【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
推荐试题
【多选题】
办理注册登记时,属于查验规范的 。 ___
A. :审查合格证或者进口凭证
B. :不属于免检的机动车,审查机动车安全技术检验合格证明
C. :制作机动车标准照片
D. :属于《公告》管理范围的,在有疑问时与《公告》数据比对
【多选题】
在办理机动车登记及相关业务过程中,需要启动嫌疑车辆调查程序的情形是 。___
A. :车辆识别代号或者发动机号码与被盗抢机动车信息库的同类型、同品牌机动车的记录完全相同,或者数字完全相同,或者有被盗抢记录的
B. :车辆识别代号、发动机号码与合格证、进口凭证、行驶证、登记证书或者机动车档案记载不一致的
C. :申请登记前发生交通事故的
D. :与进口机动车核查系统比对,信息重复核对的
【多选题】
初级查验员可以对 进行查验。 ___
A. :小型和微型载客汽车
B. :轻型和微型载货汽车
C. :低速汽车(包括三轮汽车和低速货车)和摩托车
D. :轻型挂车
【多选题】
属于公安机关交通管理部门车辆管理所的查验员必须配备的是 。 ___
A. :照相机
B. :查验工具包
C. :便携式智能查验终端
D. :执法记录仪
【多选题】
刮水器和洗涤器、锁止装置、铰链、手柄、控制器、开关、可拆卸的车辆用的挂接或拖曳装置等装置若不列入车辆长度测量范围,需要满足的条件 。 ___
A. :不具有载货功能
B. :超出车辆前或后端不大于50 mm
C. :边和角的圆角半径不小于5mm
D. :在《公告》备注栏内注明
【多选题】
机动车规格术语分类中载客汽车分为 。 ___
A. :大型载客汽车
B. :中型载客汽车
C. :小型载客汽车
D. :微型载客汽车
【多选题】
汽车安全带应 。 ___
A. :可靠有效
B. :安装位置应合理
C. :宽度大于4cm
D. :固定点应有足够的强度
【多选题】
加装的驾驶辅助装置安装应 。 ___
A. :牢固可靠
B. : 应在指定机构安装
C. : 位置应适宜操纵
D. : 不应与车辆的其他操纵指示系统冲突或妨碍车辆其他操纵指示系统的操作
【多选题】
低速汽车是 的总称。 ___
A. :三轮汽车
B. :低速货车
C. :载货汽车
D. :城市客车
【判断题】
《机动车查验工作规程》规定了机动车查验员资格管理、查验项目和查验工作要求以及公安机关交通管理部门对机动车安全技术检验进行监督的工作要求
【判断题】
办理机动车业务时,查验员依据道路交通安全法律法规和相关标准确认机动车
【判断题】
客车和危险货物运输车配备的灭火器应在使用有效期内,不应出现欠压失效等情形,配备数量应符合GB7258等相关标准的要求
【判断题】
申领、补领机动车登记证书的机动车,对车辆外廓尺寸、整备质量、轮胎规格等主要特征和技术参数存在疑问时,应增加查验
【判断题】
查验员在查验机动车时,应佩带全省统一式样的证卡,按照规定使用便携式查验智能终端和执法记录仪,依法依规履行相关法律法规、技术标准赋予的职责
【判断题】
查验车辆外廓尺寸时,应使用量具测量相关尺寸参数
【判断题】
查验不合格的机动车复检合格时,查验员在《机动车查验记录表》对应的位置签字并签注日期;复检仍不合格的,不签注
【判断题】
注册登记查验时,按照实车核定车身颜色;变更车身颜色时,按实车核定车身颜色
【判断题】
注册登记查验时,对实行《公告》管理的国产机动车,载货汽车和专项作业车核定的驾驶室乘坐人数、载客汽车核定的乘坐人数与机动车整车出厂合格证明标明的数值应一致且符合《公告》管理的相关规定
【判断题】
残疾人专用汽车应设置符合规定的残疾人机动车专用标志
【判断题】
人工检验的整个检验过程应进行全程摄像记录
【判断题】
插电式混合动力汽车、纯电动汽车(换电式除外)应具有外接充电接口
【判断题】
两轮普通摩托车应配备1个符合GB811的乘员头盔
【判断题】
GB7258-2017涉及实施过渡期的要求,机动车生产厂家提前实施的应视为满足要求
【判断题】
车辆识别代号(或产品识别代码、整车型号和出厂编号)总长度应小于等于200mm,字母和数字的字体和大小应相同
【判断题】
按《机动车查验工具配置要求》,查验箱应配置手锤、长卷尺、平面放大镜、内窥镜、铅锤、砂纸、除锈剂、脱漆剂、手套等工具、物品
【判断题】
注册登记查验时,对残疾人专用汽车,应当查验操纵辅助装置加装合格证明及操纵辅助装置的产品型号和产品编号
【判断题】
注册登记查验时,对实行《公告》管理的国产机动车,车辆外观形状应与《公告》的机动车照片一致
【单选题】
1.铁路线路直线轨距标准为___ mm。J42
【单选题】
2.进站信号机在正常情况下的显示距离不得小于___。J69
A. 400 m
B. 800 m
C. 1000 m
【单选题】
3.高柱出站、高柱进路信号机的显示距离,不得小于___。J69
A. 400 m
B. 800 m
C. 1000 m
【单选题】
4.机车轮对踏面擦伤深度不得超过___ mm。J170
【单选题】
5.车轮踏面上的缺陷或剥离长度不超过40 mm,深度不超过___ mm。J170
【单选题】
6.指挥列车运行的命令(运行揭示调度命令除外)和口头指示,只能由___发布。J231
A. 车站值班员
B. 机车调度员
C. 列车调度员
【单选题】
7.双管供风的旅客列车运行途中改为单管供风时,列车调度员___。J231
A. 须发给司机调度命令
B. 给予司机口头指示
C. 通知车辆乘务员即可
【单选题】
8.编组超重列车时,在中间站应得到___的同意,并均须经列车调度员准许。J247
【单选题】
9.旅客列车列尾装置尾部主机的安装与摘解、风管及电源的连结与摘解,由___人员负责。J254
【单选题】
10.货物列车列尾装置尾部主机的安装与摘解,由___人员负责。J254
【单选题】
11.补机原则上应挂于本务机车的___,在特殊区段或需途中返回时,经铁路局批准,可挂于列车后部。J256
【单选题】
12.单机挂车的辆数,线路坡度不超过12‰的区段,以___辆为限;超过12‰的区段,由铁路局规定。J258
