【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
【单选题】
What aims to remove the abil ity to deny an action?___
A. Non-Repudiation
B. Accountability
C. Integrity
D. Deniability
【单选题】
Which statements about the native VLAN is true ?___
A. It is susceptible to VLAN hopping attacks.
B. It is the Cisco recommended VLAN for switch-management traffic
C. It is most secure when it is a ssigned to vLAn 1.
D. It is the cisco-recomme nded vlan for user traffic
【单选题】
There are two versions of IKE:IKEv1 and IKEv2. Both IKEv1 and IKEv2 protocols operate in phases IKEv1 operates in two phases. IKEv2 operates in how many phases?___
【单选题】
What does the dh group refer to?___
A. length of key for hashing C
B. length of key for encryption
C. tunnel lifetime key
D. length of key for key exchange
E. length of key for authentication
【单选题】
Which path do you follow to enable aaa through the SDM ?___
A. Configure Tasks > AAA
B. Configure > Addition Authentication > AAA
C. Configure > AAA
D. Configure > Additional Tasks > AAA
E. Configure Authentication > AAA
【单选题】
which technology cloud be used on top of an MPLS VPN to add confidentiality ?___
A. IPsec
B. 3DES
C. AES
D. SSL
【单选题】
Which term is most closely aligned with the basic purpose of a SIEM solution? ___
A. Non-Repudiation
B. Accountability
C. Causality
D. Repudiation
【单选题】
You have just deployed SNMPv3 in your environment, Your manager asks you to make sure that our SNMP agents can only talk to the SNMP Manager. What would you configure on your SNMI agents to satisfy this request?___
A. A SNMP View containing the SNMP managers
B. Routing Filter with the SNMP managers in it applied outbound
C. A standard ACL containing the SNMP managers applied to the SNMP configuration
D. A SNMP Group containing the SNMP managers
【单选题】
Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?___
A. BPDU filte
B. DHCP snooping
C. BPDU guard
D. Port Fast
【单选题】
Which command enables port security to use sticky MAC addresses on a switch?___
A. switchport port-security violation restrict
B. switchport port-security mac-address sticky
C. switchport port-security violation protect
D. switchport port-security
【单选题】
When you edit an IPS subsignature, what is the effect on the parent signature and the family of subsignatures?___
A. The change applies to the parent signature and the entire family of subsignatures
B. The change applies to the parent signature and the subsignature that you edit
C. The change applies only to subsignatures that are numbered sequentially after the subsignature that you edit
D. Other signatures are unaffected, the change applies only to the subsignature that you dit
【单选题】
Which type of mechanism does Cisco FirePOWER de ploy to protect ag detected moving across other networks?___
A. antivirus scanning
B. policy-based
C. reputation-based
D. signature-based
【单选题】
What action must you take on the ise to blacklist a wired device?___
A. Locate the switch through which the device is connected and push an a cl restricting all access by the device
B. Issue a CoA request for the de vice's mac address to each access switch in the network
C. Revoke the device's certificate so it is unable to authenticate to the network
D. Add the device's MAc address to a list of black listed devices
【单选题】
Which type of firewall can perform deep packet inspection?___
A. packet-filtering firewall
B. stateless firewall
C. application firewall
D. personal firewall
【单选题】
What is the main purpose of Control Plane Policing?___
A. to prevent exhaustion of route-proce ssor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
【单选题】
Which attack can be prevented by OSPF authentication?___
A. smurf attack
B. IP spoofing attack
C. denial of service attack
D. buffer overflow attack
【单选题】
What is the best definition of hairpinning?___
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters one interface on a device and that exits through another interface
C. traffic that enters and exits a device through the same interface
D. traffic that tunnels through a device interface
推荐试题
【判断题】
流水日志由管理网点自行保管2年,每年2月底前报上年日志清单壹份给总行相关管理部门备案,支行保管期满后可按相关规定申报集中销毁处理。
【判断题】
保险柜密码副本密封后,由网点指定专人保管。紧急情况下启用,须经支行分管行长批准,并做好登记。
【判断题】
目前我行取款机和存取款一体机能受理所有银联标识卡的取款业务,存取款一体机能受理本行卡(折)存款业务
【判断题】
目前我行取款机、存取款一体机和自助服务终端能受理所有银联标识卡的取款业务。
【判断题】
自助设备清机一个星期最少清钞两次,两次清钞间隔时间不能超过四天。
【判断题】
若出现长短款当日是节假日则可以先报告上级并延期至工作日再处理长短款。
【判断题】
无需打开钞箱的情况下无需双人进入自助设备机房
【判断题】
确定长短款及金额后,除在《自助设备管理登记簿》中做好差错登记外,还要在当日按照我行长短款相关处理规定在27700101科目挂账,待查明原因再作处理,严禁长款寄库、短款空库、以长补短。
【判断题】
自助设备管理网点(包括离行式自助网点)须每日对自助设备进行吞没卡的巡查,包括国家法定休息日。
【判断题】
境外个人经常项目项下非经营性结汇单笔等值5万美元以上的,应将结汇所得人民币资金直接划转至交易对方的境内人民币账户。
【判断题】
对个人结汇和境内个人购汇实行年度总额管理,为每人每年等值5万美元。
【判断题】
我行目前只开展结售汇业务,结售汇牌价一日一价。
【判断题】
当日累计最高可以直接提取等值1万美元(含1万美元)的外币现钞。
【判断题】
个人年度总额内购汇、结汇、可以委托其直系亲属代为办理;超过年度总额的购汇、结汇以及境外个人购汇,必须本人凭相关证明材料办理。
【判断题】
境内个人是指持有中华人民共和国居民身份证、军人身份证件、武装警察身份证件、港澳居民来往内地通行证的中国公民。
【判断题】
我行目前不仅开展结售汇业务,同时开展外汇买卖业务。
【判断题】
个体工商户自行办理贸易外汇收支和结售汇的,可通过个人结算账户办理,不受个人结售汇年度总额限制。
【判断题】
金融机构办理服务贸易跨境人民币收支业务,应当将审查后的交易单证作为业务档案留存5年备查。
【判断题】
我行不得为企业办理90天以上(含)的延期付款业务,不得为企业办理收支日期间隔超过90天(含)的转口贸易外汇收支业务。
【判断题】
企业贸易外汇收入应当先进入我行直接以该企业名义开立的出口收入待核查账户 。
【判断题】
出口收汇进入待核查账户后,需要结汇或者划出的,企业需向我行提交加盖公章的结汇或划出申请资料。
【判断题】
对于退汇日期与原付款日期间隔在180天(不含)以上或由于特殊情况无法按照本条规定办理退汇的,企业应当先到外汇局办理贸易外汇业务登记手续。
【判断题】
出口收入待核查账户的收入范围限于企业贸易外汇收入(不含转口贸易收入,不含出口贸易融资项下境内金融机构放款及境外回款)。
【判断题】
我行为企业办理贸易付汇的退汇结汇或划转时,境外付款人应当为原收款人、境内收款人应当为原付款人。对于因错误汇出产生的退汇,应当审核原支出申报凭证;对于其他原因产生的退汇,应当审核原支出申报单证、原进口合同。
【判断题】
在办理服务贸易售付汇业务审核时,应当审核相关证明材料原件(明确指明复印件的除外),并在原件上注明售付汇日期、金额,加盖业务公章,留存复印件二年备查。
【判断题】
办理单笔等值5万美元(含)以下的服务贸易售付汇业务,金融机构原则上可不审核交易单证,但对于资金性质不明确的售付汇业务,金融机构应要求境内机构和境内个人提交交易单证进行合理审查。
【判断题】
代理进口业务应当由代理方付汇,委托方可凭委托代理协议将外汇划转给代理方,也可由代理方办理购汇。
【判断题】
外汇法规中没有列明的售付汇项目,需经外汇管理局审核真实性后,我行经办人员方可办理售付汇。
【判断题】
属非贸易项下的收汇入账时应审核相关材料后入经常项目账户,结汇时需填写《经常项目账户结汇申请书》,无需进行名录核查。
【判断题】
服务贸易项下退汇:按照原汇入或汇出资金交易性质规定的交易单证和整个退汇过程的相关说明或证明材料,退汇金额不得超过原汇入或汇出金额,且原路汇回.
【判断题】
经营机构应按照规定为开户人办理账户的开立、使用、变更及撤销手续,监督开户人按外汇局核定的收支范围、使用期限、账户限额等使用账户。
【判断题】
境内直接投资前期费用基本信息登记时,前期费用登记金额每一投资项目原则上不得超过等值30万美元,如遇特殊情况或确实有实际需要超过30万美元的,外国投资者需至后续设立的外商投资企业注册地外汇局申请(外汇局按个案业务集体审议制度处理)办理。
【判断题】
对于已经在外汇局资本项目信息系统中登记备案的信息,经营机构如需调整或修正,应及时与当地外汇局联系并按照相关数据申报要求重新报送。
【判断题】
经营机构应通过审核外汇局资本项目信息系统中的登记信息和额度控制等信息,在审核业务登记凭证和相关业务真实性证明材料后,方可为市场主体办理直接投资项下账户开立和资金汇兑等后续业务,包括利润、红利汇出或汇回业务。
【判断题】
经营机构为开户主体办理直接投资账户原币划转资金划入时,应确认划入资金是否符合相应账户收入范围,并与开户主体核对该笔资金交易的划出信息以确认交易准确性;对不符合账户收入范围及境内划转规定,或经核实划转错误的,划入行应将资金原路汇回。
【判断题】
外商投资企业外汇资本金可实行意愿结汇,意愿结汇是指外商投资企业资本金账户中经外汇局办理货币出资权益确认的外汇资本金可根据企业的实际经营需要在银行办理结汇。
【判断题】
在实行外汇资本金意愿结汇的同时,外商投资企业不得选择按照支付结汇制使用其外汇资本金。
【判断题】
直接投资项下账户内资金可以用现钞存入。
【判断题】
外商投资企业在我行办理外国投资者境外汇入、境内划转资本金业务(其他货币形式出资不办理出资入账登记)后,经营机构应及时(原则上不超过5个工作日)通过外汇局资本项目信息系统办理货币出资入账登记。
【判断题】
我行系统内转贴现业务只有买断式系统内转贴现业务,无回购式系统内转贴现业务。
