【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
推荐试题
【单选题】
党的基层组织是党在社会基层组织中的___,是党的全部工作和战斗力的基础。
A. 基础
B. 细胞
C. 核心
D. 战斗堡垒
【单选题】
预备党员的权利,除了没有___以外,同正式党员一样。
A. 表决权、选举权和被选举权
B. 表决权、被选举权
C. 选举权、被选举权
D. 表决权
【单选题】
《党章》规定,党员必须坚持___高于一切,个人利益服从党和人民的利益,吃苦在前,享受在后,克己奉公,多做贡献。
A. 个人利益
B. 局部利益
C. 集体利益
D. 党和人民的利益
【单选题】
在现阶段,我国社会的主要矛盾是人民日益增长的美好生活需要和___的发展之间的矛盾。
A. 不完善不充足
B. 不合理不均衡
C. 不平衡不充分
D. 不合理不充足
【单选题】
由于国内的因素和国际的影响,___还在一定范围内长期存在,在某种条件下还有可能激化,但已经不是主要矛盾。
A. 意识形态斗争
B. 宗教极端势力
C. 阶级斗争
D. 境外敌对势力
【单选题】
在新世纪新时代,经济和社会发展的战略目标是,到新中国成立一百年时,全面建成社会主义___强国。
A. 机械化
B. 科技化
C. 信息化
D. 现代化
【单选题】
坚持___,是我们的强国之路。
A. 发展军事
B. 改革开放
C. 民主法治
D. 从严治党
【单选题】
坚持___、执政为民,发扬党的优良传统和作风,不断提高党的领导水平和执政水平。
A. 民主集中
B. 依法治国
C. 立党为公
D. 从严治党
【单选题】
___是中国特色社会主义最本质的特征,是中国特色社会主义制度的最大优势。
A. 中国共产党的领导
B. 政治协商
C. 民主集中制
D. 改革开放
【单选题】
党的基层委员会、总支部委员会、支部委员会每届任期___。
A. 三年至五年
B. 两年至三年
C. 四年至五年
D. 五年以上
【单选题】
正式党员不足3人的单位,应当按照地域相邻、行业相近、规模适当、便于管理的原则,成立___。
A. 党小组
B. 党支部
C. 党总支
D. 联合党支部
【单选题】
党支部党员大会是党支部的议事决策机构,由全体党员参加,一般___召开1次。
A. 每月
B. 每季度
C. 每半年
D. 每年
【多选题】
召开党员大会进行换届选举,其职权主要是:___
A. 听取和审查党的委员会(基层委员会或总支部委员会或支部委员会)的报告
B. 讨论本级党组织及党组织职权范围内的重大问题并作出决议
C. 选举党的委员会(基层委员会或总支部委员会或支部委员会)及出席上级党代表大会或党代表会议的代表
【多选题】
党的总支部、支部委员会委员的产生,一般要经过以下程序:___
A. 总支部委员会(支部委员会)确定下届党的总支部委员会(支部委员会)组成原则。
B. 党的总支部委员会(支部委员会)组织全体党员酝酿推荐,并根据多数党员的意见提出候选人初步人选名单。
C. 党的总支部委员会(支部委员会)组织支部或党小组酝酿候选人初步人选,并根据多数党员意见确定候选人预备人员,报上级党组织审批。
D. 党的总支部委员会(支部委员会)将候选人预备名单提交党员大会酝酿,并讨论根据多数党员意见确定候选人,由大会进行选举。
【多选题】
选举党的委员会委员、候补委员应注意几点:___
A. 要按照党章、有关党组织选举工作条例和党员大会选举办法办事。
B. 要充分体现选举人的意志,任何组织和个人不得以任何方式强迫选举人选举某个人或不选举某个人。
C. 认真做好选举的组织实施工作,保证选举工作的顺利进行。
【多选题】
为了保证党的基层组织的选举工作能够顺利进行,党员因下列情形不能参加选举的,经报上级党组织同意,并经党员大会通过,可以不计算在应到会人数之内:___
A. 患有精神病或其他疾病导致不能表达本人意志的;
B. 自费出国半年以上的;
C. 虽未收到留党察看以上党纪处分,但正在服刑的;
D. 年老体弱卧床不起和长期生病生活不能自理的;
E. 工作调动、下派锻炼、蹲点、外出学习或工作半年以上等,按规定应转走正式组织关系而没有转走的。
【多选题】
计票人的职责:___
A. 在监票人监督下分发、清点和计算选票;
B. 负责监督选举的全过程;
C. 负责审核参加选举的人数、发出选票数和收回选票数,对有争议的选票作出鉴别或裁决;
D. 在计票结果报告单上签字。
【多选题】
在党内选举时,选举人对候选人可以投___
【多选题】
由于工作变动或其他原因,党支部委员出现缺额,影响党支部工作的正常开展,要召开支部党员大会进行补选。有下列情况之一者,均应视为缺额,应予补选:___
A. 党支部委员因故调离,或本人辞职;
B. 党支部委员离休、退休或患严重疾病不能履行职务;
C. 党支部委员受到撤销党内职务以上处分的。
【多选题】
三会一课”中的“三会”是指___。
A. 支部党员大会
B. 支部委员会
C. 党小组会
D. 党课
【多选题】
党支部是党的基础组织,担负直接教育党员、管理党员、___、宣传群众、凝聚群众、服务群众的职责。的职责。
A. 监视党员、
B. 监督党员
C. 组织群众
D. 联系群众
【多选题】
正式党员不足3人的单位,应当按照___的原则,成立联合党支部。
A. 地域相邻
B. 行业相近
C. 规模适当
D. 便于管理
【多选题】
对要求入党的积极分子进行教育和培养,做好经常性的发展党员工作,重视在___发展党员。
A. 生产一线
B. 工作一线
C. 青年员工
D. 机关员工
【多选题】
党支部___,每年谈心谈话一般不少于1次。
A. 委员之间
B. 委员和党员
C. 党员和党员
D. 党员和积极分子
【多选题】
党委[支部]必须按照___的原则,讨论决定重大问题。
A. 集体领导
B. 民主集中
C. 个别酝酿
D. 会议决定
【多选题】
申请入党的人,必须履行下列哪些手续才能成为正式党员:___
A. 填写入党志愿书,有两名正式党员作介绍人
B. 民主评议和公示
C. 经过支部大会通过和上级党组织批准
D. 经过预备期的考察
【多选题】
党员如果没有正当理由,连续六个月不参加党的组织生活,___,就被认为是自行脱党。
A. 或不汇报思想
B. 或不交纳党费
C. 或不起模范作用
D. 或不做党所分配的工作
【多选题】
下列哪些属于基层党支部书记考核内容:___
A. 队伍建设
B. 党务管理
C. 企务党务公开
D. 学习培训
【多选题】
下面哪些不是“三会一课”的内容?
A. 党政联席会
B. 支部党员大会
C. 党课
D. 党组会
【多选题】
一个国家、一个政党,领导核心至关重要。全党必须自觉在___同党中央保持高度一致。
A. 思想上
B. 政治上
C. 步骤上
D. 行动上
【多选题】
“两个一百年”奋斗目标中的两个“一百年”是指___。
A. 建党一百年
B. 建军一百年
C. 建国一百年
D. 实现社会主义现代化
【多选题】
党费必须用于党的活动,下列属于党费使用范围的有___。
A. 培训党员
B. 购买用于开展党员教育的报刊、资料、音像制品和设备
C. 表彰先进基层党组织、优秀共产党员和优秀党务工作者
D. 组织文体活动
【多选题】
党小组组长由___产生。
A. 党支部指定
B. 群众推荐
C. 所在党小组党员推荐
D. 毛遂自荐
【多选题】
要增强党内生活的___,使各种方式的党内生活都有实质性内容,都能有针对性地解决问题,坚决反对党内生活中的自由主义、好人主义。
A. 政治性
B. 灵活性
C. 战斗性
D. 原则性
【多选题】
党支部是党的基础组织,担负直接教育党员、管理党员、监督党员和___的职责。
A. 组织群众
B. 宣传群众
C. 凝聚群众
D. 服务群众
【多选题】
以下哪些行为,是违反群众纪律的行为___。
A. 超标准、超范围向群众筹资筹劳、摊派费用,加重群众负担
B. 违反有关规定扣留、收缴群众款物或者处罚群众
C. 克扣群众财物,或者违反有关规定拖欠群众钱款
D. 在管理、服务活动中违反有关规定收取费用
【多选题】
四风问题主要是指___。
A. 形式主义
B. 官僚主义
C. 享乐主义
D. 奢靡之风
E. 个人主义
【多选题】
党的干部是党的事业的骨干,是人民的公仆,要做到___。
【多选题】
下列哪些行为属于违反生活纪律的行为。___
A. 生活奢靡、贪图享乐、追求低级趣味
B. 与他人发生不正当性关系
C. 利用职权、教养关系、从属关系或者其他相类似关系与他人发生性关系的
D. 违背社会公序良俗,在公共场所有不当行为
