【单选题】
Which about nested policy maps in a zone-based firewall is true ?___
A. They are limited to two leve ls in a hierarchical policy
B. Parent policies are previously defined policies that are defined by using the service policy command
C. A child policy is a new policy that uses a pre-existing policy.
D. A child policy is a new that uses a pre-existing policy
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
In which configuration do you configure the ip ospf authentication key 1 command?___
A. routing process
B. interface
C. privileged
D. global
【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
A. SHA
B. IPSec
C.
D. ES
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
推荐试题
【多选题】
下列关于委托清收说法正确的有___
A. 受托人应采取合法手段进行不良贷款清收,原则上不得直接收取还贷资金.
B. 受托人如确需收取现金时,应向资产处置机构提出申请,并在2个工作日内将所收款项转入资产处置机构指定账户中。
C. 委托清收期间开始伊始,资产处置机构要建立资金专户用于接收受托人清收回的资金。
D. 委托清收实行合同制,《委托清收协议》生效后,不管该笔不良贷款由何人以何种方式收回,受托人仍拥有获得原定报酬的权利。
E. 委托清收结束后资产处置机构应对债务人和担保人进行回访,验证现金收回金额和贷款结欠余额,防范受托人收回资金不入账、随意承诺减免本息等道德风险。
【多选题】
下列关于信息发布说法正确的有___
A. 信息发布按类型分为找人和找资产。
B. 资产处置机构可以发布其他机构委托的信息征集。
C. 在发布信息征集前,资产处置机构应已完成对债务人或担保人的起诉,并取得生效的判决书、裁定书、调解书、仲裁书等有效的法律文书。
D. 发布债务人或担保人信息时,债务人或担保人为自然人的,身份证号应隐藏后八位,居住地范围最小至乡/镇级。
E. 两人以上提供相同线索的,应当按照提供线索的先后顺序奖励。
【多选题】
下列属于买受人竞得不买违规行为的是___。
A. 买受人竞得标的后未在资产处置机构要求的时间内支付剩余价款;
B. 资产转让中是否为成交不买,不以竞价成功或交易成功状态为准,以线下手续交割为准;
C. 买受人不符合该标的竞买人资质要求的;
D. 交易双方另有约定或资产处置机构原因导致的除外。
【多选题】
平台会员发生___情形的,平台将封锁其账号,并列入黑名单管理。
A. 存在串通围标行为;
B. 发生非法清收行为;
C. 委托清收时存在挪用、占有委托清收贷款资金行为;
D. 存在未尽保密义务行为,给平台参与方造成不利影响;
E. 违反法律、法规及其他规范性文件的。
【多选题】
交易服务商发生___情形的,平台有权将其清退。
A. 与资产处置机构串通交易;
B. 泄露资产处置机构商业秘密信息;
C. 利用交易服务商身份谋取不正当利益;
D. 从事损害平台形象及信誉行为;
E. 存在未尽保密义务行为,给平台参与方造成不利影响;
F. 违反平台管理办法及相关规则规定的。
【多选题】
保证金不予退还包含以下___的情况。
A. 竞买人在竞价过程中违反竞价规则和平台相关规定,扰乱竞价秩序的;
B. 竞买人竞得标的后未在资产处置机构要求的时间内支付剩余价款;
C. 竞买人不符合该标的竞买人资质要求的;
D. 买卖双方另有约定或资产处置机构原因导致的除外。
【多选题】
资产竞价中“中止”与“下架”的主要应用场景包含___
A. 存在违反国家法律法规或其他有关方提出争议情形时;
B. 在资产交易过程中出现违反各项交易规则、细则等相关规定,并妨碍正常交易秩序的;
C. 交易双方及相关主体因纠纷争讼,由仲裁机构(或法院)做出中止和终结决定的。
D. 其他应当撤回处置的情形。
E. 由中止和撤回使用失误原因而产生纠纷,由交易双方协商解决。
【判断题】
竞买人竞得标的后,资产处置机构拒绝以成交价交付标的,妨害竞买人权益的,视为成交不卖,资产处置机构返还竞买人参与竞价时缴纳的保证金及违约损失,同时对该机构进行清退
A. 对
B. 错
【判断题】
若意向受让方出价均低于转让底价,则由资产管理委员会对转让底价进行调整(调低10%-30%,具体调整幅度由各市县行社根据实际情况自行决定)后重新组织招标工作
A. 对
B. 错
