相关试题
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
推荐试题
【单选题】
员工处分处理程序:员工出现违纪,由员工所在单位(部门)上报___查明事实,取得证据后,由监察部提出处罚建议,报公司研究决定。
A. 公司监察部
B. 营运监控管理中心
C. 人力资源部
D. 安全部
【单选题】
解除劳动合同,是指按照___等规定,公司依法实施解除劳动合同。
A. 《劳动法》 《劳动合同法》
B. 《劳动法》 《公司制度》
C. 《劳动法》 《劳动合同法》《公司制度》
D. 《公司制度》 《劳动合同法》
【单选题】
公司给予员工奖励的方式有:___
A. 嘉奖、通报表扬、颁发奖金或奖品、培训、疗休养、加薪、职务晋级
B. 嘉奖、通报批评、颁发奖金或奖品、培训、疗休养、加薪、职务晋级
C. 嘉奖、通报表扬、颁发奖金或奖品、培训、疗休养、加薪、提干
D. 嘉奖、通报表扬、颁发奖金或奖品、福利、培训、疗休养、加薪、职务晋级
【单选题】
员工年终花红发放系数是___。
A. 员工月度绩效考核平均系数×组织年度绩效考核系数
B. 员工月度绩效考核平均系数平均×员工年度绩效考核系数
C. 员工年度绩效考核系数×组织年度绩效考核系数
D. 员工年度绩效考核系数×完成指标系数
【单选题】
各相关单位标准工时制员工 11 月份年休总天数不得超过本单位标准工时制员工月度总出勤天数的___
A. 5%
B. 8%
C. 10%
D. 15%
【单选题】
凡员工非责任性因工负伤,先按病假相关规定申请。 所在单位须在事故伤害发生之日起___个工作日内提交工伤认定申请材料至人力资源部,经相关部门认定为工伤后,原病假可按工伤假处理,享受工伤假待遇。
【单选题】
员工已提交辞职报告但未获公司批准就不到岗上班的,超过___个工作日,视为员工单方面解除劳动合同行为,所在单位(部门)应在一个工作日内以书面形式上报人力资源部,公司将根据实际情况要求员工赔偿经济损失。
【单选题】
员工合同期内辞职必须提前___天上交书面辞职报告发起离职申请(试用期提前 ()天) ,公司对经电话、同事或亲友转达的离职申请不予受理。各组织负责人及关键性岗位人员原则上应接受离任审计。
A. 30 5
B. 15 3
C. 30 3
D. 15 5
【单选题】
员工第二次劳动合同到期前()日内,人力资源部向员工发出续签劳动合同通知书,员工应在收到通知书()个工作日内明确续签或终止劳动合同意向___
A. 15 15
B. 30 5
C. 15 10
D. 30 10
【单选题】
首次签订劳动合同的员工的合同期限为()年, 非生产岗试用期一般为()个月,生产岗试用期一般为()个月。再次签订劳动合同的期限为()年。第三次签订劳动合同为()劳动合同 ___
A. 3 6 3 5 无固定期限
B. 2 6 3 5 10
C. 3 3 3 5 10
D. 2 3 3 5 无固定期限
【单选题】
员工旷工连续超过()天,视为自动离职;全月旷工累计达15天,或是全年累计达到30天,公司有权解除劳动合同。 ___
【单选题】
月度考勤周期以___为一个周期 。
A. 30天
B. 自然月
C. 前月21日-当月20日
D. 31天
【单选题】
因私事外出的,经批准离开工作岗位超过30分钟但不超过4小时的,按___0.5天处理。
【单选题】
员工正常上下班但忘记指纹考勤的,需由本人向人力资源部提供监控录像证明。若因监控录像故障导致不能提供监控录像证明的,由本人写情况说明,单位负责人证明,报人力资源部审核后视具体情况酌情处理。若非因监控录像故障导致不能提供证明的,给予___ 处理。
【单选题】
员工月度绩效考核根据得分获得相应月度绩效考核系数,考核系数分为___,员工月度绩效考核系数影响员工月度绩效工资发放。
A. 1.2、1.1、1.0、0.9、0.8、0
B. 1.2、1.1、1.0、0.9、0.8、0.5
C. 1.5、1.2、1.0、0.8、0.5、0
D. 1.3、1.1、1.0、0.9、0.7、0.5
【单选题】
员工合同期内辞职必须提前___天上交书面辞职报告发起离职申请,公司对经电话、同事或亲友转达的离职申请不予受理。
【单选题】
员工在职期间,入职满一年,并且上年度个人绩效考核结果不低于___等级,才具备申请调岗条件。
【单选题】
年休假申请原则上须由本人___提出。受理人应根据工作需要进行审批,因工作原因不予批准的,可要求申请人改变休假计划。
A. 提前1个工作日
B. 提前2个工作日
C. 提前3个工作日
D. 休假当天
【单选题】
凡与公司依法建立劳动合同关系,连续工作满个月以上的员工,可享受带薪年休假。 ___
【单选题】
女员工怀孕期间,因个人身体特殊原因,确实需要休养并能出具医院证明的可在国家规定的医疗期限内申请病假,超过医疗期限但经医院证明仍需休养的,可申请___。
A. 续假
B. 事假
C. 妊娠
D. 计划生育假
【单选题】
员工因病不能上班需请病假,必须出具社保机构指定基本医疗保险定点医疗机构的门诊挂号单、病历、疾病(医疗)证明书、药费发票等相关证明(检查费、治疗费、检查结果)方为有效,其中疾病(医疗)证明书必须___ 。
A. 加盖医疗专用章
B. 加盖科室章
C. 加盖医院公章
D. 医生签名
【单选题】
凡经同意批准辞职的员工,须在___个工作日内到所在单位填写《员工离职移交清单》
【单选题】
员工考核类型包括试用期考核、___、晋保级考核、绩效考核。
A. 选拔考核
B. 内部考核
C. 月度考核
D. 年度考核
【单选题】
非生产岗试用期为___个月,生产岗试用期一般为3个月。
【单选题】
新员工入职___个月内,按国家相关规定,公司将与其签订劳动合同。
【单选题】
员工招聘原则包括___、合法用工原则、公平原则、内部优先原则、亲属回避原则。
A. 人岗匹配原则
B. 成绩高低原则
C. 自愿原则
D. 推优原则
【单选题】
加班___个小时,可申请调休0.5天。
【单选题】
女员工正常生育享受___天产假。
A. 88
B. 98
C. 101
D. 105
【单选题】
员工当月每迟到(早退)___次者,按事假一天处理。
【单选题】
员工上班期间因私事外出。经领导批准,一个工作日内超过___,按事假一天处理。
A. 一小时
B. 两小时
C. 三小时
D. 四小时
【单选题】
员工迟到(早退)超过___,不到四小时的按矿工0.5天处理。
A. 二十分钟
B. 半小时
C. 超过一个小时
D. 两个小时
【单选题】
员工达到法定结婚年龄结婚者(男满22周岁,女满20周岁),可持结婚证申请()天婚假。___
【单选题】
公司收费所、隧道所、服务区负责人在各自的审批权限范围内,每月批准的事假天数累计不得超过管辖人数的___
A. 1/6
B. 1/3
C. 1/2
D. 1/4
【单选题】
收费类服装回收年限:肩章、臂章等配件自签收之日起,满___的,不做回收处理。
【单选题】
实行24小时轮流工作制员工遇紧急事务可申请换班,换班须提前在OA系统发起申请,并明确换班时间、换班对象和还班时间,由单位负责人审批同意后,方可换班。每人每月换班不能超过___个小班.
【单选题】
本规定所指的制式服装根据不同的岗位性质予以分类,具体分四类,收费员应着___类型服装。
A. 工作类服装
B. 收费类服装
C. 工装类服装
D. 服务类服装
【单选题】
食堂菜品验收完毕,由采购员和采购验收员在___上签字,一式两份,一份用于报销,一份用于张贴公示。
A. 采购清单
B. 食堂采购日报表
C. 食堂采购申请单
D. 食堂采购验收单
【单选题】
食堂工作人员须每年进行___健康检查,持有效健康证上岗。
【单选题】
在实行计重收费的公路上行使的货车如超过认定的标准,则被视为已超过公路的承载能力。按照2019年交通运输部 62 号令(超限运输车辆行驶公路管理规定),以下超限的是___
A. 三轴货车25吨
B. 四轴货车36吨
C. 五轴货车49吨
D. 二轴货车17吨
【单选题】
按照《超限运输车辆行驶公路管理规定》(中华人民共和国交通运输部令2016年第62号)文件规定,6轴以上车辆车货总量限额为___吨。