【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
推荐试题
【单选题】
25设备标识为黄色则表示该设备( ) ___
A. 合格
B. 降级使用
C. 停用
D. 不合格
【多选题】
1公司特种作业项目有:是指( )等 ___
A. 低压电工作业
B. 高压电工作业
C. 金属焊接切割作业
D. 起重机械作业
E. 锅炉作业、压力容器设备作业
F. 危险化学品安全作业
【多选题】
2职工有下列情形之一的( ),应当认定为工伤 ___
A. 在工作时间和工作场所内,因工作原因受到事故伤害的
B. 在工作时间和工作场所内,因履行工作职责受到暴力等意外伤害的
C. 自杀或自残的
D. 因工外出期间,由于工作原因受到伤害或者发生事故下落不明的
E. 在上下班途中,受到非本人主要责任的交通事故或者城市轨道交通、客运轮渡、火车事故伤害的
【多选题】
3享受按月领取基本养老金的企业员工,应同时具备( )条件 ___
A. 按规定缴纳养老保险费
B. 达到国家规定的退休年龄
C. 达到规定的缴费年限
D. 达到规定的工作年限
【多选题】
4因工伤发生的下列费用,按照国家规定可以从工伤保险基金中支付( ) ___
A. 住院伙食补助费
B. 停工留薪期的工资
C. 到统筹地区以外就医的交通食宿费
D. 终止劳动合同时应当享受的一次性伤残就业补助金
E. 终止或解除劳动合同时,应当享受的一次性医疗补助金
【多选题】
公司员工招聘的基本条件是( ) ___
A. 年满18周岁
B. 高中及以上学历
C. 身体健康,无行业、国家规定的岗位禁忌症
D. 无违法乱纪前科
【多选题】
员工在试用期内存在哪些行为或事实即为不符合公司录用条件。( )___
A. 试用期内请假超过5次
B. 试用期内累计请假天数超过15天
C. 试用期内旷工行为超过2次
D. 试用期内不服从公司工作安排
E. 试用期内有盗窃行为
【多选题】
7内部招聘的基本原则是( ) ___
A. 公开招聘与基础推荐相结合的原则
B. 笔试、面试相结合的原则
C. 注重实绩,择优聘用的原则
D. 岗位与知识、工作经验相匹配的原则
【多选题】
8失业人员失业后领取失业保险金,必须符合的条件( ) ___
A. 参加工作满1年
B. 失业前用人单位和本人已经缴纳失业保险费满1年的
C. 非因本人意愿中断就业的
D. 已经进行失业登记,并有求职要求的
E. 从事自谋职业的
【多选题】
9以下情形,因私不享受工伤保险待遇的情形有( ) ___
A. 在工作时间、工作区域内从事与本人履行职责无关的活动负伤
B. 因参加单位组织的旅游、娱乐活动负伤
C. 受单位领导指派从事私人活动负伤
D. 在下班途中遭受非本人负主要责任的交通事故受伤
【多选题】
10公司经常开展的培训形式有( ) ___
A. 集中授课
B. 模拟演练
C. 岗位练兵
D. 技能竞赛
E. 师带徒
【多选题】
11以下情形中,属于违法不享受工伤保险待遇的情形有( )。 ___
A. 无证驾驶机动车辆
B. 自伤自残
C. 酒后开车
D. 依照《治安管理处罚条例》应受到行政处罚的行为
【多选题】
12属于严重违反公司规章制度的情形有( )。 ___
A. 初次分配3日内不报到或调整工作岗位5日内不报到的
B. 连续旷工超过5天或12个月内累计旷工超过10天的
C. 盗窃公司财务价值300元以上或不足300元但有两次以上盗窃行为,或监守自盗、内外勾结作案的
D. 年度内给予警告处分超过2次的
E. 酗酒闹事或打架斗殴,致人伤、残医疗费在2000元以上或造成经济损失1000元以上,负主要责任的
【多选题】
13员工具有哪些情形,公司可以直接解除劳动合同。( ) ___
A. 试用期内不符合录用条件的
B. 严重违反公司规章制度的
C. 严重失职、营私舞弊,给公司造成重大损害的
D. 被依法追究刑事责任的
E. 与其他单位建立劳动关系,影响本职工作的
【多选题】
14员工具有哪些情形,劳动合同期满可不予续订劳动合同。( ) ___
A. 连续两个年度绩效考评结果为需改进的
B. 有旷工行为或经常违法劳动纪律的
C. 合同期内被警告超过3次的
D. 合同期内经常请假,1年内超过3个月的
E. 不服从公司分配的
【多选题】
15员工具有哪些行为公司可以给予警告处分。( ) ___
A. 经常违反劳动纪律,经批评仍不改正的
B. 旷工在5天以下的
C. 年度绩效考评等级为“需改进”的
D. 酗酒闹事扰乱工作秩序的
E. 服务态度恶劣,言行不文明,影响客户关系,损害公司形象的
【多选题】
16员工年度绩效考评结果分为哪几个等级。( ) ___
【判断题】
我公司住房缴费金缴存比例为单位8%,个人8%
【判断题】
库存备件应分类存放,按期保养,防止锈蚀,并实行标签管理,严禁废旧与新购的物资混放。
【判断题】
所有特种作业取证费用及证件领取工作均由集团人事部门统一管理,不予许个人缴费及领证行为。
【判断题】
生产单位未按规定安排取证或个人自行取证的费用不予报销。
【判断题】
员工离职手续办理结束后,工资在每月实际发薪日结清工资。未办理离职手续或离职手续未办理结束的,公司暂不予结算未发的工资。
【判断题】
员工为公司提供伪造或虚假的个人资料,而被录用的,属于严重违反公司规章制度
【判断题】
员工退休前非因工死亡或退休后死亡的,其养老保险个人帐户在可以继承
【判断题】
因个人原因未按规定复审,导致操作证失效的,自取证以来的各项取审证费用由个人全部承担。
【判断题】
基本养老保险个人账户不得提前支取,记账利率不得低于银行存款利率,免征利息税
【判断题】
员工请病假超过一个月,不需要到集团人事部门备案。
【判断题】
员工患病或非因公负伤,医疗期满后不能从事原工作也不服从公司调配或调配后仍不能坚持工作的,公司可以解除劳动合同。
【判断题】
公司能不能采取短信、邮件、微信等电子方式送到《解除合同通知书》。
【判断题】
未请假或请假未经批准而擅离职守、弄虚作假骗取事假者均视同旷工。
【判断题】
特种作业人员取、审证时发生的体检费、培训费、考务费、证书费等费用由公司报销。因补考发生的各项费用由个人承担。
【判断题】
员工在试用期内被发现有精神疾病、肢体残疾而在面试时未告知,属于试用期不符合录用条件的行为。
【单选题】
《职业病防治法》所称职业病,是指()的劳动者在职业活动中,因接触粉尘、放射性物质和其它有毒、有害因素而引起的疾病。___
A. 企业、事业单位
B. 企业、事业单位和个体经济组织
C. 企业、政府单位
D. 企业、政府单位和事业单位
【单选题】
2职业病防治工作的方针是()。 ___
A. 预防为主,防治结合
B. 分类管理,综合管理"
C. 行业自律,职工参与
D. 单位负责,行政机关参与"
【单选题】
3粉尘是能较长时间漂浮在空气中的()。 ___
【单选题】
4尘肺病患者在脱离岗位后,疾病() ___
A. 不会发展
B. 仍可继续发展
C. 自行消失
【单选题】
5我们的综合防尘和降尘措施可以概括为“革、()()、密、护、管、教、查”八字方针。() ___
【单选题】
6在生产车间及操作场所,工人每天连续接触噪声8小时,噪声不得超过()分贝。 ___
【单选题】
8一旦发现有人晕倒在有限或密闭容器内,下面最适合的急救方法是()。___
A. 第一时间跳下去,把中毒者背上来
B. 腰间系上绳子,第一时间跳下去,把中毒者拉上来
C. 佩戴防毒面具或空气呼吸器,在有人监督的情况下施救
