相关试题
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
推荐试题
【判断题】
“三步走”发展战略指出,第二步人民生活比较富裕
【判断题】
关于科学技术的极端重要性,邓小平有一著名论断,这就是科学技术是第一生产力
【判断题】
转变经济增长方式,就要改变“两高、两低”的状况,“两高”是指高投入、高消耗,两低则是指低工资、低物价
【判断题】
我国社会主义初级阶段的一项基本经济制度是按劳分配为主体、多种分配方式并存
【判断题】
在社会主义国民经济中起主导作用的是国有经济
【判断题】
建立社会主义市场经济体制主要是要使市场自发地调节社会总量平衡
【判断题】
把“邓小平理论”确定为党的指导思想并写入党章是1992年党的十四大
【判断题】
邓小平在南方谈话中说:抓住时机,发展自己,关键是坚持改革开放
【判断题】
贯彻“三个代表”重要思想,必须把经济作为党执政兴国的第一要务,不断开创现代化建设的新局面。
【判断题】
“三个代表”重要思想创造性地回答了建设什么样的党、怎样建设党的问题
【判断题】
贯彻“三个代表”重要思想,核心是坚持党的领导。
【判断题】
“三个代表”重要思想的本质是保持党的先进性
【判断题】
中国共产党第16次全国代表大会的历史性贡献是提出了全面推进党的建设的新的伟大工程
【判断题】
贯彻“三个代表”思想,关键在坚持群众路线
【判断题】
始终做到“三个代表”,是我们党的立党之本、执政之基、力量之源。这里的“本”、“基”、“源”,是指人民群众的支持和拥护
【判断题】
江泽民在2003年“七一”讲话中指出,实现人民的愿望,满足人民的需要,维护人民的利益,是“三个代表”思想的灵魂
【判断题】
十六大党章关于党的指导思想的表述是 马克思列宁主义为指导思想
【判断题】
“三个代表”重要思想是在 科学判断党的历史方位的基础上提出来的
【判断题】
中国共产党坚持先进性增强创造力的决定性因素是 坚持党的基本路线不动摇
【判断题】
贯彻“三个代表”重要思想,必须使全党始终保持与时俱进的精神状态,与时俱进就是 党的全部理论和工作要体现时代性,把握规律性,富于创造性
【判断题】
中国共产党能否始终做到与时俱进决定着 党能否始终保持党的先进性
【判断题】
十六大实现的我们党指导思想上的又一个与时俱进是 将“三个代表”重要思想确立为党必须长期坚持的指导思想
【判断题】
党的十七大第一次把以人为本、全面协调可持续发展的科学发展观写入党章。
【判断题】
科学发展观,是立足社会主义初级阶段基本国情,总结我国发展实践,借鉴国外发展经验,适应新的发展要求提出来的。
【判断题】
中国特色社会主义理论体系,是马克思主义中国化最新成果,是党最可宝贵的政治和精神财富,是全国各族人民团结奋斗的共同思想基础。
【判断题】
必须把提高领导水平和执政能力作为各级领导班子建设的核心内容抓紧抓好。
【判断题】
实现可持续发展的核心问题是实现经济社会和人口、资源、环境的协调发展。
【判断题】
推动城乡发展一体化,是解决“三农”问题的根本途径。
【判断题】
实现工业化、信息化、城镇化、农业现代化,是我国社会主义现代化建设的根本任务,也是加快形成新的经济发展方式、促进经济持续健康发展的根本动力。
【判断题】
发展社会主义民主政治,最重要的就是要坚持好、发展好适合我国国情的社会主义政治制度。
【判断题】
人民通过选举、投票行使权利和人民内部各方面在重大决策之前进行充分协商,尽可能就共同性问题取得一致意见,是我国社会主义民主的两种重要形式。
【判断题】
社会主义核心价值体系是兴国之魂,决定着中国特色社会主义发展方向。
【判断题】
受各种因素的影响,党的领导被忽视、淡化、削弱的状况还未得到明显改变。
【判断题】
我国人口面临严重的老龄化问题,养老金和农村低保标准增幅难以超越GDP增速。
【判断题】
中国特色社会主义法治体系日益完善,加快建设法治政府进入新阶段,但全社会法制观念还很差。
【判断题】
中国文化走出去步伐加快,中国故事吸引世界目光。
【判断题】
2014年10月底,全军政治工作会议在遵义召开,习近平同志带领中央军委全体成员和会议代表,一起重温了我党我军光荣历史和优良传统。
【判断题】
我国目前人均国民生产总值,相当于世界平均水平的80%左右,按国家和独立经济体排位,大致处在世界底层。
【判断题】
中国特色社会主义进入新时代,为解决人类问题贡献了中国智慧和中国方案。
【判断题】
全面从严治党,就要增强政治意识、大局意识、核心意识、看齐意识,坚决拥护党中央权威和集中统一领导。
