【单选题】
Which about nested policy maps in a zone-based firewall is true ?___
A. They are limited to two leve ls in a hierarchical policy
B. Parent policies are previously defined policies that are defined by using the service policy command
C. A child policy is a new policy that uses a pre-existing policy.
D. A child policy is a new that uses a pre-existing policy
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
In which configuration do you configure the ip ospf authentication key 1 command?___
A. routing process
B. interface
C. privileged
D. global
【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
A. SHA
B. IPSec
C.
D. ES
【单选题】
What is the actual los privilege level of User Exec mode?___
A. 1
B. 0
C. 5
D. 15
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
推荐试题
【多选题】
员工会员准入条件包括___
A. 河南省农村信用社在岗员工;
B. 经统一认证平台认证通过的人员;
C. 未受过刑事处罚的人员;
D. 已退休员工。
【多选题】
下列关于委托清收说法正确的有___
A. 受托人应采取合法手段进行不良贷款清收,原则上不得直接收取还贷资金.
B. 受托人如确需收取现金时,应向资产处置机构提出申请,并在2个工作日内将所收款项转入资产处置机构指定账户中。
C. 委托清收期间开始伊始,资产处置机构要建立资金专户用于接收受托人清收回的资金。
D. 委托清收实行合同制,《委托清收协议》生效后,不管该笔不良贷款由何人以何种方式收回,受托人仍拥有获得原定报酬的权利。
E. 委托清收结束后资产处置机构应对债务人和担保人进行回访,验证现金收回金额和贷款结欠余额,防范受托人收回资金不入账、随意承诺减免本息等道德风险。
【多选题】
下列关于信息发布说法正确的有___
A. 信息发布按类型分为找人和找资产。
B. 资产处置机构可以发布其他机构委托的信息征集。
C. 在发布信息征集前,资产处置机构应已完成对债务人或担保人的起诉,并取得生效的判决书、裁定书、调解书、仲裁书等有效的法律文书。
D. 发布债务人或担保人信息时,债务人或担保人为自然人的,身份证号应隐藏后八位,居住地范围最小至乡/镇级。
E. 两人以上提供相同线索的,应当按照提供线索的先后顺序奖励。
【多选题】
下列属于买受人竞得不买违规行为的是___。
A. 买受人竞得标的后未在资产处置机构要求的时间内支付剩余价款;
B. 资产转让中是否为成交不买,不以竞价成功或交易成功状态为准,以线下手续交割为准;
C. 买受人不符合该标的竞买人资质要求的;
D. 交易双方另有约定或资产处置机构原因导致的除外。
【多选题】
平台会员发生___情形的,平台将封锁其账号,并列入黑名单管理。
A. 存在串通围标行为;
B. 发生非法清收行为;
C. 委托清收时存在挪用、占有委托清收贷款资金行为;
D. 存在未尽保密义务行为,给平台参与方造成不利影响;
E. 违反法律、法规及其他规范性文件的。
【多选题】
交易服务商发生___情形的,平台有权将其清退。
A. 与资产处置机构串通交易;
B. 泄露资产处置机构商业秘密信息;
C. 利用交易服务商身份谋取不正当利益;
D. 从事损害平台形象及信誉行为;
E. 存在未尽保密义务行为,给平台参与方造成不利影响;
F. 违反平台管理办法及相关规则规定的。
【多选题】
保证金不予退还包含以下___的情况。
A. 竞买人在竞价过程中违反竞价规则和平台相关规定,扰乱竞价秩序的;
B. 竞买人竞得标的后未在资产处置机构要求的时间内支付剩余价款;
C. 竞买人不符合该标的竞买人资质要求的;
D. 买卖双方另有约定或资产处置机构原因导致的除外。
【多选题】
资产竞价中“中止”与“下架”的主要应用场景包含___
A. 存在违反国家法律法规或其他有关方提出争议情形时;
B. 在资产交易过程中出现违反各项交易规则、细则等相关规定,并妨碍正常交易秩序的;
C. 交易双方及相关主体因纠纷争讼,由仲裁机构(或法院)做出中止和终结决定的。
D. 其他应当撤回处置的情形。
E. 由中止和撤回使用失误原因而产生纠纷,由交易双方协商解决。
【多选题】
抵债资产的接收和处置实行内部审批制度,工作流程包括___。
A. 尽职调查
B. 尽职审查
C. 制订方案
D. 集体审议
E. 权限审批
F. 审计监督
【判断题】
资产管理委员会负责对本行社资产处置业务进行审批
A. 对
B. 错
【判断题】
资产竞价交易平台对机构会员和交易服务商实行资格年审制度
A. 对
B. 错
【判断题】
委托清收竞价开始后,竞价人在资产处置机构公布报酬信息基础上依据自身判断,对报酬减让金额进行竞价
A. 对
B. 错
【判断题】
资产处置机构对有关信息提供者的身份信息应当保密,保护信息提供者的人身安全不受侵犯;征集到的线索信息应只能用于对应债权的清收活动,不能用于其他商业目的
A. 对
B. 错
【判断题】
资产处置机构串通会员影响正常竞价等行为,平台有权强制下架相关标的,同时计违规一次
A. 对
B. 错
【判断题】
竞买人竞得标的后,资产处置机构拒绝以成交价交付标的,妨害竞买人权益的,视为成交不卖,资产处置机构返还竞买人参与竞价时缴纳的保证金及违约损失,同时对该机构进行清退
A. 对
B. 错
【判断题】
不良贷款移交后,原贷款经放部门、贷款经放责任人的相应责任不变,需积极配合不良贷款的日常管理和清收处置工作
A. 对
B. 错
【判断题】
在不良贷款移交审查环节,资产管理部门应认真对照不良贷款移交清单,对不良贷款资料的完整性进行审核,对不良贷款责任认定及处理情况进行审核
A. 对
B. 错
【判断题】
在不良贷款移交审批环节,市县行社分管资产管理部门的领导负责对移交事项进行审批
A. 对
B. 错
【判断题】
债权转让坚持公开操作、市场竞价的原则,不可以使用协议转让的处置方式
A. 对
B. 错
【判断题】
自然人类贷款慎重对员工(含退休职工)以外的机构和个人转让处置
A. 对
B. 错
【判断题】
中止和下架使用失误,存在导致流拍、已转账未绑定保证金的竞买人报名失败等风险,由此产生的纠纷由资产处置机构承担
A. 对
B. 错
【判断题】
自然人类贷款不得批量转让
A. 对
B. 错
【判断题】
拟转让资产的原业务经办人员不得作为卖方尽职调查的调查人
A. 对
B. 错
【判断题】
若意向受让方出价均低于转让底价,则由资产管理委员会对转让底价进行调整(调低10%-30%,具体调整幅度由各市县行社根据实际情况自行决定)后重新组织招标工作
A. 对
B. 错
【判断题】
不良资产转让成交价格与账面差额部分由资产管理部门进行核销,由财务会计部门向税务机关备案,进行税前扣除,差额部分纳入账销案存管理
A. 对
B. 错
【判断题】
市县行社开展不良资产非批量转让业务必须通过公开竞价的方式确定受让方
A. 对
B. 错
【判断题】
自然人类不良贷款的受让方须是农信社员工(含退休员工)
A. 对
B. 错
【判断题】
非批量转让最终审批人为市县行社董(理)事会
A. 对
B. 错
【判断题】
抵债资产预估价值下跌的,要根据相关规定,在“财管系统”中计提减值准备
A. 对
B. 错
【判断题】
对未及时采取有效措施而导致丧失诉讼时效,致使主债权或担保债权无法追偿,未在法定时效内申请执行而导致执行时效丧失等情况,要依照相关规定严格追究有关人员责任
A. 对
B. 错
【判断题】
划拨的土地使用权不能单独用于抵偿债务
A. 对
B. 错
【判断题】
在抵债资产价值上升幅度不大的情况下,处置价格高于抵债价格,且取得抵债物时间未超过两年的,可以不进行评估
A. 对
B. 错
【判断题】
只有难以变现物方可采用分期付款方式
A. 对
B. 错
【判断题】
市县行社取得抵债资产时,按抵债资产评估价值作为抵债资产入账价值
A. 对
B. 错
【判断题】
市县行社为取得抵债资产支付的抵债资产欠缴的税费、垫付的诉讼费用和取得抵债资产支付的相关税费计入抵债资产价值
A. 对
B. 错
【判断题】
市县行社应按月对抵债资产逐项进行检查,对预计可收回金额低于其账面价值的,应当计提减值准备
A. 对
B. 错
【判断题】
当采用公开转让方式只产生一个符合条件的意向受让方时,可采用协议转让方式
A. 对
B. 错
【判断题】
批量转让是指各市县行社对3户/项及以上的不良资产进行组包,公开定向转让给资产管理公司的行为
A. 对
B. 错
【判断题】
市县行社审计部门应在核销前对每笔呆账进行责任认定
A. 对
B. 错
【判断题】
以物抵债要通过法院、仲裁机构裁决、协议接受抵债
A. 对
B. 错