【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
推荐试题
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,在室外构架上工作,应在工作地点邻近带电部分的横梁上,悬挂“止步,高压危险!”标示牌。在邻近其他可能误登的带电构架上,应悬挂“禁止攀登,高压危险!”标示牌
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,填用线路第一种工作票的工作,工作负责人应在得到工作许可人的许可后,方可开始工作
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,在室内高压设备上工作时,应在工作地点两旁及对侧运行设备间隔的遮栏(围栏)上和禁止通行的过道遮栏(围栏)上悬挂“禁止攀登,高压危险!”标示牌
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,在属于同一电压等级、位于同一平面场所、安全措施不同、工作中不会触及带电导体且同时停、送电的几个电气连接部分的工作。可共用一张工作票
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,人员工作中与10kV及以下带电设备的距离大于0.35m小于0.7m,同时无绝缘隔板、安全遮栏等措施的,厂站设备应停电
【判断题】
依据《中国南方电网有限责任公司电力事故事件调查规程》,非计划停运或被迫停运。是指设备立即从可用状态改变到不可用状态,或设备损坏修复后未达到额定容量(参数)、额定运行工况的状态
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,一级动火时,动火部门负责人、消防(专职)人员应始终在现场监护
【判断题】
依据《中国南方电网有限责任公司电力事故事件调查规程》,变电站失压是指该变电站各级母线电压(包括站用电)均降到零
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,使用公司工作票到与接入公司电网的用户电气设备上工作时,工作票应由本单位签发,用户单位认可并签名
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,厂站第三种工作票、紧急抢修工作票及书面形式布置和记录必需签发
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,线路作业应在良好的天气下进行,遇有恶劣气象条件时,应停止工作
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,发生人身触电时,可不经许可,应立即断开有关设备的电源,但事后应及时报告设备有关单位
【判断题】
依据《中国南方电网有限责任公司电力事故事件调查规程》,事故事件发生后,事故事件相关单位应派专人严格保护现场,未经调查和记录的现场,不得任意变动
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,高处作业使用的脚手架应经验收合格后方可使用。上下脚手架应走斜道或梯子,作业人员不准沿脚手杆或栏杆等攀爬
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,成套接地线应由有透明护套的多股软铜线和专用线夹组成。接地线截面不应小于20mm2,并应满足装设地点短路电流的要求
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,停电操作,两个操作人员分约好晚18:00分进行
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,室外巡视工作应由有工作经验的人担任。未经批准的人员不得一人单独巡视。偏僻山区、夜间、事故、恶劣天气巡视必须由两人进行。暑天、大雪天或必要时,应由两人进行
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,非专业工种人员不应装拆脚手架,现场装拆等作业应安排专人进行监督;作业场地临近的输电线路等设施应采取防护措施;在地面应设有围栏和警示标识,非操作人员不得入内
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,单人巡视时,可以攀登杆塔或台架
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,高压线路工作票许可分为调度直接许可和调度间接许可两种许可方式
【判断题】
依据《中国南方电网有限责任公司电力安全工作规程》,经本单位批准允许单独巡视高压设备的人员,巡视高压设备时,可以进行其他工作,移开或越过遮栏
【单选题】
1. 驾驶舱及客舱温度由哪里调节___
【单选题】
前乘务员面板上有一个控制面板可调节每个区域温度,通常为多少度___
【单选题】
空气循环器失效时,什么可以使引气由相应的热交换器冷却?___
【单选题】
两个空调组件失效时,什么可以保证驾驶舱和客舱通风?___
A. 紧急冲压空气入口
B. 热空气活门
C. 调节空气活门
【单选题】
组件流量控制活门是:___
A. 气动操作电动控制
B. 电动操作气动控制
C. 自动控制
D. 人工控制
【单选题】
什么控制调节空气活门___
A. 组件控制器电动
B. 区域控制器气动
C. 区域控制器电动
【单选题】
温度调节是___
A. 由两个区域控制器及两个组件控制器控制
B. 由两个区域控制器及一个组件控制器控制
C. 由一个区域控制器及两个组件控制器控制
【单选题】
起飞和着陆期间冲压空气入口和出口折流板会关闭,下面哪种陈述正确___
A. 在起飞时自动关闭
B. 当推力手柄在或高于爬升卡位且轮速大于70kts
C. 着陆后速度低于70kts后15秒
【单选题】
区域控制器的通道1或2失效时___
A. 对区域温度调节没有影响
B. 对区域温度调节有影响
C. 区域温度控制在18度
D. 对应的区域温度调节丧失。
【单选题】
区域控制器的通道1和2失效时___
A. 温度调节在18度
B. 固定温度调节在24度
C. 固定温度在20度
【单选题】
组件控制器通道1和2失效时___
A. 组件出口温度由相应的防冰活门控制在1度到15度之间
B. 组件出口温度由相应的排气活门控制在12度±3度
C. 组件出口温度由相应的引气活门控制在12度±3度
【单选题】
增压系统是全自动的,由两个排气活门组成___
A. 每个活门有2个马达(一个自动,一个人工)
B. 每个活门有3个马达(两个自动,一个人工)
C. 每个活门有3个马达(一个自动,两个人工)
【单选题】
关于座舱压力控制的陈述哪个是正确的___
A. 在自动控制方式中一个控制器主用,另一个备用
B. 它使用两个完全不同的,独立的自动控制器
C. 它们进行自动座舱压力控制并为FCU产生信号
【单选题】
当冲压空气按钮调到ON位后,若压差小于1PSI时___
A. 排气活门驱动全开
B. 排气活门驱动至大约50%开
C. 排气活门驱动全关
【单选题】
自动增压控制如何工作___
A. 两套控制器一起工作
B. 一次只有一个控制器工作
【单选题】
着陆后多少秒排气活门完全打开以确保无剩余压差___
【单选题】
如果切断排气活门,应急冲压空气入口,电子设备通风舱外活门及组件流量控制活门,可以___
A. 按压水上迫降按钮
B. 按压冲压空气按钮
C. 按压排气活门按钮
【单选题】
客舱压差何时会出现琥珀色显示___
A. 压差小于等于0.3PSI或大于等于8.6PSI时
B. 压差小于等于-0.26PSI或大于等于8.85PSI时
C. 压差小于等于1PSI或大于等于8.9PSI时
