【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
推荐试题
【判断题】
大社向下级分社做预制卡凭证库间调拨时,误将机构输入为上级机构,柜员应使用7225卡凭证调拨差错交易对出库的在途卡凭证有差错的进行撤销。
【判断题】
凭证挂失可以由代理人代为办理,但挂失的后续处理必须由客户本人办理。密码密码挂失也可以代理办理,但后续处理必须本人办理。
【判断题】
在老系统中密码不足6位的账号(多为批量代发的存折),在新系统中客户输入密码时需在老密码前加0补足6位。
【判断题】
账户查询密码忘记时无需挂失,可直接使用【7125密码重置】交易实时重置。
【判断题】
密码挂失在全省农信社任一网点均可办理成功。
【判断题】
客户卡6个月未发生业务限制非柜面业务,在做解除控制时客户密码忘记,直接在柜面进行密码挂失及重置即可。
【判断题】
客户在开户时如果柜员输入的是万能手机号码和万能验证码,万能手机号码在系统中不会保存,系统中的手机号码仍然为空,该客户在系统中会被认为是手机未验证客户。
【判断题】
客户因身患重病、行动不便、无自理能力等无法自行前往银行办理挂失、密码重置、销户等业务时,银行可以采取上门服务的方式办理。
【判断题】
内部主任应对网点的交接班制度进行监督管理,督促主管柜员每日营业终了必须对所有当班柜员尾箱进行核查。
【判断题】
甲公司在郑州市郊联社开立保证金账户,并存有资金,因业务需要,想开立存款证明,柜员可以为其办理。
【判断题】
个人账户名称不能修改,若有个人账户名称错误的情况,只能做销户处理。
【判断题】
对于同一自然人作为具体经办人员办理两个以上单位的银行结算账户开立业务的,银行除审核存款人提供的开户证明文件外,应采取回访、实地查访、向公安、工商行政管理部门核实等一项或多项措施进一步核实存款人身份,并重点关注相关账户的支付交易情况。
【判断题】
营业网点应对多人使用同一联系电话号码开立和使用账户的情况进行排查清理,联系相关当事人进行确认。应当变更为账户所有人本人的联系电话(特殊情况除外)。
【判断题】
授权通过后的业务,主管柜员可使用0279复核授权通过任务管理交易进行取消。
【判断题】
默认转存是指与原存期一致的本息转存方式,本息转存指本息转存,存期不可以选择的转存方式。
【判断题】
零存整取业务,客户在存期中途如有漏存,可以在漏存次月补存,若连续两月漏存视同违约,不允许再存入,只能销户处理。
【判断题】
享档档在支取时,存期内遇利率调整,按支取日相应存期整存整取利率计付利息。
【判断题】
目前,个人和对公客户均可以签约批量代发业务。
【判断题】
在系统中银行内部发起的对账户余额的止付称为控制,法定机关发起对账户余额的止付称为冻结,冻结和控制的级别相同。
【判断题】
柜员使用【7632业务验证码查询】交易,输入交易日期和电子印章中镶嵌的业务验证码,即可查询到该业务验证码对应的交易信息。
【判断题】
老系统中的挂失全部移植到新系统中,输原来的挂失编号即可办理挂失后续处理业务。
【判断题】
【1225账户交易明细查询】分为客户查询和非客户查询,客户查询需要输入密码,系统会自动打印电子印章;非客户查询需要授权,不会打印电子印章。
【判断题】
账户几个金额间的逻辑关系为:账户余额-冻结金额-控制金额=可用余额。
【判断题】
存款人申请开立单位银行结算账户时,可由法定代表人或单位负责人直接办理,也可授权他人办理。授权他人代理时,必须有法定代表人或单位负责人出具的授权委托书。
【判断题】
柜员进行现金调剂时,双方柜员必须当场在监控下实行卡把、点数,无误后在系统记账,记账可以延时记账或多次交接后合并记账。
【判断题】
存款人出示居民身份证办理开户业务时,应按照规定通过联网核查公民身份信息系统进行核查,并打印联网核查结果。
【判断题】
专用存款账户是存款人按照法律、行政法规和规章,对其特定用途资金进行专项管理和使用而开立的银行结算账户。
【判断题】
单位定期存款在存期内按存入日挂牌公告利率计付利息,遇利率调整,不分段计息。
【判断题】
对公账户销户时,客户的UKey也需要通过7133交易作废,作废时全部作废选择“是”。
【判断题】
单位定期存款账户和单位活期存款账户一样,也可以用于结算或提取现金。
【判断题】
客户申请解挂的,已收取的挂失手续费不退回客户,并且需要登记《挂失登记簿》并签章。
【判断题】
质押期间存款账户为“质押控制”状态,存款人不得支取,不得挂失。
【判断题】
单位存款账户转入久悬不动户后,账户状态为不收不付。
【判断题】
对私活期存款账户转入睡眠户后,账户状态为不收不付。
【判断题】
被列入久悬不动户或睡眠户管理的账户所有权仍属于存款人,当存款人出具合法拥有账户支配权的证明文件后可办理支取或销户手续。
【判断题】
通过【7317库管尾箱交接】交易进行尾箱交接时,只能单向操作,反向时只能由原交出库管收回。
【判断题】
信用社员工可以保管客户银行卡及密码并替代储户取款。
【判断题】
营业网点必须与客户签订账户管理协议,对账服务协议根据需要可签订也可以不签订。
【判断题】
银行得知存款人已注销或被吊销营业执照的,如存款人超过规定期限未主动办理撤销手续的,银行有权停止其银行结算账户的对外支付,并要求存款人撤销银行结算账户。
【判断题】
对公账户、未通兑的对私账户只能在开户网点办理凭证挂失、密码挂失。