【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
推荐试题
【判断题】
我行现支持个人短信业务开通,需要账户本人持身份证,如为代理人需持本人和代理人的两本身份证件至柜面办理。
【判断题】
企业短信业务变更需要填写的申请书有《单位银行结算账户综合服务申请表》和《人民币单位银行结算账户管理协议》。
【判断题】
短信业务就是通过以短信的形式,点对点的通知客户账户内资金变动情况。这里的账户包括个人结算账户,不包括单位结算账户。
【判断题】
注销短信业务需账户本人携带凭证,持身份证或其他有效证件到柜台办理。
【判断题】
短信业务就是通过以短信的形式,点对点的通知客户账户内资金变动情况。
【判断题】
在我行开通短信业务的客户只能在柜台办理短信修改业务
【判断题】
单位账户仅办理短信业务开通只需填写《单位银行结算账户综合服务申请表》和《人民币单位银行结算账户管理协议》。
【判断题】
通过6201交易开通短信,贷款相关信息不会实时发送至签约手机号上。
【判断题】
为方便企业法人有效的了解本单位资金动向,提高单位资金安全性,在我行开立结算户的单位可向我行任一网点申请开通短信提示功能。
【判断题】
对我行个人贷款客户,必须签约短信提醒功能,贷款发放才能提交成功。
【判断题】
企业短信手机号码变更,原先预留的一个手机号码必须先关闭后,才可以再开通需变更的手机号码。
【判断题】
企业短信手机号码由原先一个增加至两个,必须先将原先的号码删除,再增加两个号码。
【判断题】
办理非税缴款业务时,缴款书种类分为:缴款单和缴款书
【判断题】
办理非税缴款业务时,现金缴款5万元以上(含),经办人出示身份证原件,无需复印留存。
【判断题】
办理非税缴款业务时,企业客户“缴款人”与转账支票开具客户需一致。
【判断题】
办理非税缴款业务时,缴款成功客户当天可对本笔交易进行“退款”,也支持次日退款。
【判断题】
办理非税缴款业务时,企业客户提供缴款单号,填写转账支票和进账单,凭证号录入完成,回车,自动跳出验印。
【判断题】
办理非税缴款业务时,回单打印在9102中的交易状态缴款成功和退款成功的单号状态相同,在9101中进行判断,可再次缴费的是退款成功的单号,缴款成功的会报错“本单号已缴款”。
【判断题】
办理非税缴款业务时,缴款单撤销需客户提供缴款单号和我行缴款凭证回单,个人提供扣款存折或卡,企业提供缴款账号,撤销成功给客户撤销凭证回单,并退还客户缴款书,清讫章叉掉。
【判断题】
办理非税缴款业务时,关于金额,如为缴款,结报未成功,会多划入两笔资金至清算户;如为退款,结报未成功,会少划入两笔资金至清算户,此为正常情况,需要进行重置交易。
【判断题】
办理非税缴款业务时,缴款书撤销企业客户退还支票.
【判断题】
办理非税缴款业务时,个人客户转账缴款20万元以上(含),如为卡本人,出示身份证原件,如为经办人,出示卡本人和经办人身份证原件,并复印留存。
【判断题】
企业客户办理非税缴款业务时,在二联凭证上加盖企业公章或预留印鉴。
【判断题】
我行非税缴款业务不能通过“2404对公现金存款”交易操作。
【判断题】
非税缴费,选择现金缴费的,客户提供缴款单号,不需要录入缴费经办人名称。
【判断题】
“9102非税综合交易”用于已缴费成功的单/书号进行查询,回单打印,同时用于非税业务退款和补发通知。
【判断题】
办理理财业务的客户必须在我行开立结算账户,并在理财计划存续期间不得对理财签约账户进行销户。
【判断题】
首次认购本行理财产品的客户须在柜面进行风险评估。
【判断题】
个人客户持兰花卡(或存折)可在我行任一营业网点购买理财产品,不存在仅能在开户网点认购的限制。
【判断题】
商业银行只能向客户销售风险评级等于或高于其风险承受能力评级的理财产品。
【判断题】
若某个人客户由于不慎遗失用于购买理财的兰花卡,且卡内没有募集期理财产品只有未到期理财,柜员在为客户办理挂失新开后还应操作“变更理财账号”。
【判断题】
机构客户签约理财需提供以下资料的原件和复印件:营业执照、 法定代表人身份证、属法定代表人委托他人代理的,还须提供代理委托书和代理人身份证,提供我行开立的结算账号。
【判断题】
我行个人理财客户可通过柜面或者电子渠道进行首次风险属性测评。
【判断题】
我行个人理财客户投资风险属性等级测评结果二年内有效,有效期间内客户可主动要求重新测评。
【判断题】
本行对60岁以上(含)的客户进行风险评估时,将其风险承受能力上限限定为:中(三级)。
【判断题】
如投资人发生可能影响其自身风险承受能力的情况,再次购买理财产品时应当主动要求重新进行风险承受能力评估。
【判断题】
在理财计划存续期间可以对理财签约账户进行销户。
