相关试题
【判断题】
无论是因解散、被撤销还是被宣告破产而终止,商业银行在注销前都必须经过清算。
【判断题】
被冻结的款项在冻结期限内如需解冻,银行可以凭被冻结单位签发的“解除冻结存款通知书”予以解冻。
【判断题】
检查人员少于2人或者未出示合法证件和检查通知书的,银行业金融机构有权拒绝检查。
【判断题】
除非法律、行政法规另有规定,商业银行不得拒绝单位和个人查询、冻结、扣划存款人的存款。
【判断题】
对银行业金融机构的设立、变更、终止申请,银监会决定不批准的,不需要说明理由。
【判断题】
即使没有足够多的相互独立的投资形式,商业银行依然可以通过多样化的投资来分散和降低风险。
【判断题】
经济资本是指商业银行在一定的置信水平下,为了应对未来一定期限内资产的非预期损失而应该持有的资本金。
【判断题】
监管资本是商业银行用于弥补非预期损失的资本。
【判断题】
信用风险通常会影响商业银行资产的流动性,声誉风险通常会影响商业银行负债的流动性。
【判断题】
风险治理是董事会高级管理层、业务条线、风险管理部门之间在风险管理职责方面的监督和制衡机制。
【判断题】
商业银行风险信息数据可以分为外部数据和内部数据两类,其中内部数据是指通过国内的专业数据供应商所获得的数据。
【判断题】
风险限额是根据微观经济形势和整体发展战略所设定的主要风险指标的控制上(下)限。
【判断题】
风险管理制度是银行风险文化的精神核心,也是风险文化中最为重要和最高层次的因素。
【判断题】
企业级风险管理信息系统极为复杂,具有多向交互式、智能化的特点,能够及时、广泛地采集所需要的各种风险信息和数据,并对这些信息进行集中海量处理,以辅助业务部门和风险管理人员作出正确决策。
【判断题】
客户风险预警可分为财务风险预警和非财务风险预警两大类。风险经理应当密切关注企业出现的早期财务,对客户的长期偿债能力高度关注。
【判断题】
商业银行在进行信用风险计量时,如果采用内部评级法高级法,则无需估计违约概率。
【判断题】
在进行保证的时候,无论保证的类型是否相同,保证人所承担的法律责任都依据“法律面前,人人平等”的规则,不得存在不同。
【判断题】
保证人是否愿意履行责任以及保证人是否完全意识到由此可能产生的一系列风险和责任都在对贷款的保证人进行考察的范围之内。
【判断题】
当债务人因种种原因无法按原有合同履约时,为了降低客户违约风险引致的损失,商业银行可以对所有该类贷款进行重组。
【判断题】
按照权利的履约方式,期权可以分为买方期权和卖方期权。
【判断题】
账户划分的监管标准的优点是直接面向风险管理,缺点是可操作性相对较弱。
【判断题】
商业银行只能通过内部损失数据来评估操作风险。
【判断题】
完善的公司治理结构是现代商业银行控制操作风险的基石。
【判断题】
公共利益集团的持续压力/运动,属于政治风险。
【判断题】
商业银行仅需通过监测和分析不同时期自身关键风险指标的变化,就可以为操作风险管理提供早期预警。
【判断题】
商业银行的资金使用应当注意一些因素,如交易对象、时间跨度、还款周期等要素的分布结构,不然会增加流动性风险。
【判断题】
商业银行规模越大、业务越复杂,则利用现金流分析法所获得的流动性风险状况的可信度越高。
【判断题】
风险并不意味真实的损失,已经形成的损失不应该成为风险管理的对象。
【判断题】
在预期收益相同的情况下,投资者总是更愿意投资标准差更小的资产。
【判断题】
在资产组合管理中,如果各项资产的相关性为负,则风险分散效果差;如果相关性为正,则风险分散效果好。
【判断题】
在风险信息处理的过程中,当数据/信息准确性出现问题时,风险管理人员可以直接对风险管理信息进行修正,从而提高风险管理效率。
【判断题】
商业银行与借款人及第三方签订担保协议后,当借款人财务状况恶化、违反借款合同或无法偿还贷款本息时,商业银行可以通过执行担保来争取贷款本息的最终偿还或减少损失。
【判断题】
商业银行信用风险监测是指风险管理者通过各种监控技术,观测固定时间周期(如一年或一个月)内信用风险指标的异常变动,判断其是否已达到引起关注的水平或已经超过阈值。
【判断题】
净额结算对于降低信用风险的作用在于,交易主体只需承担净额支付的风险。
【判断题】
交易对手信用风险是指由于交易对手在合约到期时违约而造成损失的风险。
【判断题】
商业银行一般采用定性和定量相结合的方法来评估操作风险,定性分析方法主要基于对内部操作风险损失数据和外部数据进行分析;定量分析则需要依靠有经验的风险管理专家对操作风险的发生频率和影响程度做出评估。
【判断题】
供电局拉闸限电属于违反监管规定引发的操作风险。
推荐试题
【单选题】
In which configuration do you configure the ip ospf authentication key 1 command?___
A. routing process
B. interface
C. privileged
D. global
【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
【单选题】
What is the actual los privilege level of User Exec mode?___
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
