【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
推荐试题
【单选题】
以下哪个valve不属于PACK组件___
A. PACK流量控制valve
B. 旁通valve
C. 防冰valve
D. A+C
【单选题】
以下说法错误的是___
A. 当PACK1(PACK2)电门松出时,PACK流量控制valve关闭(电动)
B. 当摁压发动机灭火瓶释放电门,(防火按钮即可)PACK流量控制valve自动关闭
C. 当摁压DITCHING电门,PACK流量控制valve自动关闭
D. 当同侧发动机开始启动时,FCV关闭
【单选题】
PACK控制计算机的功能___
A. 根据area控制计算机的温度要求对相应的PACK组件进行基本的温度调节
B. 根据area控制计算机的流量要求对相应的PACK组件进行流量的监控
C. 根据相应area的温度要求,通过对热空气压力调节valve的控制,达到对相应area温度的控制
D. A+B
【单选题】
ACM中涡轮的作用___
A. 空气在涡轮中膨胀,达到相当低的温度
B. 空气在涡轮中膨胀作功,驱动ACM
C. 根据相应area的温度要求,通过对热空气压力调节valve的控制,达到对相应area温度的控制
D. A+B
【单选题】
不属于空调系统使用的气源是___
A. 应急冲压空气引气
B. PACK冲压进气门的引气
C. 发动机引气
D. APU引气
【单选题】
area温度控制器可以控制()___
A. 各TRIMVALVE
B. 2个PACKCONTROLLER
C. ACM
D. A+B
【单选题】
温度调节中,ZONECONTROLLER控制area温度的方法___
A. 根据相应area的温度要求,通过对热空气配平valve的控制,达到对相应area温度的控制
B. 参照最低的area温度需求,对两个PACK组件出口基本温度调节,达到对相应area温度的控制
C. 根据相应area的温度要求,通过对热空气压力调节valve的控制,达到对相应area温度的控制
D. 根据相应area的温度要求,通过对热空气压力调节valve的控制,达到对相应PACK出口温度的控制
【单选题】
经过配平热空气压力调节valve调节的热空气的压力超过客舱气压压力_______PSI。___
【单选题】
再循环风扇的作用是:___
A. 调节空气温度
B. 补充新鲜空气
C. 减少对引气系统的引气需求
D. B+C
【单选题】
PACK组件的作用是:___
A. 调节空气温度
B. 调节空气流量
C. 调节空气压力
D. A+B+C
【单选题】
地面空调车将空调气引入___________
A. PACK组件
B. 混合单元
C. 客舱
D. 引气总管
【单选题】
应急冲压空气进气口emergencyramairinlet将外部空气引入___________
A. PACK组件
B. 混合单元
C. 客舱
D. 主次级热交换器
【单选题】
_________情况下,需要使用应急冲压空气进气口___
A. 一台PACK组件故障
B. 热空气管路故障
C. 两台PACK组件同时故障
D. B+C
【单选题】
混合单元混合________________
A. 来自PACK1组件和来自PACK2组件的空气
B. 来自PACK组件和来自客舱再循环风扇的客舱空气
C. 来自PACK组件和来自热空气管路的热空气
D. B+C
【单选题】
厕所厨房area的通风空气来自___
A. 客舱
B. 货舱
C. 电子舱
D. 驾驶舱
【单选题】
电子舱系统冷却《ACSC》的功能是:___
A. 计算流量
B. 计算温度
C. 计算压力
D. A+B
【单选题】
通常,混合单元将PACK1的空调气输送至__________,PACK2的空调气输送至_________。___
A. 驾驶舱和前客舱、后客舱
B. 前客舱、后客舱
C. 驾驶舱、前客舱和后客舱
D. 客舱、货仓
【单选题】
择器:将两个温度调高,将一个温度调低,PACK进气门和PACK组件的旁通valve将___
A. 开大一些、开大一些
B. 开大一些、关小一些
C. 关小一些、关小一些
D. 关小一些、开大一些
【单选题】
A320增压客舱压力的保持由________来实现___
A. 外流valve
B. PACK组件
C. 热空气管路
D. A+C
【单选题】
当压缩机出口温度达到_________时,会触发PACK超温警告。___
A. 260°C
B. 215°C
C. 230°C
D. 200°C
【单选题】
当压缩机出口温度达到_________时,PACK流量valve开始减小引气流量。___
A. 260°C
B. 215°C
C. 230°C
D. 200°C
【单选题】
当发动机启动完成后________秒,同侧PACKFCV重新打开。___
【单选题】
春秋航空的A320种没有专用的通风系统的area是___
【单选题】
地面在正常情况下,电子设备舱的冷却气来源于:___
A. 空调管路
B. 机外
C. 空调舱内循环
D.
【单选题】
增压area包括___
A. 驾驶舱、客舱
B. 电子舱、货舱
C. A+B
D.
【单选题】
外流valve有___套控制系统___
【单选题】
当维修人员需要观察PACK组件相关参数时,应从下EACM()页面获得___
A. 引气页面
B. 空调页面
C. 增压页面
D.
【单选题】
当航后洗飞机前,对于空调系统部件,维护人员应该___
A. 人工关闭电子舱通风进口valve和电子舱通风出口valve
B. 人工关闭PACK空气进口valve和PACK空气出口valve
C. A+B
D. A+B
【单选题】
不能在EACM上提供出valve信息的是___
A. PACK流量控制valve
B. PACK防冰valve
C. PACK旁通valve
D.
【单选题】
机组反映在副驾驶PFD上FD杆指示偏差比较大,那么最可能的故障原因是___
A. F/OPFDDU
B. DMC2
C. FMGC2
D. FAC2
【单选题】
飞行曾稳计算机FAC不具有下列哪项功能:___
A. 导航计算
B. 特性速度计算
C. 偏航阻尼
D. 风切变探测
【单选题】
FAC具有下列哪项功能:___
A. 风切变探测。
B. 飞行操作指令计算
C. 速度保持
D. 升降舵控制
【单选题】
飞行指引FD衔接的条件是___
A. 系统完成加电测试(POWERUPTEST)后,自动衔接
B. ADIRU完成校准
C. A/P衔接
D. 在空中,衔接任意一部A/P
【单选题】
在一台MCDU1上对飞行计划进行的修改如何传送到MCDU2___
A. 直接相连
B. 通过FMGC2相连
C. 通过FMGC1和FMGC2相连
D. 通过FCU相连
【单选题】
飞行方式指示器FMA显示在什么地方?___
A. NDROSE-NAV模式下
B. NDPLAN模式下
C. PFD上部
D. ND永久显示区
【单选题】
飞行引导(FG)的功能是:___
A. 自动飞行、自动推力、飞行计划
B. 自动飞行、自动推力、飞行指引
C. 性能计算、飞行计划、飞行指引
D. 导航计算、自动飞行、飞行指引
【单选题】
当速度/马赫数在管理模式下时,FCU上速度/马赫数窗口显示___
A. 虚线
B. 当前实际速度值
C. 虚线和一个白色管理灯亮。
D. 目标速度和白色管理灯亮
【单选题】
FCU上LVL/CH灯什么时候亮___
A. 高度选择旋钮被拔出(pulled),且窗口显示高度与飞机实际高度不一致
B. V/S旋钮被拔出(pulled)
C. V/S旋钮被按入(pushed)
D. 高度选择旋钮被按入(pushed),且窗口显示高度与飞机实际高度不一致
【单选题】
下列哪种情况不是被AP的横向模式所控制___
A. 通过ELACs控制副翼
B. 通过ELACs和SECs控制扰流板
C. 通过ELACs控制THS
D. 通过BSCU控制前轮转弯
【单选题】
关于YAWDAMPPER的功用下列说法错误的是___
A. 自动飞行时发动机故障补偿
B. 方向舵配平
C. 阻尼荷兰滚
D. 巡航时协调转弯
