【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
推荐试题
【单选题】
生产经营___符合《食品安全法》的规定。
A. 超过保质期的食品
B. 被包装材料、容器、运输工具等污染的食品
C. 用非食品原料生产的食品
D. 有标签的预包装食品
【单选题】
利用新的食品原料生产食品,应当向___提交相关产品的安全性评估材料。
A. 卫生行政部门
B. 农业行政部门
C. 食品药品监督管理部门
D. 海关总署
【单选题】
食品生产经营企业的___应当落实企业食品安全管理制度,对本企业的食品安全工作全面负责。
A. 后勤人员
B. 员工
C. 中层以上领导
D. 主要负责人
【单选题】
食品生产企业的食品原料、食品添加剂、食品相关产品进货查验。记录和凭证保存期限不得少于产品保质期满后___;没有明确保质期的,保存期限不得少于____。
A. 3个月;1年
B. 3个月;2年
C. 6个月;1年
D. 6个月;2年
【单选题】
首次进口的保健食品中属于补充维生素、矿物质等营养物质的,应当报___食品药品监督管理部门备案;其他保健食品应当报____食品药品监督管理部门备案。
A. 国务院;国务院
B. 国务院;省级人民政府
C. 省级;市级人民政府
D. 市级;县级人民政府
【单选题】
进口的保健食品应当是___主管部门准许上市销售的产品。
A. 进口国(地区)
B. 出口国(地区)
C. 运抵国(地区)
D. 最终消费国(地区)
【单选题】
婴幼儿配方乳粉的产品配方应当经国务院___注册。
A. 卫生行政部门
B. 农业行政部门
C. 食品安全监督管理部门
D. 海关总署
【单选题】
向我国境内出口食品的境外出口商或者代理商应当向___备案。
A. 卫生行政部门
B. 海关
C. 农业行政部门
D. 国家食品药品监督管理局
【单选题】
进口商建立的食品进口和销售记录应当真实,保存期限不得少于___。
【单选题】
在中国境内市场销售的进口预包装食品,应当使用___标签。
A. 英文标签
B. 中文标签
C. 拼音标签
D. 法文标签
【单选题】
进口的食品、食品添加剂以及食品相关产品应当符合___。
A. 我国食品安全国家标准
B. 出口国国家食品安全标准
C. 国际通行食品安全标准
D. 合同约定的标准
【单选题】
食品安全标准的性质是___。
A. 鼓励性标准
B. 引导性标准
C. 强制性标准
D. 自愿性标准
【单选题】
对依照《食品安全法》规定实施的检验结论有异议的,食品生产经营者可以自收到检验结论___工作日内向实施抽样检验的食品药品监督管理部门或者其上一级食品药品监督管理部门提出复检申请。
A. 5个
B. 7个
C. 15个
D. 30个
【单选题】
食品生产者发现其生产的食品出现___的情况,应当立即停止生产,召回已经上市销售的食品,通知相关生产经营者和消费者,并记录召回和通知情况。
A. 不符合食品安全标准
B. 技术明显落后于业界水平
C. 食品口感受到公众质疑
D. 食品严重滞销
【单选题】
食品生产经营者对抽样检验结论有异议申请复检,复检结论表明食品合格的,复检费用由___承担。
A. 抽样食品生产经营者
B. 抽样检验的部门
C. 举报产品的消费者承
D. 初检检验机构
【单选题】
食品安全监督管理部门在进行抽样检验时,应当___。
A. 向企业索要样品
B. 购买样品
C. 要求消费者提供样品
D. 向企业收取检验成本费
【单选题】
国务院食品药品监督管理部门和其他有关部门获知有关食品安全风险信息后,应当立即核实并向___通报。
A. 卫生行政部门
B. 农业行政部门
C. 食品安全委员会
D. 质量监督部门
【单选题】
___是制定、修订食品安全标准和实施食品安全监督管理的科学依据。
A. 食品安全风险监测信息
B. 食品安全日常监管情况
C. 食品抽检结果
D. 食品安全风险评估结果
【单选题】
从事接触直接入口食品工作的人员患有痢疾、伤寒、___病毒性肝炎、戊型病毒性肝炎等消化道传染病的,食品生产经营者应当将其调整到其他不影响食品安全的工作岗位。
【单选题】
进境粮食实验室检测样品应当妥善存放并至少保留___,如检测异常需要对外出证的,样品应当至少保留_______。
A. 1个月;3个月
B. 2个月;5个月
C. 3个月;6个月
D. 6个月;12个月
【单选题】
进境粮食应当从___入境。
A. 进口收货人所在地口岸
B. 存储场所所在地口岸
C. 海关总署指定的口岸
D. 任意口岸
【单选题】
植物油进口商应配备熟悉我国质量安全相关规定的___,负责企业的食品安全管理。
A. 报关人员
B. 财务人员
C. 食品安全管理人员
D. 采购人员
【单选题】
进口食用植物油报检时,报检单“合同订立的特殊条款以及其他要求”栏中注明其产品___。
A. 境外生产企业名称
B. 品牌
C. 生产日期或者批号
D. 存储场所
【单选题】
第一批实施标识管理的农业转基因生物目录中的食用植物油不包括___。
A. 大豆油
B. 玉米油
C. 花生油
D. 油菜籽油
【单选题】
进口商或代理商在申报进口___食用植物油时,应提供运输工具前三航次装载货物名单。
A. 散装
B. 预包装
C. 桶装
D. 吨袋装
【单选题】
进口商或代理商在申报进口散装食用植物油时,应提供运输工具前___航次装载货物名单。
【单选题】
向中国出口的预包装食用植物油应当提供相应食品安全国家标准中规定___项目的检测报告。
A. 高风险
B. 低风险
C. 非首次进口
D. 首次进口
【单选题】
___对出口茶叶生产企业实施备案管理。
A. 海关
B. 市场监管总局
C. 农业农村部
D. 国家食品安全委员会
【单选题】
印度输华大米每一包装应有明显的“___”的中文字样。
A. 本产品输往中华人民共和国
B. 本产品输往中国
C. 本产品原产于印度
D. 本产品已经检验合格
【单选题】
海关对供港澳蔬菜种植基地和供港澳蔬菜生产加工企业实施___管理。
A. 注册登记
B. 审批
C. 备案
D. 驻场
【单选题】
《供港澳蔬菜检验检疫监督管理办法》规定,种植基地备案主体的供港澳蔬菜生产记录应当保持___。
【单选题】
供港澳蔬菜种植基地负责人发生变更的,应当自变更之日起___内向种植基地所在地海关申请办理种植基地备案变更手续。
A. 10日
B. 15日
C. 20日
D. 30日
【单选题】
使用船舶装载进境散装粮食的,检验检疫部门应当在锚地对___实施检验检疫,无重大异常质量安全情况后船舶方可进港。
A. 货物内层
B. 货物表层
C. 适载工具
D. 船舱
【单选题】
所有输华的日本食品、食用农产品和饲料需日本官方出具___。
A. 卫生证书
B. 装运前检验证书
C. 品质证书
D. 原产地证明
【单选题】
原产于日本___获得海关总署注册登记的日本大米加工厂生产的大米允许进口。
A. 福岛县
B. 新泻县
C. 长野县
D. 琦玉县
【单选题】
进境粮食货主应当在___,按照《进境动植物检疫审批管理办法》等规定申请办理检疫审批手续,取得《进境动植物检疫许可证》。
A. 报关前
B. 报关时
C. 签订贸易合同期间
D. 签订贸易合同前
【单选题】
( )是党对军队第一位的政治要求
A. 积极参加政治教育
B. 对党绝对忠诚
C. 对习主席负责
D. 圆满完成任务
【单选题】
( )的看齐,是最根本的看齐
A. 行动上
B. 思想上
C. 认识上
D. 政治上
【单选题】
军委主席作为党和国家最高军事领导机关的首长,对中央军委职权范围内的事项有( )
A. 一票否决
B. 建议权
C. 修改权
D. 完全决定权
【单选题】
( )体现了党对军队领导根本原则的核心要求
A. 军委主席负责制
B. 按级负责制
C. 党委负责制
D. 少数服从多数
