【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
推荐试题
【判断题】
按照《合同法》规定,当事人订立、履行合同,应当遵守法律、行政法规,尊重社会公德,不得扰乱社会经济秩序,损害社会公共利益
【判断题】
按照《合同法》规定,当事人订立合同,应当具有相应的民事权利能力和民事行为能力。当事人不可以委托他人订立合同
【判断题】
按照《合同法》规定,当事人订立合同,有书面形式、口头形式和其他形式。法律、行政法规规定采用书面形式的,应当采用书面形式。当事人约定采用书面形式的,应当采用书面形式
【判断题】
按照《合同法》规定,采用合同书形式订立合同,在签字或者盖章之前,当事人一方已经履行主要义务,对方接受的,该合同成立
【判断题】
按照《合同法》规定,当事人双方都违反合同的,先违约方承担责任
【判断题】
按照《合同法》规定,借款的利息不得预先在本金中扣除。利息预先在本金中扣除的,应当按照实际借款数额返还借款并计算利息
【判断题】
按照《合同法》规定,借款人未按照约定的借款用途使用借款的,贷款人可以停止发放借款、提前收回借款或者解除合同
【判断题】
甲与乙双方订立了一份买卖合同,合同约定甲向乙交付1部车,价款为20万元;乙向甲支付定金5万元,余下款项由乙在半年内付清。双方还约定,在乙向甲付清购车款之前,甲保留该车的所有权。甲向乙交付了车。依据《中华人民共和国合同法》规定,假设在购车款付清之前,车被偷了,该损失由甲承担
【判断题】
甲与乙订立了一份买卖合同,合同约定甲向乙交付1头猪,价款为2000元;乙向甲支付定金500元,余下款项由乙在半年内付清。双方还约定,在乙向甲付清购猪款之前,甲保留该猪的所有权。甲向乙交付了猪。依据《中华人民共和国合同法》规定,假设在购猪款付清之前,猪生下一头小猪,该小猪所有权归乙
【判断题】
甲公司与乙公司达成口头协议,由乙公司在一年之内供应甲公司20吨木材原料。依据《中华人民共和国合同法》规定,双方当事人签订的合同有法律效力
【判断题】
甲公司为开发新项目,向乙公司借款D万元,月息1%,借期1年。由于甲公司项目开发不顺利,到期无法偿还乙公司的借款。但乙公司得知丙单位曾向甲公司借款120万元,并准备还款,甲公司让丙单位不用还款。于是,乙公司向法院起诉,请求甲公司以丙单位的债权来偿还借款。依据《中华人民共和国合同法》规定,乙公司可以行使代位权
【判断题】
甲公司与乙公司签订一份买卖钢材的合同,约定甲公司应在合同生效后15日内向卖方乙公司支付50%的预付款,乙公司收到预付款后5日内发货至甲公司,后者收到货物验收后即结清余款。乙公司收到甲公司50%预付款后3日内即发货至甲公司。但甲公司认为钢材质量不符合合同约定,遂及时通知乙公司并拒绝支付余款。依据《中华人民共和国合同法》规定,甲公司拒绝支付余款是不合法的
【判断题】
某商店一款首饰进价为3000元,但商店工作人员误将其标价写成800元。客户发现该首饰物美价廉,于是购买了三套共2400元。几天后,商店发现标价错误,遂要求该客户补交差额,或退回首饰并由商店退还2400元。该客户拒绝商店要求。商店向法院起诉,提出上述要求。依据《中华人民共和国合同法》规定,商店的诉讼请求符合法律规定的
【判断题】
甲租赁公司与乙公司签订了融资租赁合同,约定由甲租赁公司按照乙公司的要求,从国外购买设备2台租给乙公司使用,租期3年。两个月后设备运达某港口,但由于购买人是甲租赁公司,所以运单上载明的收货人是甲租赁公司。乙公司去提货时遭拒绝,急忙电告甲租赁公司解决,但甲租赁公司以承租人为租赁物的接受人为由,未及时派人前往港口提货,后来乙公司通过别的办法提取了设备,但耽误了提货期限导致被港口罚款20万元。依据《中华人民共和国合同法》规定,甲租赁公司应承担责任,向乙公司赔偿罚款20万元
【判断题】
某汽车制造商于2013年初经铁路某站托运5辆汽车,收货人为某汽车销售商。货物到站后,车站前后多次通知某汽车销售商领取货物,某汽车销售商既不拒绝也不领取。随后车站又通知托运人某汽车制造商前来处理,托运人也未前来处理。到2013年底,某汽车制造商才来车站要求提取货物。车站根据规定核收保管费。依据《中华人民共和国合同法》规定,保管费应由汽车销售商支付
【判断题】
按照《中华人民共和国反洗钱法》规定,对符合大额交易的规定标准的金融机构内部交易,应作为大额交易上报
【判断题】
《金融机构大额交易和可疑交易报告管理办法》下列用语的含义:“频繁”系指交易行为营业日每天发生3次以上,或者营业日每天发生持续5天以上
【判断题】
按照《中华人民共和国反洗钱法》规定,检查可疑交易人员少于2人或者未出示执法证和检查通知书的,金融机构无权拒绝检查
【判断题】
按照《中华人民共和国反洗钱法》规定,提前偿还贷款,与其财务状况明显不符,不属于可疑交易的范畴
【判断题】
按照《中华人民共和国反洗钱法》规定,证券经营机构通过银行频繁大量拆解外汇资金,属于可疑交易
【判断题】
按照《中华人民共和国反洗钱法》规定,大额交易和可疑交易报告制度是反洗钱的核心内容
【判断题】
国务院反洗钱行政主管部门驻某省派出机构,发现A银行某客户存在可疑交易活动,指派B作为调查人员前往A银行进行调查。B向A银行工作人员出示了其合法证件和国务院反洗钱行政主管部门驻该省派出机构出具的调查通知书。依据《中华人民共和国反洗钱法》规定,因前来调查的人仅有一人,A银行有权拒绝调查
【判断题】
按照《中华人民共和国消费者权益保护法》规定,消费者为生产和生活消费需要购买、使用商品或接受服务、受《消法》保护
【判断题】
按照《中华人民共和国消费者权益保护法》规定,消费者享有自主选择商品或服务的权利
【判断题】
按照《中华人民共和国消费者权益保护法》规定,格式合同可以作出对消费者不公平、不合理的规定
【判断题】
按照《中华人民共和国消费者权益保护法》规定,经营者不得对消费者进行侮辱、诽谤、不得搜查消费者的身体及其携带的物品,不得侵犯消费者的人身自由
【判断题】
按照《中华人民共和国消费者权益保护法》规定,消费者在购买商品或者接受服务时,有权拒绝经营者的强制交易行为
【判断题】
按照《中华人民共和国消费者权益保护法》规定,国家制定有关消费者权益的法律、法规和政策时,应当听取消费者的意见和要求
【判断题】
按照《中华人民共和国消费者权益保护法》规定,消费者或者其他受害人因商品缺陷造成人身、财产损害的,只能向生产者要求赔偿
【判断题】
按照《中华人民共和国消费者权益保护法》规定,消费者组织不得从事商品经营和营利性的服务,不得以牟利为目的向社会推荐商品和服务
【判断题】
按照《中华人民共和国消费者权益保护法》规定,使用他人营业执照的违法经营者提供商品或者服务,损害消费者合法权益的,消费者应向营业执照的原持有人要求赔偿
【判断题】
按照《中华人民共和国消费者权益保护法》规定,消费者在展销会上购买商品或接受服务,其合法权益受到损害的,只能向销售者要求赔偿
【判断题】
按照《中华人民共和国刑法》规定,陈某因没有收入来源,以虚假身份证明骗领了一张信用卡,使用该卡从商场购物10余次,金额达3万余元,从未还款,陈某的行为构成诈骗罪
【判断题】
按照《中华人民共和国刑法》规定,贾某在公共汽车上偷了一张信用卡,到商场刷卡购买价值1万元的电器,贾某的行为构成信用卡诈骗罪
【判断题】
处理民事纠纷,应当依照法律;法律没有规定的,可以适用习惯,但是不得违背公序良俗
【判断题】
限制民事行为能力人实施的民事法律行为无效
【判断题】
基于误解实施的民事法律行为,行为人有权请求人民法院或者仲裁机构予以撤销
【判断题】
当事人自民事法律行为发生之日起三年内没有行使撤销权的,撤销权消灭
【判断题】
民事法律行为只可以基于双方或者多方的意思表示一致成立,不可以基于单方的意思表示成立
【判断题】
被撤销的民事法律行为自撤销之时起没有法律约束力
