相关试题
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
推荐试题
【多选题】
气化系统高压氮气的主要用户有那些___
A. 煤浆管线吹扫
B. 氧气管线吹扫
C. 小流量保护氮气
D. 减压中压氮
【多选题】
高温热水泵出水的主要用户有___
A. 水洗塔塔盘用水
B. 事故激冷水
C. 停车泄压防气蚀管线
D. 锁斗冲压管线
【判断题】
气化炉炉壁温度报警值为300℃,拱顶报警值为265℃
【判断题】
气化炉在进行升压的过程中,必须不断开大气化炉黑水排放量
【判断题】
氧气管线在引氧过程中为加快投料进度,应当快速打开氧气流量调节阀至所需氧气量
【判断题】
磨机停车前应先断水后断煤,保证磨机煤称上无积煤
【判断题】
气化炉激冷水流量只需控制大于低报警值即可,没必要随着负荷的升降进行调整
【判断题】
气化炉投料前应将PV1326保持关闭,投料后根据压力进行调整
【判断题】
煤浆管线冲洗水使用完毕后应将前后手阀关闭,导淋关闭
【判断题】
烧嘴冷却水在软管切换硬管的过程中应该先切断软管系列阀门,在打开硬管系列阀门,保证烧嘴不长时间断水
【判断题】
絮凝剂、分散剂添加得越多,处理后的灰水水质越好
【判断题】
转动式破渣机位于气化炉激冷室与锁斗之间,其作用是在开车阶段及不正常操作期间产生的大块钟乳石或脱落的耐火砖进行机械破碎,使渣顺利通过锁斗阀进入锁斗
【判断题】
捞渣机在运行时应巡检内容包括:链轮的轴封水是否正常、刮渣情况是否正常、变速箱的温度、油位是否正常、下渣情况是否正常
【判断题】
火炬系统是安全排放设施,以免污染大气和人员中毒事故的发生
【判断题】
机械密封的特点是将容易泄漏的轴向密封改变为较难泄漏的静密封和端面径向接触密封
【判断题】
离心泵是靠增加液体压力来增加液体能量输送液体,容积式泵是靠离心力增加液体能量输送液体
【判断题】
变换催化剂硫化后的主要成分是CoS、MoS2
【判断题】
气化炉开工抽引器的作用是控制气化炉内的真空度,以满足气化炉升温时的工艺要求,另外在入炉检修时进行强制通风,保障工作人员安全
【判断题】
高压煤浆泵在启动前可以先不打开小红阀,启动后再行打开
【判断题】
烧嘴冷却水泵设置自启动的目的是防止烧嘴冷却水盘管断水
【判断题】
气化炉停车后为节约时间防止煤浆沉淀,堵塞管道,不必关闭煤浆炉头手阀进行泄压
【判断题】
高压煤浆泵水压试验过程中,应快速调整炉头泄压手阀至所需压力
【判断题】
为节约成本,我公司气化炉可以适应任何煤种的掺烧
【判断题】
除氧器的主要作用时将生产水加热至100℃后补入系统,调节系统的热量,水量平衡
【判断题】
气化炉投料前,系统氮气置换要求系统可燃气含量≦0.5%
【判断题】
事故烧嘴冷却水槽设置低压氮的主要作用是作为载气
【判断题】
真空闪蒸系统的建立是靠水环真空泵P1417来完成的
【判断题】
离心泵启动之前灌泵的目的是防止泵启动后气蚀
【判断题】
真空闪蒸系统中,真空度越高,闪蒸气温度越高
【判断题】
影响水煤浆成浆性的主要因素有,内水、哈氏可磨指数、含氧极性官能团等
【判断题】
离心泵出口设置单向阀的主要目的防止介质反串、引起泵的倒转、损坏电机
【判断题】
添加剂给料泵设置安全阀的主要目的防止隔膜超压,损坏隔膜
【判断题】
高压煤浆泵水压试验的主要目的检验泵的运行性能以及管线有无跑冒滴漏
【判断题】
P1417泵与P1403泵的传动方式相同
【判断题】
絮凝剂的主要作用是捕捉黑水中的固体颗粒,加速粒子的沉降,所以絮凝剂的投加量越多越好
