【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
推荐试题
【单选题】
履行费用的负担不明确,同时不能达成补充协议的,则___。
A. 由享有权利一方负担
B. 由履行义务一方负担
C. 由享有权利一方或履行义务一方负担
D. 由享有权利一方和履行义务一方共同负担
【单选题】
申请经营国内旅游业务和入境旅游业务的,受理申请的旅游主管部门应当自受理申请之日起___个工作日内做出许可或者不予许可的决定。
A. 7 个工作日
B. 10 个工作日
C. 20 个工作日
D. 30 个工作日
【单选题】
下列关于旅行社设立的服务网点说法正确的是___。
A. 具有法人资格
B. 在设立社所在地的设区的市的行政区划内设立
C. 实行统一管理、财务、招徕、接待制度规范
D. 服务网点的名称、标牌可以不包括设立社名称和服务网点所在地的地名
【单选题】
国家对特殊食品实行严格监督管理,下列不属于国家严格监督管理范畴的食品是___。
A. 保健食品
B. 特殊医学用途配方食品
C. 老年人配方食品
D. 婴幼儿配方食品
【单选题】
下列符合旅游投诉受理条件的情形有___。
A. 人民法院已经受理的
B. 旅游投诉处理机构已经作出处理,但出现新情况、新理由的
C. 社会调解机构已经处理的
D. 超过旅游合同结束之日 90 天的
【单选题】
下列不属于合同基本条款的是___。
A. 标的
B. 质量
C. 价款
D. 保密条款
【单选题】
在国内航空运输中,承运人对每名旅客的人身赔偿责任限额为___。
A. 20 万元
B. 30 万元
C. 40 万元
D. 50 万元
【单选题】
“专职导游”是指旅行社正式导游,他们与旅行社签有正式的用工合同。___
【单选题】
旅游行业的核心价值观是“游客为本、服务至诚”。___
【单选题】
世界上第一次有商业性导游陪同的旅游活动,是托马斯·库克 1841 年组团到苏格兰的旅行。___
【单选题】
导游服务是脑力劳动和体力劳动的高度结合,没有大专以上文化程度是做不好导游工作的。___
【单选题】
小包价旅游团由旅行社提供的服务项目包括城市间往返交通、各地住宿和导游服务___。
【单选题】
导游接受游客委托办事,宜选择“我办事、你放心”类语言使客人放心。___
【单选题】
旅游者患一般性疾病,导游可建议其离团休息,并告知医疗费用自理。___
【单选题】
导游讲解的虚实结合法,要求导游不能只讲故事和传说,还应当进一步说明故事和传说反映的历史事实或者科学的原理。___
【单选题】
根据民航局的规定,出生不足 14 天的婴儿和醉酒的旅客不得乘坐民航客机。 ___
【单选题】
参加海外大学面试的学生和旅居国外的侨民,可向我国外事部门申请办理中华人民共和国护照。___
【单选题】
在汽车行进途中,导游要多与司机闲聊,避免司机疲劳驾驶。___
【单选题】
高质量导游服务的三要素是语言、知识和态度。___
【单选题】
导游职业道德三大意识是政治意识、敬业意识和服务意识。___
【单选题】
女士在正式场合穿套裙时,可将上衣衣扣部分解开。___
【单选题】
导游员不能向游客推销商品,更不能向商家索要回扣。___
【单选题】
2016 年 8 月国家旅游局下发《关于深化导游体制改革加强导游队伍建设的意见》,宣布取消导游资格证三年有效的规定,明确导游资格证终身有效。___
【单选题】
全陪作为国内组团社的代表,负责保证旅游计划的落实,在整个旅游活动中起主导作用。___
【单选题】
导游服务质量的优劣,直接影响着旅游产品的销售,这是导游服务具有信息反馈作用的具体体现。___
【单选题】
在旅游过程中,导游人员要以身作则,遵守文明旅游规范,并引导旅游者开展文明旅游活动,这是导游人员的基本职责。___
【单选题】
导游人员可以适当使用香水,但应注意适量,以 3 米左右的距离内能闻到香味较为合适。___
【单选题】
穿西装时,衬衫的袖子最好露出西服袖口 1 厘米左右。___
【单选题】
握手时间的长短可根据握手双方的关系亲密程度灵活掌握,初次见面一般握手不应超过 2 秒钟。___
【单选题】
在涉外交往中,一旦涉及位置的排列,原则上都讲究右尊左卑、右高左低。___
【单选题】
西餐礼仪规范中,男客人应帮助其左边的女宾挪动一下椅___
【单选题】
地陪到机场接团,应提前 10 分钟到达。___
【单选题】
地陪接到旅游团集合登车后,用手指逐一清点人数,清点无误后方可示意司机开车。___
【单选题】
游客肌肉拉伤,24 小时内不可对伤处进行热敷和按摩,只能进行冷敷。 ___
【单选题】
散客包价旅游在我国是指 10 人以下不提供全陪服务的包价旅游。___
【单选题】
为了防止地接社向导游员下达接待任务时出现失误,在接团前导游员应先与全陪核对各自的行程安排。___
【单选题】
旅游者进入酒店后,地陪应到前台办理住店手续,并将房卡分发给旅游者, 告诉全陪和领队自己的房间号,以便联系。___
【单选题】
旅游者上下车时,导游员应恭候在车门旁,热情地搀扶和协助每一位旅游者。 ___
