【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
推荐试题
【单选题】
禁止未获准RVSM运行航空器在穿越RVSM空域的过程中在某个高度改为平飞但允许航空器因冲突原因短暂平飞并保持______垂直间隔,当冲突解除之后,立即上升或下降离开RVSM空域___
A. 300米
B. 600米
C. 900米
D. 1200米
【单选题】
对于已在RVSM空域飞行失去RVSM能力的航空器,席位管制员应根据空中交通情况,为其配备______的垂直间隔,或者适用的水平间隔___
A. 300米
B. 600米
C. 900米
D. 1200米
【单选题】
RVSM空域内垂直飞行间隔,通信失效或发生其他特殊情况的航空器与其他任何航空器之间_________
A. 300米
B. 600米
C. 900米
D. 1200米
【单选题】
在实施雷达管制的区域内,实施侧向偏置程序应当得到()的批准。___
A. 签派员
B. 管制员
C. 机长
D. A和B
【单选题】
飞行高度层9500米对应的英尺高度是___,雷达C模式实际显示的米制高度是___。___
A. 31000,9480
B. 31000,9510
C. 31100,9510
D. 31100,9480
【单选题】
在RVSM空域内,有时管制员应当为航空器之间配备最小为600m的垂直间隔,下列其中哪种情况可以不用受此限制?___
A. 未获准RVSM运行的航空器与其他任何航空器之间
B. 通信失效或发生其他特殊情况的航空器与其他任何航空器之间
C. 由于颠簸航空器驾驶员报告可以保持高度的航空器与其他航空器之间
D. 以上不全对
【单选题】
由于设备失效等原因,航空器RVSM状态在空中发生改变后预计短时无法恢复,管制员应当拍发()报给沿线的管制单位,更改RVSM的状态。___
A. CHG或CPL
B. CDN
C. RCP
D. CNL
【单选题】
如果航空器在RVSM空域飞行时的高度偏离管制员放行高度层达到或超过()米即认为是大高度偏差事件。___
A. 60
B. 90
C. 150
D. 200
【单选题】
管制员在通话过程中应当注意关键词的使用,“CPA258,expect descend in 2 minutes (or in 8 miles),maintain 7500m”这句指令中的关键词为:___
A. CPA258
B. expect
C. descend
D. maintain
【单选题】
“CPA258,expect descend in 2 minutes (or in 8 miles),maintain 7500m”这句指令这样来发:“CPA258,expect descend to F190 in 2 minutes (or in 8 miles),maintain 7500m”,您认为___
A. 差别不大,都可以
B. 都可以,且第二句更好,让机组知道将会要收到什么指令
C. 都可以,但第一句更简洁
D. 第二句指令不合适,容易让机组误解现在就“descend to F190”
【单选题】
管制员在对空指挥过程中,越是繁忙的时候,语速应___
A. 保持平稳,避免频繁重复指令
B. 尽量快些,才能指挥更多飞机
C. 降低语速,避免口误
D. 时快时慢,引起机组的注意
【单选题】
陆空通话时,什么时候推荐使用“IMMEDIATELY(立即)”这个词:___
A. 相对飞行穿高度时
B. 天气差时,担心自己会忘记某个正在改变高度的动态
C. 飞机多时,为了节省精力
D. 在紧急情况下,用于冲突解脱时
【单选题】
关键词就像一面旗帜,能帮助飞行员对即将收到的信息进行分类,警示飞行员接下来将会收到什么类型的指令,下列各项不属于我们所说的这类词的是:___
A. STAND
B. Y B.CLIMB
C. CONTACT
D. REDUCE
【单选题】
In radio telephony,the frequency 125.35 is transmitted as___
A. one two fife three fife
B. one two five tree five
C. one two fife
D. AY-SEE-MAL tree fife
【单选题】
当遇到紧急情况时,陆空通话应当:___
A. 用急促的语气,尽量大声,这样飞行员才会很配合。
B. 加重语气,适当增大音量,突出管制指令的紧迫性,争取飞行员的配合。
C. 正常语速,以免忙中出错
D. 降低语速,确保指令一次有效
【单选题】
飞行高度层10100米对应的英尺高度是___,雷达C模式实际显示的米制高度是___。___
A. 33000,10120
B. 33000,10090
C. 33100,10120
D. 33100,10090
【单选题】
管制员还应当对管制指令当中的不同内容进行适当的排序,相对重要的内容应当排列在管制指令的___位置
A. 前面
B. 中间
C. 尾部
D. 以上都可以
【单选题】
在一个包含有几部分内容的指令中,合理的使用停顿,能帮助飞行员有效的记录管制员发出的指令,减少出错的几率,以下哪种停顿最有效?___
A. CCA101—descend to—flight level 210
B. CCA101—descend to—flight level 210
C. CCA101—descend to—flight level—210
D. CCA101—descend to flight level—210
【单选题】
根据区管中心业务通告,管制员在发布管制指令和检查机组复诵时,对于部分容易混淆的数字英文发音要引起足够的重视,以下哪些数字是需要着重区分___
A. 2,3,6
B. 2,3,7
C. 2,3,8
D. 2,3,9
【单选题】
凡PLC负责电话移交的动态,完成移交后在标牌OPDATA栏输入字母“ ”___
【单选题】
以上通话,管制员接下来合理的指令是___
A. negative
B. negative,climb and maintain 10100 metres
C. affirmative,CSN3101,climb and maintain 10100 metres.
D. negative, CSN3101,climb and maintain 10100 metres.
【单选题】
对于正在接受空中交通管制服务的航空器,空中交通管制员一旦收到该航空器已收到机载防撞系统告警并已开始采取防止碰撞的机动飞行的通知,则管制员___。
A. :A.立即利用雷达观察空中活动,给飞机提供防止相撞的指令
B. :B.不对航空器和其它航空器或障碍物之间的间隔负责,但应提供空中活动通报
C. :C.根据具体情况让飞机改变高度或航向
D. :D.A、A.B和C
【单选题】
区域管制中心内部各扇区之间管制移交水平间隔不得小于 千米。___
【单选题】
管制员在对空指挥过程中,应当主动地控制一句管制指令中所包含的管制指令的内容。一般情况下,管制员发布的一句管制指令中,包含的管制内容不应当超过___项
【单选题】
当观察到两个或多个雷达位置指示符相近,或观察到在同时作相似的移动以及遇到其它引起对目标怀疑的情况时,管制员应当___。
A. :A.根据进程单和现有雷达信息仍可以提供雷达管制服务
B. :B.向移交方了解是否是航空器的原因
C. :C.应当采用两种以上识别方法进行识别直至确认为止
D. :D.首先报告领班主任
【单选题】
TCAS告警过程中,管制员应当___。
A. :A.管制员应重视驾驶员通报的TA(TRAFFIC ALERT) 情况和提出的请求,保持相关的航空器之间的间隔
B. :B.当管制员得知航空器正在按RA(RESOLUTION ADVISORY)进行机动飞行时,不得向航空器发布与RA相抵触的指令
C. :C.只要情况许可,管制员应当向受机动飞行影响的航空器提供相对活动信息
D. :D.A、A、B和C
【单选题】
当雷达显示器上出现7600编码时,在确认该航空器的无线电接收机还具有接收能力后,雷达管制员___。
A. :A.应当指挥航空器就近着陆
B. :B.应当停止提供雷达管制服务
C. :C.可以继续提供雷达管制服务
D. :D.以上都可以
【单选题】
关于区管中心冲突解脱指引:优先调配的因素和原则应包含以下中的①飞行员 ②航空器 ③相对位置 ④飞行状态 ⑤避让方向 ⑥航空器目的地 ⑦水平和高度相结合___
A. 1234567
B. 123456
C. 123457
D. 12345
【单选题】
关于区管中心冲突解脱指引:在避让方向上,应考虑的因素___①限制区②危险区③禁区④陆地和海洋 ⑤军航活动区⑥危险天气⑦高空风
A. A.①②③④⑤⑥⑦
B. B.①②③⑤⑥⑦
C. C.①②③④⑤⑥
D. D.①②③④⑤⑦
【单选题】
关于区管中心冲突解脱指引:当出现发出的指令被干扰、飞行员复述错误等情况时,管制员应___
A. A.听天由命
B. B.排查波道干扰因素
C. C.重新综合预估判断,并视情况修改调配方案
D. D.盲目发送同一指令
【单选题】
关于区管中心冲突解脱指引:解决飞行冲突最快捷有效的方法是改变航空器的 ___
A. A.航向和高度
B. B.高度和速度
C. C.航向和速度
D. D.航向
【单选题】
关于区管中心冲突解脱指引:对于两冲突航空器,通过改变高度可以尽快达到安全的垂直间隔,同时还要注意防止出现高度反复穿越。以下方法正确的是___ ①如果两冲突航空器已经保持相同高度,应尽快让其中一架航空器快速上升,另一架则快速下降(即加速穿越)。②两冲突航空器之间垂直间隔已小于规定间隔,接近于穿越状态,应指挥两机沿之前的接近方向加速穿越并尽快形成安全垂直间隔(即加速穿越)。③两冲突航空器之间垂直间隔足够大,则应指挥高高度航空器尽快上升,低高度航空器尽快下降,形成安全垂直间隔(即终止穿越)。
A. A.①②③
B. B.①③
C. C.①②
D. D.②③
【单选题】
关于区管中心冲突解脱指引:当航迹夹角为α,且0°<α≤135°,两冲突航空器均未过交叉点时应采取___
A. A.指挥两冲突航空器均向外侧作适当角度的改航。
B. B.指挥两冲突航空器均向内侧作适当角度的改航。
C. C.基于判断,采取航向避让时,两航空器均不会冲过交叉点,指挥两冲突航空器均向外侧作至少90°的改航。
D. D.基于判断,采取航向避让时,两航空器均不会冲过交叉点,指挥两冲突航空器均向内侧作至少90°的改航。
【单选题】
关于区管中心冲突解脱指引:以下停止下降(上升)例句,正确的是___
A. A.南方3501,有冲突!立即停止下降(上升)。
B. B.南方3501,有冲突!立即停止下降(上升),立即停止下降(上升)。
C. C.南方3501,立即停止下降(上升)。有冲突!
D. D.南方3501,立即停止下降(上升),立即停止下降(上升)。有冲突!
【单选题】
在A461航路上执行PBN航路运行的航空器,当地面雷达失效后说法正确的是___
A. 继续按照PBN程序飞行,为其提供程序管制服务
B. 终止PBN导航,按照传统的导航程序,提供程序管制服务
C. 通知航空器雷达失效,建议其就近机场备降
D. 继续按照PBN程序飞行,使用雷达间隔提供管制服务
【单选题】
当空中航空器报告应答机完全故障时,管制员应当___?
A. 如果有一次雷达航迹显示,经重新识别后,可继续提供雷达管制服务
B. 如果没有任何雷达航迹显示,应为该航空器提供程序管制服务,与其他航空器之间配备程序间隔
C. 对于RVSM空域内运行的航空器,如果证实该航空器仍然具备满足RVSM运行能力,可以允许其继续在RVSM空域内运行
D. A、A.B、B.C均正确
【单选题】
射期间,原则上航空器在炮射区边界 千米以外通过___
【单选题】
用于洋区和偏远地区航路的导航规范是___
A. RNP 10和RNP 4
B. RNP 4和RNAV 5
C. RNP 10和RNAV5
D. RNP 4和RNAV2
【单选题】
RNAV 2 导航规范主要用于___
A. 洋区或偏远地区航路
B. 陆上航路阶段
C. 初始进近阶段
D. 中间进近阶段
【单选题】
在TCAS发生RA事件后,在下列情况下,管制员恢复向所有受影响的航空器提供间隔的责任:___
A. 管制员雷达上看到飞机已经解除冲突后
B. 管制员未确认飞行员己恢复原来的空中交通管制许可
C. 管制员确认飞行员正在恢复当前空中交通管制许可后,发出更改的许可,并被驾驶员确认
D. 管制员认为没有影响时
