【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
推荐试题
【单选题】
柴油机启动后,松开1QA后停机故障原因为___。
A. DLS线圈故障
B. 1—2YJ故障
C. 经济电阻RDLS断路,1—2YJ未接通,机油系统故障。
【单选题】
属于机车小修修程的项目是:___。
A. 恢复机车主要性能
B. 做故障诊断按状态修理
C. 关键部件解体检修
【单选题】
机车水阻试验前,可用___对电气系统进行耐压试验。
【单选题】
16V240ZJC型柴油机调控传动装置与16V240ZJB型柴油机相比,___。
A. 调控传动箱安装完全相同
B. 调控传动箱转了90°安装
C. 装在了其它位置
【单选题】
东风4D型机车与东风4B型机车相比,未取消的电气部件是:___。
A. 油量开关UK
B. 前、后增压器机油压力继电器3YJ、4YJ
C. 水温继电器WJ
【单选题】
东风4D型机车设置空气制动一动力制动联锁装置的目的是:___。
A. 机车施行电阻制动时使列车不能施行空气制动
B. 列车施行空气制动时使机车不能制动电阻
C. 施行电阻制动时自动降低或完全切除空气制动对机车的作用。
【单选题】
16V240ZJC型柴油机主机油泵采用:___。
A. 直齿齿轮泵
B. 双螺杆泵
C. 人字齿轮泵
【单选题】
柴油机油底壳起到构成___及储存汇流机油的作用。
【单选题】
盘车机构使用时,将滑动支架推向弹性联轴节,此时行程开关的触头___。
【单选题】
下列哪个部件属于高温水冷却部件。___
【单选题】
下列哪个部件属于低温水冷却部件。___
A. 气缸套
B. 增压器
C. 静液压油热交换器
【单选题】
人工扳动供油拉杆维持运行时,操作过急、过量时会引起柴油机___
【单选题】
静液压系统中,将液体的势能转换为机械能驱动冷却风扇旋转的部件为___
A. 静液压泵
B. 静液压马达
C. 温度控制阀
【单选题】
静液压系统的___是该系统的控制元件,起着自动控制冷却风扇变速的作用。
【单选题】
下列哪些部件属于联合调节器的功率调节机构。___
【单选题】
柴油机冒黑烟是因为:___。
A. 活塞、活塞环、缸套磨耗超限
B. 活塞环失去弹性或折损,使机油机窜入燃烧室
C. 机油稀释
【单选题】
柴油机冒蓝烟是因为:___。
A. 柴油机整定功率过高
B. 刮油环装反或刮油性能差
C. 冷却水温过高
【单选题】
柴油机冒白烟是因为:___。
A. 进气系统故障
B. 燃油中含有水分
C. 喷油器雾化不良
【单选题】
当机车空气滤清器太脏,柴油机进气压力降低时,将导致机车___。
A. 功率不足
B. 柴油机敲缸
C. 柴油机悠车
【单选题】
柴油机工作时,气缸壁上的油随着活塞的往复运动进入燃烧室,这种现象称为气环的___作用。
【单选题】
如果柴油机___过小,气阀受热膨胀后,将使气阀关闭不严,而发生漏气回火放炮等故障。
【单选题】
各喷油泵齿条实际拉出刻线差别太大时,会引起柴油机___
A. 冒蓝烟
B. 排气温度过高
C. 增压器喘振
【单选题】
机车运行中,哪些原因会引起增压器喘振:___。
A. 柴油机过载
B. 油水温度过低
C. 中冷水温低于45℃
【单选题】
喷油泵柱塞的上下往复运动是借助___的旋转实现的。
【单选题】
机车喷机油的原因有:___。
A. 柴油机供油量过大
B. 柴油机呼吸口堵塞
C. 增压器漏油
【单选题】
柴油机工作时,出现水温过高的原因有:___
A. 冷却风扇不转或转速低
B. 柴油机漏水
C. 润滑不良
【单选题】
膨胀水箱有油的原因有:___。
A. 热交换器泄漏
B. ,气缸盖裂损
C. 增压器漏油
【单选题】
机车上的组合式控制电器有:___。
A. 琴键开关
B. 司机控制器
C. 电磁接触器
【单选题】
中间继电器2ZJ的作用之一为:___。
A. 控制LLC线圈电路
B. 切断励磁机的励磁电路
C. 控制水温高信号灯3XD电路
【单选题】
机车上自动开关的作用是:___。
A. 防止电压过高
B. 自动保护和开关作用
C. 接通电路
【单选题】
启动滑油泵电机熔断器3RD的容量为:___
【单选题】
东风4B型机车装有___电阻制动装置。
【单选题】
机车上装有两个110V、8W的接地试灯,试灯的—端与蓄电池的正端相接的称为___。
【单选题】
磁场削弱电阻烧损的原因有:___。
A. 主发电机电流过大
B. 牵引电动机励磁绕组短路
C. 牵引电动机主极连线断路
【单选题】
运行中蓄电池放电的原因有:___。
A. QF转入固定发电
B. 熔断器2RD烧损
C. 熔断器1RD烧损
【单选题】
闭合燃油泵开关,RBC不吸合时,应检查___。
A. 16DZ
B. 3~4DZ
C. RBC线圈电路
【单选题】
当1YD或2YD电枢中的___为零,空压机工作时,造成熔断器4RD或5RD。
【单选题】
运行中由于___,启动发电机会突然转入固定发电。
A. 1DZ跳开
B. 2RD烧损
C. 电压调整器故障
