【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
A. SHA
B. IPSec
C.
D. ES
【单选题】
What is the actual los privilege level of User Exec mode?___
A. 1
B. 0
C. 5
D. 15
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
【多选题】
crypto ipsec trans form-set myset esp-md5-hmac esp-aes-256,What are two effects of the given command?___
A. It configures authentication use AES 256.
B. It configures authentication to use MD5 HMAC
C. It configures authentication use AES 256.
D. It configures encryption to ase MD5 HMAC.
E. It configures encryption to use AES 256
【多选题】
your security team has discovered a malicious program that has been harvesting the CEos email messages and the com pany 's user database for the last 6 months. What are two possible types of attacks your team discovered?___
A. social activism
B. EPolymorphic Virus
C. advanced persistent threat
D. drive-by spyware
E. targeted malware
【单选题】
以下关于数据处理的叙述中,不正确的足___。
A. :数据处理不仅能预测不久的未来,自时还能影响未
B. :数据处理和数据分析可以为决策提供真知灼见
C. :数据处理的重点应从技术角度去发现和解释数据蕴涵的意义
D. :数据处理足从现实世界到数据,冉从数据到现实世界的过程
【单选题】
“互联网十制造”是实施《中国制造2025》的重要措施。以下对“互联网十制造”主要特征的叙述中,不正确的是___。
A. :数字技术得到普遍应用,设计和研发实现协同与共享
B. :通过系统集成,打通整个制造系统的数据流、信息流
C. :企业生产将从以用户为中心向以产品为中心转型
D. :企业、产品和用户通过网络平台实现联接和交互
【单选题】
信息技术对传统教育方式带来了深刻的变化。以下叙述中,不正确的是___。
A. :学习者可以克服时空障碍,实现随时、随地、随愿学习
B. :给学习者提供宽松的、内容丰富的、个性化的学习环境
C. :通过信息技术与学科教学的整合,激发学生的学习兴趣
D. :教育信息化的发展使学校各学科全部转型为电子化教育
【单选题】
厂参加技能考核的女工有___人。
A. :16
B. :18
C. :20
D. :24
推荐试题
【单选题】
新车执行末班车跟跑计划前,需经___审批同意,并在计划申报时同步提交审批材料。
A. 运营设施设备管理部
B. 运营公司
C. OCC
D. 运营管理部
【单选题】
需突破行车安全防护措施、施工审批规定的施工,需经___审批同意,并在计划申报时同步提交审批材料。
A. 运营设施设备管理部
B. 运营公司
C. 运营管理部
D. OCC
【单选题】
16号线的人工作业日安排在每周___。
A. 一、四
B. 二、五
C. 三、六
D. 四、日
【单选题】
接触轨线路,车场管辖范围内,入场信号机至接触轨末端的接触轨停送电施工,纳入___施工。
A. 车场轨行区
B. 正线轨行区
C. 供电维修区
D. 设备维修区
【单选题】
动车施工与人工施工在同一线路同时作业时,人工施工与动车施工的安全防护距离应不小于___。
A. 2站1区间
B. 1站2区间
C. 1站1区间
D. 1站
【单选题】
施工过程中存在距离接触网小于( )或可能存在小于___时,应申请接触网停电,并注明停电范围、是否挂设接地线。
A. 0.5m
B. 1m
C. 1.5m
D. 2m
【单选题】
工程车编组顶部距离接触网小于___时,应申请接触网停电。
A. 15cm
B. 20cm
C. 25cm
D. 30cm
【单选题】
除___的特殊施工外,单项施工计划不得含有不同类型、跨专业的施工内容
A. 运管中心
B. 集团指定
C. 维保中心
D. 运营公司
【单选题】
施工登记时,施工负责人应携带经审批通过的施工计划单及有效身份证件,在施工的计划开始时间前___min抵达登记站。
A. 10
B. 15
C. 20
D. 30
【多选题】
施工违规考核流程如下___。
A. 发生施工违规情况后,由施工管理工作小组在施工周计划会前,向责任单位下达[违规施工作业通知单]
B. 违规责任单位施工管理部门接到[违规施工作业通知单]后,可在3个工作日内对施工违规情况进行调查,并向施工管理工作小组提交施工违规情况说明、整改措施和责任方处理决定
C. 违规责任单位对违规施工情况存有异议,可在施工周计划会后3个工作日内填写[违规施工作业申诉单],由各责任单位施工管理部门审核签章后,提交施工管理工作小组
D. 施工管理工作小组在收到申诉后,2个工作日内完成复查
E. 施工管理工作小组将最终违规统计纳入次周的施工管理周报
【多选题】
周考核指标考核流程为___。
A. 施工管理工作小组牵头召开每周施工周计划会
B. 公布各单位上周施工指标完成情况
C. 施工单位若对周考核指标存有异议,可在施工周计划会后2个工作日内向施工管理工作小组申诉
D. 施工管理工作小组收到申诉后,1个工作日内完成复查
E. 施工管理工作小组在施工周计划会后3个工作日内发布施工管理周报
【多选题】
在施工各环节中有发生下列情形之一,后果未构成严重违规的,应认定为一般违规___。
A. 违规申报施工计划,未产生安全风险
B. 未按节点时间要求申报施工计划
C. 实际施工作业区域不足计划申报区域的2/3
D. 擅自动用与施工作业无关的设施设备
E. 造成运营列车晚点5 min以上
【判断题】
在车站的端头门/屏蔽门/安全门以外的区域也属于车站施工范围
A. 对
B. 错
【判断题】
接触轨区域管控区是指在接触轨区域内,距离接触轨防护罩外缘小于或等于700 mm范围的区域,同时包括接触轨上方的空间范围
A. 对
B. 错
【判断题】
施工登记手续完成后,施工负责人应落实施工安全防护措施
A. 对
B. 错
【判断题】
入轨站是指正线轨行区的人工施工时,施工实施时进入轨行区的车站
A. 对
B. 错
【判断题】
造成部分运营线路中断或车站停用的施工属一级重大施工
A. 对
B. 错
【判断题】
临时计划须在施工当日21:00前向维保公司调度指挥室申报
A. 对
B. 错
【判断题】
运营期间,影响出入场作业的施工,不安排在运营高峰时段和运营列车计划出入场时段
A. 对
B. 错
【判断题】
信号调试类动车施工、专项演练类动车施工,可选择OCC作为登记、注销点
A. 对
B. 错
【判断题】
不少于2列动车在同一线路同时作业时,相邻动车施工的安全防护距离应不小于2站1区间或1站2区间
A. 对
B. 错
【判断题】
需触网供电的动车施工与接触网停电施工在同一侧线路同时作业时,动车施工所在的触网供电区段与接触网停电区段的安全防护距离应不小于1个带电的触网供电区段
A. 对
B. 错
【判断题】
接触轨线路的电客车开行区域及作业区域应申请接触轨送电
A. 对
B. 错
【判断题】
施工过程中存在距离接触网小于1 m或可能存在小于1 m时,应申请接触网停电,并注明停电范围、是否挂设接地线
A. 对
B. 错
【判断题】
涉及中央ATS软件倒换、升级施工与其他动车施工不得同时安排
A. 对
B. 错
【判断题】
动车施工组织的过程中,OCC调度员应对施工负责人进行施工作业区域内道岔位置、锁闭方式等进路准备情况的交底
A. 对
B. 错
【判断题】
施工登记时,施工负责人应告知车站值班员施工下区间人数等信息
A. 对
B. 错
【判断题】
正线轨行区域只包括正线上下行[地面段线路两侧至隔离护栏]、折返线、存车线、渡线
A. 对
B. 错
【判断题】
施工登记、注销点应在施工作业区段内的OCC车站,也可以是施工作业区域外的车站作为登记、注销点
A. 对
B. 错
【判断题】
多点作业施工只能在主站办理登记、注销,不得办理异地注销
A. 对
B. 错
【判断题】
车场生产区域包括站场、各类库房、试车线、牵出线、入场信号机往车场方向的出入场线、信号楼、设备用房、办公用房及公共区域等车场生产区域
A. 对
B. 错
【判断题】
车场非自管区施工可分为封锁线路施工、部分线路封锁施工、不封锁线路施工
A. 对
B. 错
【判断题】
车场内调车及上试车线属于调车/试车作业,不纳入施工范围
A. 对
B. 错
【判断题】
车场自管区域施工指自管区域物理范围内进行的不影响车场行车及场内行车安全的施工
A. 对
B. 错
【判断题】
凡需要封锁线路的施工、为防止列车错误进入封锁区,均应设置行车防护
A. 对
B. 错
【判断题】
停车库内的停车股道涉及接触网停电的登高作业,即使两侧无固定隔离设施,也无需申请相邻两股道接触网一并停电
A. 对
B. 错
【判断题】
车站施工不包括在正线轨行区车站端头门外延伸通道的巡视类施工
A. 对
B. 错
【判断题】
审批车站重大施工和日常检修施工时,按照谁先申报谁优先的原则,不应区别对待
A. 对
B. 错
【判断题】
涉及软硬件升级施工,只允许在非运营时段进行
A. 对
B. 错
【判断题】
车站计划申报时,1天的时间定义为:4:00至次日的4:00
A. 对
B. 错