【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
B
解析
暂无解析
相关试题
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
推荐试题
【判断题】
员工在作业过程中,必须按照安全生产规章制度和劳动防护用品使用规则,正确佩戴和使用劳动防护用品;未按规定佩戴和使用劳动防护用品的,不得上岗作业。( )
A. 对
B. 错
【判断题】
动火作业是指因工作、施工需要使用电焊、气焊(割)、砂轮、电钻等操作时,可产生火焰、火花及炽热表面的临时性作业。( )
A. 对
B. 错
【判断题】
车站公共区域内封条有效期半个月,其余场所封条有效期一个月,封条到期后必须开封检查箱内设施,确认完好后重新贴上封条。( )
A. 对
B. 错
【判断题】
转岗、晋级、返岗(离岗一年以上)人员仅须参加班组(车站)级安全教育培训。( )
A. 对
B. 错
【判断题】
对于新进员工,岗前接受三级安全教育的时间不得少于12学时。( )
A. 对
B. 错
【判断题】
员工离岗半年以上不足一年,重新上岗时,应重新接受第二、三级安全教育;员工离岗一年及以上,重新上岗时,应重新接受以一、二、三级安全教育。( )
A. 对
B. 错
【判断题】
运营分公司安全检查包括日常安全检查、月/年安全检查、重大节假日节前安全检查、专项安全检查等四类。( )
A. 对
B. 错
【判断题】
安全生产事故隐患按可能导致事故的后果及隐患整改的难易程度,事故隐患分为一般事故隐患和较大事故隐患。( )
A. 对
B. 错
【判断题】
新员工、新岗、新职人员必须参加三级安全教育及其他规定的安全教育和培训,经考试合格后,方准上岗作业。特种作业人员必须持有效的特种作业操作证上岗。( )
A. 对
B. 错
【判断题】
未经调度命令,未经车站请点登记,不得擅自进入轨行区作业。在轨行区作业时,应穿荧光服,施工作业区域设好防护。作业前后,应清点作业人数,出清线路,保证设备状态恢复正常。( )
A. 对
B. 错
【判断题】
发生运营事故(事件),按“四不放过”的原则;应采取积极措施,迅速组织救援处理,尽快恢复运营,尽量减少事故(事件)损失。( )
A. 对
B. 错
【判断题】
运营事故(事件)按照事故的性质、损失及对运营造成的影响,分为特别重大事故、重大事故、较大事故、一般事故、一般事件。( )
A. 对
B. 错
【判断题】
车控室钥匙柜/文件柜摆放日常使用钥匙,数量及种类按车站6S定制要求摆放。由值班站长负责保管、交接和办理借用手续;钥匙在使用后必须及时放回固定位置。( )
A. 对
B. 错
【判断题】
非运营分公司员工原则上不得借用票卡,特殊情况确需借用票卡时由所属专业的归口部门来办理借用手续,归口部门负有全面的管理责任。( )
A. 对
B. 错
【判断题】
违反边门管理办法,私自放行人员从边门出入为一级票务违章。( )
A. 对
B. 错
【判断题】
各车站单程票保有量应不低于该车站日均单程票发售量的3倍。( )
A. 对
B. 错
【判断题】
车站站长调换,站长处保管的钥匙均需拆封,重新清点并加封。新、老站长还需根据《车站票务钥匙盘点本》当面核对本站所有的票务钥匙种类和数量后进行交接,交接完毕后在《车站票务钥匙盘点本》备注栏签字确认;如有发生钥匙数量不符的情况,应立即组织调查,并在《车站票务钥匙盘点本》中注明,由新站长在24小时内报站务中心,由站务中心进行处理并上报。( )
A. 对
B. 错
【判断题】
原则上,车站须在车站票务室监控下完成票卡清点、加封工作。( )
A. 对
B. 错
【判断题】
任何时间,票卡只能存放在车站票务室、客服中心、出站闸机、票卡回收箱内,除特殊原因,不得在其它地点放置票卡。( )
A. 对
B. 错
【判断题】
三里街站保洁人员当班期间丢失本人外服卡,按规定,该保洁需缴纳50元补办费用。( )
A. 对
B. 错
【判断题】
票卡交接时若发现票卡有误,按加封数量进行签收。( )
A. 对
B. 错
【判断题】
车站相关人员应严格把关,以“等价赔偿,谁收取谁补还”的原则杜绝非标准币流入。( )
A. 对
B. 错
【判断题】
票务处负责制定收益审核和清分管理相关规章制度和作业流程。( )
A. 对
B. 错
【判断题】
节假日过后,车站须将领用的临时增配备用金在二个工作日内单独解行,并将银行解行回执单交票务处。( )
A. 对
B. 错
【判断题】
没有按规定要求设置或修改AFC系统EOD参数,给票务正常工作造成严重影响的为二类票务事故。( )
A. 对
B. 错
【判断题】
合肥轨道交通专用票卡包括单程票(含普通单程票、预赋值单程票和优惠单程票)、储值票、公务票、纪念票、计次票、纸票、测试票,以及后期根据市场及乘客需要,发行的旅游票等预留票种。( )
A. 对
B. 错
【判断题】
TVM/BOM废票指车站TVM/BOM发售不成功并掉入废票箱(包括掉入设备内)的单程票。( )
A. 对
B. 错
【判断题】
每月25日需对备用金进行一次盘点,根据盘点情况填写于《备用金使用记录本》,当班值班站长、客运值班员签字确认,中心站长于月底前做好复核并签名确认。( )
A. 对
B. 错
【判断题】
每月对上一个月的报表及用完的台账进行一次装箱,并按日期叠放,统一存放在指定地点。( )
A. 对
B. 错
【判断题】
钥匙借用原则为“从哪借,到哪还”、“谁借谁还”、“谁借用,谁管理,谁负责”。( )
A. 对
B. 错
【判断题】
优惠单程票是符合优惠条件的乘客在车站客服中心购买的单程票,包括半价优惠单程票和免费优惠单程票。( )
A. 对
B. 错
【判断题】
遗失轨道交通专用储值类票卡需按照票卡的押金进行补款。( )
A. 对
B. 错
【判断题】
车站备用金每次进出均要做好交接记录,日常备用金使用需在当日报表、《备用金使用记录本》体现。( )
A. 对
B. 错
【判断题】
单程票仅限在发售当站、当日运营期间使用有效。( )
A. 对
B. 错
【判断题】
普通储值票经车站BOM激活后方可在轨道交通线网内使用,出站时扣除当次乘车费用。( )
A. 对
B. 错
【判断题】
各中心站站长为车站备用金的实物责任人,由客运值班员负责日常保管和配发。( )
A. 对
B. 错
【判断题】
车站发现非标准币时,需加封留存车站,待调查完成后三日内上交站务中心,站务中心于10日内统一交于财务处进行缴销。( )
A. 对
B. 错
【判断题】
站务中心通知各站责任人,责任人接到通知无异议,须在三日内(不含通知下发当日)补交短款;若有异议,须在三个工作日内经站务中心反馈票务处,站务中心、票务处共同查询,超过查询期限原则上将不再受理。( )
A. 对
B. 错
【判断题】
现金在运送途中须存放在锁闭的钱箱、配票箱或手推车中,由两名员工(其中至少一名车站当班员工)负责运送并保障运送途中的安全。( )
A. 对
B. 错
【判断题】
将公务票转借、转赠、转让他人使用属违规行为。( )
A. 对
B. 错