【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
推荐试题
【单选题】
无形资产的摊销年限一般情况不得低于___。
A. 3年
B. 5年
C. 10年
D. 20年
【单选题】
纳税人提供建筑服务采用预收款方式收款的,其纳税义务发生的时间为___。
A. 收到预收款的当天
B. 签订合同的当天
C. 索取款项凭据的当天
D. 完工的当天
【单选题】
供应商取得代开的增值税专用发票应盖___章。
A. 只盖供货单位的发票专用章
B. 只盖税务机关代开发票专用章
C. 同时盖税务机关代开发票专用章和供货单位的发票专用章
D. 无需盖任何章
【单选题】
国家需要重点扶持的高新技术产业,减按___的税率征收企业所得税。
A. 10%
B. 12%
C. 15%
D. 20%
【单选题】
下列各项中,超过税法规定的扣除限额部分,可以结转到以后年度扣除的是___。
A. 职工教育经费支出超过工资薪金总额的2.5%的部分
B. 向非金额企业借款的利息支出超过按照金融企业同期同类贷款利率计算的数额部分
C. 业务招待费超过税法规定标准的部分
D. 公益性捐赠超出标准部分
【单选题】
根据印花税的相关规定,下列表述正确的是___。
A. 多贴印花税票者,不得申请退税,但可以申请下期抵扣
B. 不论合同是否兑现或能否按期兑现,都应当缴纳印花税
C. 企业其他会计科目记载的资金转为实收资本或资本公积的资金不需要缴纳印花税
D. 企业与主管部门签订的租赁承包合同应按“财产租赁合同”缴纳印花税
【单选题】
下列不允许抵扣进项税额的凭证有___。
A. 增值税专用发票
B. 税控机动车销售统一发票
C. 海关进口增值税专用缴款书
D. 餐饮业增值税发票
【单选题】
建筑企业涉及的业务范围内,不征收增值税的项目是___
A. 银行存款利息收入
B. 统借统还业务利息收入
C. 融资租赁业务利息收入
D. 企业之间拆借利息收入
【单选题】
取得的下列凭据中哪项可以作为进项抵扣凭证___。
A. 食堂购买的冰箱发票
B. 餐饮发票
C. 出差火车发票
D. 取得的通行费发票
【单选题】
下列设备属于A类设备的有___
A. 5m3/h砼罐车
B. 1m3挖掘机
C. 15吨龙门吊
D. 15吨以上单钢轮压路机
【单选题】
中国交建定义___万元以上的设备为重大装备。
A. 100;
B. 200;
C. 300;
D. 500;
【单选题】
35000元以上的设备购置后,由___统一进行设备管理编号的下达。
A. 公司
B. 单位
C. 项目部
D. 无要求
【单选题】
投资项目事后评价原则上应于项目完成___年后进行,大型投资项目可适当后延。
【单选题】
子公司以公司资质独立实施的项目,项目资本金由公司垫付的,公司按照项目投资管理办法(一公局投发[2015]371号)中项目投资财务评价指标基准值的资本金财务内部收益率收取资本金投资收益,同时还将收取项目建安费用___%的价差收益。
【单选题】
项目公司资本金有公司统一支付,但项目公司实际资本金占用率不得超过___%。
【单选题】
政府购买服务项目,公司原则上收取项目评估时建设期价差收益的___,针对不同产品可结合项目标后预算适当浮动。
A. 30%
B. 40%
C. 45%
D. 50%
【单选题】
投资类项目建设管理单位信用评价等级分为好、中、差三个等级,其中得分X为___时,评价为“差”。
A. <75分
B. <80分
C. ≤75分
D. ≤80分
【单选题】
《中国交建项目投资评审管理办法》要求,专家评审会由投资评审机构组织召开,应至少包括___相关领域的专家参与。
A. 3名
B. 3名及以上
C. 2名
D. 2名及以上
【单选题】
《中国交建项目投资财务评价指标基准值(2017年)》规定,港口、码头项目的项目财务内部收益率FIRR (所得税前) ≥___%。
【单选题】
《中国交通建设股份有限公司项目投资后评价管理办法》要求,列入项目后评价年度计划的项目单位,应当在项目后评价年度计划下达后___内,向投资事业部报送项目自我总结评价报告。
A. 30天
B. 30个工作日
C. 45天
D. 45个工作日
【单选题】
PPP项目的区域选择应充分考虑地方财政能力、负债水平、政府信用、扶持政策等投资市场环境,PPP项目投资三类地区GDP总量要求超过()亿元的地级市、___亿元以上的县(市)。
A. 1000、500
B. 800、300
C. 1000、300
D. 800、500
【单选题】
BOT项目的融资主体是___。
A. 政府方代表
B. 社会投资人
C. 联合体牵头人
D. 项目公司
【单选题】
根据《中国交建投资资产盘活及处置办法》相关要求,下列哪个不属于投资资产___
A. 运营期的高速公路、一级公路、桥梁、隧道、轨道交通、综合管廊、港口码头、水利水务等投资项目相关权益(含特许经营权)
B. 投资项目所属资产及权益
C. 投资项目4年以上逾期应收账款、不良存货(投资类资产)
D. 投资形成的其他资产
【单选题】
投资项目事后评价的内容不包括:___
A. 项目决策评价
B. 建设实施评价
C. 建设经济效益评价
D. 财务指标评价
【单选题】
投资类项目建设管理单位信用评价实行一票否决制。建设管理过程中若发生以下情形之一,则评价结果为“差”。___
A. 发生较大质量事故
B. 发生较大安全生产责任事故
C. 控制性工程进度或工程进度关键点或项目完工目标未达到目标要求
D. 项目投资(包括政策性因素导致的费用增加)超过概算10%
【单选题】
下列哪种运营管理方式不属于中国交建直属投资项目可采用运营管理方式___
A. 委托专业公司运营
B. 股权移交专业公司运营
C. 项目运营公司自主运营
D. 总包部直接运营
【单选题】
投资项目财务评价指标由强制性指标和参考性指标组成,其中参考性指标包括___。
A. 资本金财务内部收益率FIRR(%)
B. 项目财务净现值FNPV(万元)
C. 项目财务内部收益率 FIRR(%)
D. 项目动态投资回收期Pt(年)
【单选题】
《一公局项目投资管理办法》中指出,回购项目建成前___个月,项目公司应向投资部报送项目回购的相关材料,投资部会同公司相关部门根据项目回购合同的约定及项目公司报送的资料,制定回购方案。
【单选题】
《一公局投资项目建设管理办法》中指出,___负责对项目公司的设立、变更、撤销等进行监督管理。
A. 企业规划部
B. 投资管理部
C. 财务部
D. 施工管理部
【单选题】
《一公局投资项目建设管理办法》中指出,___负责投资项目建设期重大合同、协议等相关业务进行监督管理。
A. 经营管理部
B. 投资管理部
C. 预算考核部
D. 法律部
【单选题】
经营(准经营)性项目运营前___年,项目公司应按照公司《项目投资管理办法》做好运营方案及回购方案的报审工作。
【单选题】
项目公司在项目合同履行完毕(或终止、解除)后,应按项目合同的规定进行注销,注销后的___内将注销证明等有关信息报公司投资管理部及企业规划部备案。
A. 7天
B. 7个工作日
C. 10天
D. 10 个工作日
【单选题】
下列投资原则哪项不属于一公局《关于子公司开展投资业务的有关规定》中要求的。___
A. 量力投资原则
B. 审慎原则
C. 服从战略原则
D. 分级决策原则
【单选题】
关于《子公司开展投资业务有关规定》的增补说明中指出,项目公司资本金由公司统一支付,但项目公司实际资本金占用率不得超过___。
【单选题】
由局与发起人签订《投资协议》,《投资协议》签订后组建项目公司,项目公司成立应提交的资料不包括下列哪项___
A. 立项批复文件
B. 中标通知书
C. 《投资协议》
D. 项目公司名称预核准证明材料
【单选题】
《一公局BOT实施细则》中指出,特许经营协议签订前应提交局___进行审核。对于投资额巨大的项目,应经中国交建审核后方可适时签署。
A. 投资管理部
B. 经营管理部
C. 法律部
D. 预算考核部
【单选题】
政府和社会资本合作模式有利于发挥市场机制作用,提升公共服务的供给质量和效率,实现___最大化。
A. 公共利益
B. 政府利益
C. 社会资本利益
D. 合理利润
【单选题】
___评价是判断是否采用PPP模式代替政府传统投资运营方式提供公共服务项目的一种评价方法。
A. 物有所值
B. 可行性研究
C. 项目回报率
D. 财务净现值
【单选题】
中国交建《关于项目投资评审和子公司投资能力评价的有关规定》中指出,下列哪些指标不属于子公司投资能力评价指标。___
A. 资产负债率
B. 经营性现金流净额
C. 带息负债与利润总额之比
D. 速动比率
【单选题】
中国交建《关于项目投资评审和子公司投资能力评价的有关规定》中指出,投资项目评审实行两个刚性评价与三个辅助决策评价相结合的新规定。下列哪项属于辅刚性评价。___
A. 项目投资财务评审
B. 纳入全年投资预算
C. 投资区域诚信度要高
D. 项目符合公司主业和发展方向
