【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
B
解析
暂无解析
相关试题
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
A. SHA
B. IPSec
C.
D. ES
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
推荐试题
【多选题】
我国农业社会主义改造的主要特点和经验是___
A. 积极引导农民组织起来,走互助合作道路
B. 遵循自愿互利、典型示范和国家帮助的原则
C. 正确分析农村的阶级和阶层状况,制定正确的阶级政策
D. 坚持积极领导、稳步前进的方针,采取循序渐进的步骤
【多选题】
我国社会主义改造的主要经验有___
A. 社会主义工业化建设和社会主义改造同时并举
B. 积极引导,逐步过渡的方式
C. 用和平方法进行改造
D. 和平赎买,消灭阶级,改造个人
【多选题】
社会主义基本制度确立的重大意义是___
A. 为当代一切发展进步奠定了社会基础
B. 使广大劳动人民真正成为了国家的主人
C. 使占世界人口四分之一的东方大国进入了社会主义社会
D. 在一个经济文化落后的东方大国顺利的实现从新民主主义到社会主义的转变
【单选题】
1956 年社会主义改造基本完成后,我国社会的主要矛盾是___
A. 工人阶级和农民的矛盾
B. 工农与知识分子的矛盾
C. 中国人民与美帝国主义的矛盾
D. 人民日益增长的物质文化需要同落后的社会生产之间的矛盾
【单选题】
社会主义改造任务基本完成后,全国人民的主要任务是___
A. 进行思想战线上的社会主义革命
B. 坚持无产阶级专政下继续革命
C. 开展社会主义道路和资本主义道路的决战
D. 集中力量发展社会生产力
【单选题】
毛泽东《论十大关系》的报告明确了建设社会主义的根本思想是___
A. 把国内外一切积极因素调动起来
B. 必须根据自己的国情走自己的道路
C. 照着马克思的话走下去
D. 以苏联为借鉴
【单选题】
毛泽东在《论十大关系》的讲话中确定了一个基本方针,就是___
A. 照抄照搬苏联模式不符合中国的国情,需要积极探索适合中国特点的社会主义建设道路
B. 我国的社会主义建设刚刚开始,我们没有自己的经验,必须认真学习苏联的经验
C. 努力把党内党外、国内国外的一切积极因素,直接的、间接的积极因素全部调动起来
D. 必须正确处理人民内部的矛盾问题
【单选题】
社会主义改造基本完成后,国家政治生活的主题是___
A. 探索本国建设社会主义道路
B. 不断解决仍然存在的敌我矛盾
C. 正确处理人民内部矛盾
D. 生产力和生产关系的矛盾
【单选题】
社会主义社会是否还存在矛盾?如果存在会是什么性质的?应该如何解决?对这一系列问题第一个作出回答的是___
A. 马克思
B. 恩格斯
C. 列宁和斯大林
D. 毛泽东和他领导的集体
【单选题】
“两类不同性质的矛盾”理论是社会主义社会矛盾学说的重要内容之一。这两类不同性质的矛盾是指___
A. 基本矛盾和主要矛盾
B. 敌我矛盾和人民内部矛盾
C. 国内矛盾和国际矛盾
D. 经济利益矛盾和政治立场矛盾
【单选题】
毛泽东提倡的中国特色的企业管理制度被称为“鞍钢宪法”。其主要内容可以概括为___
A. 两参一改三结合
B. 鼓足干劲,力争上游
C. 兼顾国家,生产单位和个人的利益
D. 统筹兼顾,全面安排,综合平衡
【单选题】
在社会主义改造还未结束时,毛泽东就提出要实现马克思主义与中国实际的“第二次结合”,探索中国自己的社会主义建设道路。那么第一次结合是指___
A. 马克思主义与中国革命的实际相结合,探索中国式的革命道路
B. 马克思主义与中国半殖民地半封建社会的实际相结合,探索中国的资本主义现代化
C. 马克思主义与中国传统文化相结合,形成中国化的马克思主义文化
D. 马克思主义与中国儒家传统治国理政思想相结合,建立中国式的君主立宪制国家
【单选题】
社会主义又可分为两个阶段,第一个阶段是不发达的社会主义,第二个阶段是比较发达的社会主义。后一个阶段可能比前一段需要更长的时间。这一提法最早出自___
A. 恩格斯
B. 斯大林
C. 毛泽东
D. 刘少奇
【单选题】
和毛泽东几乎同时提出“四个现代化”的思想,并被毛泽东吸收其主要内涵,形成我国社会主义建设初期提出的“四个现代化战略”的是___
A. 刘少奇
B. 周恩来
C. 邓小平
D. 张闻天
【单选题】
社会主义改造完成后,关于正确处理人民内部矛盾,在国家、集体和个人三方面利益关系上,毛泽东提出的方针是___。
A. 团结—批评—团结
B. 统筹兼顾、适当安排
C. 百花齐放、百家争鸣
D. 平等、团结、共同繁荣
【单选题】
社会主义改造完成后,毛泽东指出___是社会主义国家政治生活的主题。
A. 创造良好社会环境和政治环境的问题
B. 走工业化道路的问题
C. 提高社会生产力发展的问题
D. 正确处理人民内部矛盾的问题
【单选题】
毛泽东探索中国社会主义建设道路第一个标志性的重要理论成果是___
A. 《论人民民主专政》
B. 《论十大关系》
C. 《关于正确处理人民内部矛盾的问题》
D. 《关于目前的形势与任务》
【单选题】
年 4-5 月,毛泽东先后在中共中央政治局扩大会议和最高国务会议上作的《论十大关系》报告中指出“最近苏联方面暴露了他们在建设社会主义过程中的一些缺点和错误,他们走过的弯路你还想走?过去,我们就是鉴于他们的经验教训,少走了一些弯路,现在当然更要引以为戒”,这表明以毛泽东为主要代表的中共党员___
A. 实现了马克思主义同中国实际的第二次结合
B. 开始探索自己的社会主义建设道路
C. 开始找到自己的一条适合中国的路线
D. 已经突破社会主义苏联模式的束缚
【单选题】
毛泽东同志在《论十大关系》的报告中确定了党关于社会主义建设的一个极为重要的基本方针是___
A. 工业化建设和社会主义三大改造
B. 调动一切积极因素为社会主义事业服务
C. 从落后的农业国转变为先进的工业国
D. 以农立国
【单选题】
成为全党探索中国社会主义建设道路先声的文章,是毛泽东的___
A. 《论人民民主专政》
B. 《关于正确处理人民内部矛盾的问题》
C. 《纪念孙中山先生》
D. 《论十大关系》
【单选题】
关于经济体制和运行机制改革,陈云提出了___的思想
A. “两参一改三结合”
B. “三个主体、三个补充”
C. 建立“适合于我国情况和人民需要的社会主义的市场”
D. 既反保守又反冒进、在综合平衡重稳步前进
【单选题】
党的“八大”为我国全面进行社会主义建设和党的建设指明了方向。党的八大做出正确决策的基础是___
A. 对国内主要矛盾的分析
B. 全国人民建设社会主义的热情很高
C. 全国土地革命的完成
D. 社会主义建设总路线的制定
