【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
推荐试题
【判断题】
混凝土轨枕扣件应经常保持位置正确,轨距挡板应靠贴轨底边
【判断题】
在线路曲线地段,应根据曲线半径和实测行车速度,在外股钢轨合理设置超高
【判断题】
温度应力式无缝线路,一般由固定区、伸缩区、缓冲区三部分构成
【判断题】
缓和曲线与直线连接处不得有反弯或“鹅头”
【判断题】
联结零件把钢轨联结起来,使钢轨接头部分具有与钢轨一样的整体性,以抵抗弯曲和位移
【判断题】
异性接头的联结应使两钢轨工作面轨距线与轨顶最高点水平线都相吻合
【判断题】
轨道维修贯彻“预防为主,防治结合,修养并重”的原则
【判断题】
弹条扣件的弹条中部前端下颏应靠贴轨距挡板或扭矩保持在80~150 N•m
【判断题】
复曲线应在正矢递减范围内,从较大超高向较小超高均匀顺坡
【判断题】
轨距加宽值应在缓和曲线范围内递减,无缓和曲线时,在直线地段递减。递减率不宜大于2‰
【判断题】
滑床板损坏、变形或滑床台磨耗大于5mm时,需及时更换
【判断题】
信号标志顺地铁列车运行方向设于轨道线路左侧
【判断题】
接触网地段需要拨道时,线路中心位置不得超过±30mm,一年单侧累计拨道量不得超过120mm,超过者需经接触网专业配合
【判断题】
曲线两端直线轨向不良,一般应事先拨正,两曲线间直线段较短时,可与两线同时计算、拨正
【判断题】
螺纹道钉改道时,应用木塞填满钉孔,钻孔后旋入道钉,可以锤击螺纹道钉
【判断题】
混凝土枕无缝线路,当轨温在实际锁定轨温减30℃以下时,伸缩区和缓冲区禁止进行维修作业
【判断题】
当发现线路连续出现3~5mm的碎弯时,必须加强巡查(可跟车巡查),观测轨温和线路方向的变化
【判断题】
正线缓冲区轨缝应保持在构造轨缝值范围内,最大不得超过20mm,如轨缝大于规定值,应进行插入短轨头调整
【判断题】
为了满足上面对钢轨使用性能的要求,钢轨断面采用抗弯最佳的“H”字形
【判断题】
为提高钢轨耐磨和抗压性能,应对钢轨进行全长淬火处理
【判断题】
垂直磨耗一般情况下随着轴重和通过总重的增加而增大
【判断题】
每块夹板上的螺栓孔6个,圆形孔与长圆形孔相间
【判断题】
扣板式扣件主要由扣板、螺纹道钉、弹簧垫圈、铁座及绝缘缓冲垫板组成
【判断题】
轨距挡板的作用是调整轨距,传递钢轨的横向水平推力
【判断题】
轨枕上面支承钢轨的部分称为承轨槽,做成1:20的斜面,以适应轨底坡的要求
【判断题】
轨枕底面宽度应同时满足减少道床压力和便于捣固两方面的要求
【判断题】
地面的出入线、试车线和库外线宜采用混凝土枕碎石道床或木枕碎石道床
【判断题】
基底坚实、稳定,排水良好的地面车站地段,可采用整体道床
【判断题】
车场库内线应采用短枕式整体道床。根据检修工艺要求,可采用检查坑整体道床或立柱式道床结构
【判断题】
隧道内和高架桥上的道岔区宜采用短枕式整体道床,车场线道岔宜采用碎石道床
【判断题】
正线、出入线、试车线的整体道床与碎石道床间应设轨道弹性过渡段。同一曲线地段宜采用一种道床型式
【判断题】
正线、联络线、出入线和试车线无缝线路地段碎石道床道砟肩宽不应小于400mm,非无缝线路地段道砟肩宽不应小于300mm
【判断题】
隧道内便用预制的混凝土短枕,先进行拼装,然后进行整体浇筑
【判断题】
道口铺面宽度应与道路路面宽度相同,且应不小于2.5m
【判断题】
双线或单线的制动地段,均易向制动方向爬行
【判断题】
在曲线轨道上横向力的大小,与曲线半径成反比