【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
推荐试题
【判断题】
CRH380A统型动车组车体倾斜尺寸测量需使用卷尺测量同一辆车在空车时,端梁最边缘下端至轨面的垂直高度,并将数据记录
【判断题】
CRH380A统型动车组二级修,今创侧门车门关闭到位后,关门到位开关碰柱上的红线露出开关体1~2mm
【判断题】
CRH380A统型动车组二级修,今创侧门装置内各机构检查检查控气压液压转换装置、压紧油缸以及其它供气、供油管路的接头无松脱、漏气、漏油现象,接头的紧固螺母防松标记无错位
【判断题】
CRH380A统型动车组二级修,今创侧门装置内各机构检查检查侧拉门门板下沿密封胶条压板的安装状态良好;门板下沿与排水槽之间的间隙不小于 2mm
【判断题】
CRH380A统型动车组二级修,今创侧门开门时间测试时,投入主控,打开中央控制装置,按【检修】开关,进入检修模式;将司机室左侧配电盘车上试验、【空档】开关右旋至闭合位,单控门置于集控位
【判断题】
CRH380A统型动车组二级修,今创侧门开门时间测试时,触摸监控显示器(MON)进入【车上检查实行】界面,再触摸车门开关试验选项,触摸【确认】
【判断题】
CRH380A统型动车组二级修,今创侧门开门时间测试时,触摸监控显示器【下一页面】键后、触摸【确认】键,显示侧拉门关门时间为5~7.5s;窄幅侧拉门开门时间为2~3.5s,宽幅侧拉门开门时间为3~4.5s
【判断题】
CRH380A统型动车组二级修,侧门开关测试时,须确认01、06、00车配电盘上【门手控集控开关】处于集控位
【判断题】
CRH380A统型动车组二级修,今创侧门障碍检测时将30 mm x 60 mm检测块卡在滑槽内。做关门操作,确认该门防挤压功能良好
【判断题】
CRH380A统型动车组二级修,前窗玻璃加热温度控制器的温度控制点为:25℃和40℃。低于25℃开始加热,升高至40℃,停止加热,如此循环
【判断题】
CRH380A统型动车组二级修,YH400电连接器检查作业人员对车端连接处的电缆和电连接器电缆夹进行检查,要求电缆与电连接器电缆夹之间无位移
【判断题】
CRH380A统型动车组二级修,自动车钩缓冲装置检查及润滑作业时,注意首先将头罩开闭机构供风管路截断塞门关闭,防止挤伤
【判断题】
CRH380A统型动车组二级修检查清洁电钩时须锁定防尘盖,防止电钩防尘盖打下,造成人身伤害
【判断题】
CRH380A统型动车组二级修自动车钩高度测量,测量头车车钩中心线到轨面高度,高度范围应为1000-1015mm。车钩钩头左右偏转角度不大于 1°
【判断题】
CRH380A统型动车组二级修过渡车钩检查及润滑,用干布、毛刷清理车钩连接面、钩舌和钩舌腔,去除杂物,在钩舌和钩舌腔表面涂抹润滑脂;转动钩舌,确认钩舌动作良好
【判断题】
CRH380A统型动车组二级修检查头罩开闭机构机械部分磨耗部位润滑情况,并对磨耗部位使用润滑脂进行润滑。对导轨、上翼板转轴、下翼板转轴三处润滑
【判断题】
CRH380A统型动车组二级修内风挡拆卸渡板使用十字螺丝刀拆下渡板装饰盖上4个沉头螺丝,取下装饰板后,使用棘轮扳手、加长杆及16mm套筒卸下渡板固定螺栓,取下渡板
【判断题】
CRH380A统型动车组二级修车顶检修、清洁作业时,使用中性清洗剂清洗车顶油漆部位,确认表面洁净
【判断题】
CRH380A统型动车组二级修制动盘(单侧)磨耗尺寸须符合限度要求:轮盘磨耗量≤2.8mm或同一车轮两侧磨损差不超过2mm
【判断题】
CRH380A统型动车组二级修接地装置在00、01车2、3位轴1位侧轴箱
【判断题】
CRH380A统型动车组二级修磁性栓排油栓检查清洁时,发现无光泽的大块铁粉(有可能是轴承保持器破损)黑色的鳞状的薄铁皮大量粘附)(有可能是轴承烧坏)以上情况出现时,需更换轮对
【判断题】
CRH380A统型动车组二级修浪涌保护装置检查,进入转向架与车体内侧之间,检查安装在车体外皮内侧的浪涌保护装置外观以及安装状态良好,保险辅件及其底座上的○型圈没有脱落
【判断题】
CRH380A统型动车组二级修浪涌保护装置检查,逆时针拧下浪涌保护装置保险辅件的盖帽检查,橡胶圈无破损,玻璃管内部器件无变形、熔结、熔断,玻璃管无破损、发黑发乌
【判断题】
CRH380A统型动车组二级修浪涌保护装置检查,使用万用表欧姆档对保险管两端测量,确定阻值无穷大
【判断题】
CRH380A统型动车组二级修残疾人卫生间门检测,按下“开”按钮打开卫生间门,将门上方罩板上按钮置于“手动”位(按钮凹下去)
【判断题】
CRH380A统型动车组翻板凳检查,检查翻板凳翻转至使用状态时(水平位置时)应上翘3~5度
【判断题】
CRH380A统型动车组受电弓专项检查时,应确保各部安装状态良好,碳滑板尺寸不过限,高度差符合要求,并对关节处的滚动轴承、滑动轴承进行注脂润滑
【判断题】
CRH380A统型动车组对兆欧表进行校验:将兆欧表正负极两线短接,手动操作摇表,速度约为3转/秒,确认摇表指针回零位
【判断题】
CRH380A统型动车组受电弓专项检查时,将500V兆欧表正极接受电弓框架,负极接大地(EGS),操作兆欧表,确认阻值大于25兆欧
【判断题】
CRH380A统型动车组检查受电弓控制阀板及相关配件时,升弓状态下压力表显示压力值约310-350KPA
【判断题】
CRH380A统型动车组受电弓不上升测试,合上04、06车配电柜点盘接地保护合接地保护断空开;合上司机室配电盘保护接地空开,将保护接地开关右旋到【合】位,通过MON车辆信息画面及车顶外观目视确认车顶EGS接通。右旋【受电弓升起】旋钮;通过MON屏及车外目视确认受电弓不上升
【判断题】
CRH380A统型动车组受电弓不上升测试,按下VCB合按钮;通过MON屏车辆信息画面确认VCB已闭合。右旋受电弓升起旋钮;通过MON屏及车外目视确认受电弓不上升
【判断题】
CRH380A统型动车组变压器油冷却散热器清理先从油冷却器的进风侧向出风侧冲洗,再从油冷却器的出风侧向进风侧冲洗,水枪喷射的水柱与油冷却器风翅片表面垂直,防止风翅片翻卷变形
【判断题】
CRH380A统型动车组牵引变流器检测清洁时,用M13棘轮扳手拆卸牵引变流器滤网右侧挡板螺栓,卸下变流器滤网,检查确认滤网无变形
【判断题】
CRH380A统型动车组隔离开关检查,使用游标卡尺测量闸刀磨合处厚度,在自由状态下两弹簧片间的距离≤9mm,闸刀接触部分厚度≥7.5mm
【判断题】
CRH380A统型动车组在高压隔离开关带闸刀侧绝缘子在分闸条件下,其顶部晃动量不允许超过1mm
【判断题】
CRH380A统型动车组高压设备箱检查,确认主控投入后打开辅助空压机控制柜,按下接地保护按钮,向两侧旋转钥匙箱两侧的手柄,翻下钥匙箱盖,取出高压设备箱钥匙
【判断题】
CRH380A统型动车组高压设备箱检查,目视检查真空断路器、避雷器、车底电缆、线缆连接器、一次侧套管外观状态良好,安装牢固、无松动;高压设备箱内无水渍,无污物
【判断题】
CRH380A统型动车组高压设备箱检查,线缆连接器瓷绝缘子无击穿、放电痕迹。表面存在单个面积大于20mm²且深度大于1mm的缺损时更换
【判断题】
CRH380A统型动车组弓角检查完后进行恢复,2号作业人员扶紧弓头;1号使用使用M6叉口扳手及活动扳手安装弓角,并使用扭力扳手紧固M6螺栓,扭矩为10Nm
