【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
推荐试题
【多选题】
全党要更加自觉地增强___,既不走封闭僵化的老路,也不走改旗易帜的邪路,保持政治定力,坚持实干兴邦,始终坚持和发展中国特色社会主义。
A. 道路自信
B. 理论自信
C. 制度自信
D. 文化自信
【多选题】
增强党内政治生活的___,自觉抵制商品交换原则对党内生活的侵蚀,营造风清气正的良好政治生态。
A. 政治性
B. 时代性
C. 原则性
D. 战斗性
【多选题】
弘扬___等价值观,坚决防止和反对个人主义、分散主义、自由主义、本位主义、好人主义,坚决防止和反对宗派主义、圈子文化、码头文化。
A. 忠诚老实
B. 公道正派
C. 实事求是
D. 清正廉洁
【多选题】
全党同志特别是高级干部要把___作为根本政治担当。
A. 对党忠诚
B. 为党分忧
C. 为党尽职
D. 为民造福
【多选题】
着力解决一些基层党组织___问题。
A. 弱化
B. 虚化
C. 空心化
D. 边缘化
【多选题】
全党全国各族人民要紧密团结在党中央周围,高举中国特色社会主义伟大旗帜,锐意进取,埋头苦干,为实现推进现代化建设、完成祖国统一、维护世界和平与促进共同发展三大历史任务,为___继续奋斗!
A. 决胜全面建成小康社会
B. 夺取新时代中国特色社会主义伟大胜利
C. 实现中华民族伟大复兴的中国梦
D. 实现人民对美好生活的向往
【多选题】
中国共产党的性质是___。
A. 中国工人阶级的先锋队
B. 中国人民和中华民族的先锋队
C. 中国特色社会主义事业的领导核心
D. 代表中国先进社会生产力的发展要求、代表中国先进文化的前进方向、代表中国最广大人民的根本利益。
【多选题】
党坚持___、注重预防的方针,建立健全惩治和预防腐败体系,坚持不懈地反对腐败,加强党风建设和廉政建设。
A. 标本兼治
B. 惩罚兼施
C. 综合治理
D. 惩防并举
【多选题】
党要适应改革开放和社会主义现代化建设的要求,坚持___,加强和改善党的领导。
A. 科学执政
B. 民主执政
C. 公平执政
D. 依法执政
【多选题】
开展“两学一做”学习教育的主要内容包括___。
A. 学党章党规
B. 学系列讲话
C. 做合格党员
D. 做优秀党员
【多选题】
要不断增强党的___,确保我们党永葆旺盛生命力和强大战斗力。
A. 政治领导力
B. 思想引领力
C. 群众组织力
D. 社会号召力
【多选题】
新时代中国共产党的历史使命,就是统揽___,在全面建成小康社会的基础上全面建成社会主义现代化强国,实现中华民族伟大复兴。
A. 伟大斗争
B. 伟大工程
C. 伟大事业
D. 伟大梦想
【多选题】
党的领导是中国特色社会主义制度的最大优势,因为___。
A. 党是中国特色社会主义制度的创建者
B. 党的领导是充分发挥中国特色社会主义制度优势的根本保障
C. 党的自身优势是中国特色社会主义制度优势的主要来源
D. 党一直坚持政治建设、思想建设、组织建设、作风建设、纪律建设
【单选题】
写请示必须___
A. 用“请示报告”这个文种.
B. 一文一事
C. 注明办理期限
D. 用“报告”这个文种
【单选题】
文件的成文日期,指___
A. 负责人签发的日期
B. 文件用印日期
C. 文件发出日期
D. 领导人签署文件正本日期
【单选题】
某同学在学习计划中写道:我在本学期内,除了课堂知识外,还要大量学习计算机___
A. 该同学学习热情高,应该予以鼓励
B. 该学习计划脱离实际,难以实现,应当修改
C. 学习计划是给教师看的,与实际无关
D. 世上无难事,只要肯登攀.
【单选题】
判定文件主送机关的依据是___
A. 机关级别层次的高低
B. 是否对文件承担主办或答复的责任
C. 是否具有直接的上下级关系
D. 是否是本系统内的机关
【单选题】
“公告”根据《党政机关公文处理工作条例》适用于.___
A. 向国内外宣布重要事项或者法定事项.
B. 公布社会有关方面应当遵守或者周知的事项
C. 对重要事项或者重大行动做出安排
D. 宣布施行重大强制性行政措施
【单选题】
应标识签发负责人姓名的文件一般是___
A. 上行文
B. 平行文
C. 下行文
D. 越级行文
【单选题】
向下级机关的重要行文,应抄送___
A. 直接上级机关
B. 其他下级机关
C. 同级机关
D. 业务主管机关
【单选题】
签发人标识用于___
A. 所有的公文
B. 上行文
C. 平行文
D. 下行文
【单选题】
下列在请示中的结束语得体的是___
A. 以上事项,请尽快批准!
B. 以上所请,如有不同意见,请来函商
C. 所请事关重大,不可延误,务必于本月10日前答复。
D. 妥否,请批复。
【单选题】
发文字号中的“序号”___
A. 能编虚位、但不能加“第”字
B. 不能编虚位、一般不加“第”字
C. 不能编虚位、可以加“第”字
D. 能编虚位、也能加“第”字
【单选题】
函的结尾语不可用___
A. 此致敬礼
B. 请予批复
C. 专此改函
D. 感谢支持
【单选题】
传达会议事项一般用___
A. 命令
B. 决定
C. 会议纪要
D. 通知
【单选题】
计划由于内容等方面的不同,往往选用不同的名称,本单位,本部门以长远成近期的工作任务作粗线条的、非正式的安排,计划的名称应用___
【单选题】
下列计划标题拟定恰当的一-项是___
A. 2005年X x职业学院招生工作计划
B. XX职业学院2005年招生工作计划
C. XX职业学院招生工作计划(2005年)
D. x X职业学院招生工作2005年计划
【单选题】
计划中提出的任务与要求。是指将要完成的任务的___
A. 数量、质量、程度、时间期限
B. 人力,物力、财力,时间的安排
C. 指标、程度和时间的分配
D. 依据、指显思想、详细步骤
【单选题】
假如计划在标题后或在标题下用括号加注“草案”、“初稿”、“讨论稿” 字样,说明这项计划___
A. 未经作者同意
B. 未经上级批准
C. 没有经过正式讨论,还不成熟
D. 未经作者修改抄正
【单选题】
计划的灵魂和总纲是___
A. 前言
B. 任务和目标
C. 步骤和措施
D. 标题
【单选题】
一般来说计划前言部分写___
A. 任务要求
B. 制订计划的指导思想
C. 希望和号召
D. 措施和步骤
【单选题】
《某省卫生系统2005年工作总结》属于___
A. 公文式标题
B. 新闻式标题
C. 双标题
D. 复合型标题
【单选题】
总结的开头包括的内容,下列不准确的一项是___
A. 时间、重要背景
B. 经过的概况
C. 事例的具体分析
D. 事情的结果
【单选题】
调查报告在格式上没有固定的要求,一般包括___
A. 标题、前言、时间、地点
B. 标题、前言、主旨.地点
C. 标题、前言、主体、结尾
D. 标题、前言、规律、结论.
【单选题】
调查报告使用___
A. 第一人称
B. 第二人称
C. 第三人称
D. 综合运用以上三种
【单选题】
调查报告的表达方式采用___
A. 叙述抒情
B. 叙述议论
C. 叙述说明
D. 说明议论
【单选题】
下列发文字号正确的是___
A. 鲁政[20135]号
B. (2013) 鲁政字第5号
C. 鲁政[二0一三]五号
D. 鲁政[2013]05号
【单选题】
下列文种中属于法定公文的是___
A. 计划
B. 简报
C. 通报
D. 调查报告
【单选题】
下列哪种公文的使用频率最高___
A. 调查报告
B. 请示
C. 公告
D. 通知
【单选题】
应在公文首页标注签发人的是___
A. 上行文
B. 平行文
C. 下行文
D. 所有公文
