相关试题
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
推荐试题
【判断题】
东风8B型机车的控制用风系统用来供给电气系统中的磁场削弱、制动接触器、电空阀及转换开关电空阀等电器的动力风缸用风。
【判断题】
东风8B型内燃机车前变速箱采用浸浴式飞溅、油雾润滑。
【判断题】
东风8B型内燃机车主电路中,用于检测电枢回路电流和电阻制动励磁电流的电流传感器为9LH~10LH。
【判断题】
微机励磁工况下,DK置“微机”位时,如漏电电流大于950A,微机限制主发由电机功率为0。
【判断题】
FSJ两个线圈中电流差达到50A时,FSJ动作。
【判断题】
东风8B型内燃机车启动发电机通过微机辅机板EXP控制其励磁电流来控制其输出电压使之恒定为96V。
【判断题】
微机励磁工况下,同步主发电机功率修正值由油马达功调电阻小白点位置决定。
【判断题】
主发电机电压高于1100V时,则机车功率被限制为0。
【判断题】
如果牵引电动机磁场电流小于800A,则主发电机电压限制在60V内。
【判断题】
东风8B型内燃机车接地电流在30min时间内连续大于500mA,则主发电机功率限制为0。
【判断题】
微机励磁工况时,由油马达滑动端对负端电压和高端电压的比值作为功调修正系数
【判断题】
东风11型内燃机车辅助传动装置前变速箱有5根传动轴。主动轴与万向轴刚性连接,经两根惰轮轴分别带动左、右两根从动轴。
【判断题】
东风11型内燃机车辅助传动装置前变速箱右从动轴前端经尼龙绳联轴器与同步主发电机、主硅整流柜通风机相连,且通过传动法兰上的皮带轮带动测速发电机。
【判断题】
东风11型内燃机车辅助传动装置前变速箱设置2根惰轮轴是为了减小输入、输出轴之间的中心距。
【判断题】
架悬式驱动装置具有足够的径向扭转刚度,保证驱动装置牵引时的粘滑振动稳定性。
【判断题】
架悬式驱动装置的牵引电动机、牵引齿轮副等驱动零部件全悬于转向架上,工作条件改善,故障极低。
【判断题】
架悬式驱动装置在机车起动时,电机能先于轮对转过一微小角度,不利于电机启动换向条件。
【判断题】
东风11型内燃机车在微机励磁工况下,司机室微机显示屏CDID显示“主回路接地”,如漏电电流在500~950mA之间时间超过30min或在30min内检测到3次,微机同样限制主发输出功率为零。
【判断题】
东风11型机车在牵引工况下运行,且速度高于3km/h,如果发生空转,可以自动撒砂;如继续空转,则开始降功,每空转一次降低当时功率的20%。
【判断题】
东风11型机车冷却水装载量为1200kg。
【判断题】
东风11型机车在组装弹簧时,同一转向架各个轴箱弹簧工作高度差允许差为5mm。
【判断题】
东风11型机车在每个轴箱上都设置了结构简单且抗震性能很高的轴温传感器。
【判断题】
东风11型机车设有1个总风缸,每个总风缸的容积为575L。在总风缸的下部均装有一只排水塞门。
【判断题】
东风11型机车空心轴万向机构由空心轴、传动盘、连杆、橡胶球形关节等组成。
【判断题】
东风11机车采用微机控制,具有全功率自负荷功能的电阻制动装置。
【判断题】
东风11型机车牵引状态下当磁场电流大于360A后,CDID屏显示“主发电机磁场过流。”
【判断题】
两个阻值为10Ω的电阻并联后的总电阻为20Ω。
【判断题】
因为变化的电流通过导体或线圈而产生自感电动势,自感电动势的大小和线圈形式及导线有关。
【判断题】
电器的触头是各类接触器和继电器中的关键零件,电路的接通和断开都是依靠触头的接触和分离实现的。
【判断题】
电磁式发电机按励磁方式不同,又可分为他励、并励、串励及复励发电机。
【判断题】
使用万用表之前,要检查表针是否停在“0”位,否则应调整表盘下的调“0”螺钉。
【判断题】
万用表用毕后,应将“选择开关”拨到电阻挡位上,防止两笔短接消耗表内电池。
【判断题】
平波电抗器的作用主要是为了减少整流电流的脉动。
【判断题】
有动力附挂机车是根据调度命令附挂于列车回送的有动力机车
【判断题】
机车运转方式也叫机车运转制或机车周转方式,就是机车在交路上担当任务,往返行驶于机务段与折返(机务)段之间的运行方式。
【判断题】
机车技术速度是指机车牵引列车在区段内(不计入中间站停留时间)平均每小时走行的公里。
【判断题】
配属机车是指根据铁道部、铁路局配属命令拨交给铁路局、机务段保管、使用,涂有局、段标志并在资产台账内登记的机车。
