级评定工作有序开展。
【多选题】
各单位要将绩效等级评定的___纳入各级绩效经理人履职培训的必备内容。
A. 结果应用
B. 工作流程
C. 评定标准
D. 工作要求
【多选题】
等级评定覆盖的各级组织包括___等统一行文的批复机构。
A. 单位
B. 部门
C. 工区
D. 站所<班组>
【多选题】
等级评定覆盖的各类人员包括___等全体在册在岗人员。
A. 单位负责人
B. 部门负责人
C. 管理人员
D. 一线员工
【多选题】
评定为A等级的员工,必须满足以下基本条件:___
A. 有较高的职业素养
B. 崇尚科学
C. 作风正派
D. 能够胜任本专业领域的日常任务
【多选题】
年度考核期出现以下哪种情况的员工,直接认定为D等级员工___。
A. 员工当年绩效表现经所在单位认定未达到岗位工作基本要求的
B. 未经各级人力资源管理部门办理正式手续的违规借用、借调和帮扶人员
C. 员工发生奖惩规定中涉及到的违规违纪行为,被给予记过处分的
D. 员工发生奖惩规定中涉及到的违规违纪行为,被给予留用察看处分的
E. 其他经各单位认定的严重违规违纪问题
【多选题】
绩效经理人履职管理的基本原则有___。
A. 分层与分类结合
B. 责任与权力统一
C. 激励与约束并重
D. 业绩考核与综合评价结合
【多选题】
公司各级人力资源管理部门是绩效经理人的归口管理部门,负责___所属各级各类绩效经理人管理工作。
【多选题】
依据下属员工绩效等级结果,提名推荐员工在___等方面的个人发展建议。
A. 表彰奖励
B. 岗位调整
C. 专家人才
D. 职业培训
【多选题】
各级绩效经理人依据管理要求,按照绩效合约和工作表现对下属员工___等进行周期性考核评价。
A. 工作业绩
B. 态度能力
C. 工作纪律
D. 创新能力
【多选题】
绩效经理人要严格按照绩效管理“事前、事中、事后”规定流程开展工作,在一个评价周期内完成___等各阶段任务
A. 绩效计划
B. 绩效实施
C. 绩效评价
D. 绩效反馈与改进
【多选题】
员工绩效等级评定结果要与___等发展应用直接关联,让“积分越高、空间越大”成为个人职业成长新常态。
A. 表彰奖励
B. 转正定级
C. 岗位晋升
D. 人才选拔
【多选题】
素质测评主要考核绩效经理人在___等方面灵活运用知识,解决实际问题的能力。
A. 管理理念
B. 团队建设
C. 政策掌握
D. 工具使用
E. 实战技能
【多选题】
各级绩效经理人评价结果分为___四个等级。
A. 优秀
B. 良好
C. 差
D. 称职
E. 不称职
【多选题】
绩效经理人出现以下___情形,直接认定为“不称职”。
A. 在绩效管理工作中不严格履行绩效经理人职责,或出现经各单位认定的重大责任性差错的
B. 无故不参加各单位统一组织的绩效经理人履职培训或培训测评结果不及格的
C. 员工反映绩效经理人滥用职权且经各单位调查属实的
D. 其他经各单位认定为“不称职”的事项
【多选题】
绩效经理人履职成效评估结果纳入个人年度绩效考核,并与___等应用直接挂钩。
A. 干部管理
B. 评先评优
C. 薪档调整
D. 职称评定
【多选题】
基本理念培训重点包括绩效管理的___、绩效管理政策规定、管理心理学等内容。
A. 工具使用
B. 基本概念
C. 核心认知
D. 专业方法
【多选题】
实操技能培训重点包括___等内容。
A. 绩效工具使用
B. 指标设计提炼
C. 绩效面谈模型
D. 辅导沟通技巧
E. 信息系统应用
【多选题】
下面说法正确的是___。
A. 年度被评定为“优秀”的绩效经理人个人绩效考核得分可给予10分奖励加分
B. 年度被评定为“良好”的绩效经理人个人绩效考核得分可给予5分奖励加分
C. 年度被评定为“不称职”的绩效经理人个人绩效等级直接认定为D级
D. 年度被评定为“不称职”的绩效经理人个人绩效等级直接认定为C级
【多选题】
下面说法正确的是___。
A. 年度被评定为“优秀”的绩效经理人在薪档积分时可给予0.5分的加分奖励
B. 年度被评定为“良好”的绩效经理人在薪档积分时可给予0.5分的加分奖励
C. 年度被评定为“不称职”的绩效经理人在薪档积分时可给予0.5分的扣分处罚
D. 年度被评定为“不称职”的绩效经理人在薪档积分时给予积分清零的扣分处罚
【多选题】
绩效经理人要通过反馈面谈与员工建立良好的绩效伙伴关系,___,实现组织绩效和个人绩效共同提升。
A. 与员工共同深入分析
B. 查找工作中存在的问题
C. 提出改进措施
D. 帮助员工成长
【多选题】
绩效经理人要充分履行沟通与反馈责任,___等各级绩效直线经理要分级定期开展绩效面谈。
A. 企业负责人
B. 单位负责人
C. 部门负责人
D. 班组长
【判断题】
员工惩处主要包括纪律处分、 经济处罚和组织处理三种方式, 三种惩处方式应单独运用
【判断题】
对获得公司各级表彰的集体和个人,应当给予一次性物质奖励
【判断题】
表彰项目类别主要有综合类、专业工作类、专项工作类和竞赛考试类
【判断题】
同一事件中涉及多项违规违纪行为的,按不低于所适用的最低惩处标准处理
【判断题】
员工在一年内获得两次以上相同类别表彰的,按照就高原则进行物质奖励,并可重复奖励
【判断题】
公司员工奖惩工作办公室设在国网人资部,归口管理公司系统员工奖惩工作,负责拟订公司奖惩管理制度、执行公司奖惩决定等
【判断题】
获得国家电网公司青年岗位能手、优秀班组长荣誉称号的,一次性奖励4000元
【判断题】
对员工的奖励包括通报表扬、表彰并授予荣誉称号和物质奖励
【判断题】
对员工惩处的纪律处分包括:警告、记过、记大过、降级(降职)、撤职、留用察看、解除劳动合同
【判断题】
对员工惩处的纪律处分中,记过处分的期限是6个月,扣发6个月绩效薪金
【判断题】
制定员工奖惩等相关规章制度,需经本单位员工奖惩办公室和工会审议通过
【判断题】
在对员工进行经济处罚时,记过处罚标准是扣发6个月绩效薪金
