【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
B
解析
暂无解析
相关试题
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
推荐试题
【单选题】
理想和现实的统一性表现在___。
A. 理想就是现实
B. 有了坚定的信念,理想就能自动变为现实
C. 现实是理想的基础,理想是现实的未来
D. 理想总是美好的,而现实中既有美好的一面,也有丑陋的一面
【单选题】
以下表述正确的是___。
A. 理想是个人对幻想空想的改进
B. 理想源于实践具有实现可能是对未来的向往和追求
C. 理想是永恒的,幻想和空想可以随时间的变化而变化
D. 知识渊博的人具有崇高的理想,而空想幻想则源于无知
【单选题】
一般来说, ___有盲目和科学之分。盲目的信仰就是对虚幻的世界、不切实际的观念、荒谬的理论等的迷信和狂热崇拜,科学的信仰则来自人们对自然界和人类社会发展规律的正确认识。
A. 理想
B. 信仰
C. 信念
D. 意志
【单选题】
新时代中国特色社会主义思想,明确中国特色社会主义最本质的特征是___。
A. “五位一体”总体布局
B. “四个全面”战略布局
C. 人民利益为根本出发点
D. 中国共产党的领导
【单选题】
推动人生自觉活动的力量可能来源人自身内部或外部的许多方面,但其中最根本最持久的是___。
A. 人的素质和品德
B. 人生的修养和境界
C. 人生理想和信念
D. 人生的情感和态度
【单选题】
理想与现实是对立统一的关系。其中统一性体现在___。
A. 理想是“应然”的,现实是“实然”的
B. 理想是观念的,现实是客观的
C. 理想是完美的,现实是有缺陷的
D. 理想来源于现实,在将来又会变成新的现实
【单选题】
爱国主义体现了人们对自己祖国的深厚感情,揭示了个人对祖国的依存关系,是人们对自己的家园以及民族和文化的___、认同感、尊严感与荣誉感的统一。
A. 归属感
B. 自豪感
C. 责任感
D. 荣辱感
【单选题】
“一方水土养一方人”、“禾苗离土即死,国家无土难存”。每一个爱国者都会把“保我国土”、“爱我家乡”、维护祖国领土的完整和统一,作为自己的神圣使命和义不容辞的责任。这体现爱国主义的基本要求为___。
A. 爱祖国的大好河山
B. 爱自己的骨肉同胞
C. 爱祖国的灿烂文化
D. 爱自己的国家
【单选题】
大学生应当珍惜人生中最具创造力的宝贵时期,有敢为人先、开拓进取的___,有逢山开路、遇河架桥的( C ),在创新创造中不断积累经验、取得成果、演绎精彩。
A. 意志 锐气
B. 意识 精神
C. 锐气 意志
D. 精神 勇气
【单选题】
在漫长的历史发展过程中,中华民族形成了___的光荣传统,形成了对外来侵略者无比痛恨、对卖国求荣的民族败类无比鄙视、对爱国志士无比崇敬的宝贵民族性格。
A. 追求进步
B. 维护民族尊严
C. 维护国家主权
D. 以上都是
【单选题】
作为一种政治原则,当代中国的爱国主义主要表现在___上。
A. 献身建设中国特色社会主义事业
B. 献身树立崇高的理想道德信念
C. 全心全意为人民服务
D. 献身建设和保卫社会主义现代化事业和祖国统一的事业
【单选题】
邓小平曾经指出:“港澳、台湾、海外的爱国问题,不能要求他们都拥护社会主义,但是至少也不能反对社会主义的新中国,否则怎么叫爱祖国?”这说明,在当代中国___。
A. 爱国主义与爱社会主义是一致的
B. 爱国主义与拥护祖国统一是一致的
C. 爱国主义与爱中国共产党是一致的
D. 爱国主义与爱马克思主义是一致的
【单选题】
以下正确的说法是___。
A. 科学没有国界,但科学家是有祖国的
B. 科学有国界,科学家也有国界
C. 科学没有国界,科学家也没有国界
D. 科学、科学家跟国界没有任何关系
【单选题】
社会主义核心价值体系主要包括马克思主义指导思想、中国特色社会主义共同理想、以___为核心的民族精神和以( B )为核心的时代精神、社会主义荣辱观。
A. 社会主义 与时俱进
B. 爱国主义 改革创新
C. 爱国主义 团结奋斗
D. 艰苦奋斗 与时俱进
【单选题】
先秦时期就提出了“和而不同”、“和合中庸”、“政通人和”、“天人合一”、“协和万邦”等丰富多彩、意蕴深远的___理念。
A. 重和谐
B. 重伦理
C. 重民本
D. 重爱国
【单选题】
在全面建成小康社会决胜阶段,面对浩浩荡荡的时代潮流,面对人民群众过上更美好生活的殷切期待,无论冲破思想观念障碍,还是打破利益固化藩篱,无论破解发展难题,还是释放改革红利,都需要大力弘扬时代精神。时代精神的核心是___。
A. 保障人权
B. 艰苦朴素
C. 爱好和平
D. 改革创新
【单选题】
改革创新是时代精神的核心,以下不是改革创新精神表现的为___。
A. 突破陈规、大胆探索、勇于创造的思想观念
B. 不甘落后、奋勇争先、追求进步的责任感和使命感
C. 坚忍不拔、自强不息、锐意进取的精神状态
D. 固守经验、步伐稳健、游刃有余的处事风格
【单选题】
在人类历史上,对美好生活和理想社会的向往和追求源远流长。共产党人最崇高的社会理想是___。
A. 实现工业化
B. 实现共产主义
C. 实现民族解放和国家独立
D. 实现人与自然的和谐发展
【单选题】
实践一再证明,在当代中国,人民的团结、社会的安定、民主的发展、国家的统一,都要靠___。
A. 共产党的领导
B. 弘扬时代精神
C. 学习科学文化知识
D. 参与经济全球化
【单选题】
以天下为已任,无论身居何位,都心忧天下,关心国家的命运和民生的苦乐,自觉地把个人的前途和国家的兴衰联系起来,把爱国的思想付诸行动。下列选项中,不能体现这种爱国主义优良传统的有___。
A. “先天下之忧而忧,后天下之乐而乐”
B. “人生自古谁无死,留取丹心照汗青”
C. “知之为知之,不知为不知,是知也”
D. “苟利国家生死以,岂因祸福避趋之”
【单选题】
在伦敦海格特公墓的马克思墓碑上,镌刻着马克思的一句名言:“哲学家们只是用不同的方式解释世界,而问题在于改变世界。”这说明___。
A. 马克思主义是科学又崇高的
B. 马克思主义具有持久的生命力
C. 马克思主义重视实践、以改造世界为己任
D. 马克思主义是一个开放的理论体系
