【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
A. 4
B. 3
C. 2
D. 5
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
推荐试题
【判断题】
锯弓有固定式和可调式两种
A. 对
B. 错
【判断题】
磨削过程中,操作者应站在砂轮的正对面,而不要站在侧面或斜对面
A. 对
B. 错
【判断题】
锯条一般用工具钢或合金钢制成,并经淬火和高温回火处理。锯条规格用锯条两端安装孔之间距离表示,并按锯齿齿距分为粗齿、中齿、细齿三种
A. 对
B. 错
【判断题】
细齿锯条适用锯削软材料和截面较大的零件。粗齿锯条适用于锯削硬材料和薄壁零件
A. 对
B. 错
【判断题】
安装锯条时,锯齿方向必须朝后,锯条绷紧程度要适当
A. 对
B. 错
【判断题】
锯削时推力和压力由右手控制,左手压力不要过大,主要应配合右手扶正锯弓,锯弓向前推出时加压力,回程时不加压力,在零件上轻轻滑过
A. 对
B. 错
【判断题】
锯削时最好使锯条全部长度参加切削,一般锯弓的往返长度不应小于锯条长度的 2/3
A. 对
B. 错
【判断题】
锯条开始切入零件称为起锯。起锯方式有近起锯和远起锯
A. 对
B. 错
【判断题】
起锯时要用左手拇指指甲挡住锯条,起锯角约为 15°。锯弓往复行程要短,压力要轻,锯条要与零件表面垂直
A. 对
B. 错
【判断题】
钳工操作时工具、夹具、量具应放在指定地点,严禁乱堆乱放;应顾及前后左右,并保持一定的距离,以免碰伤他人
A. 对
B. 错
【判断题】
砂轮机是用来刃磨钻头、錾子等刀具或其他工具的常用设备
A. 对
B. 错
【判断题】
砂轮起动后,应等砂轮旋转平稳后再开始磨削,若发现砂轮跳动明显,应及时停机修整
A. 对
B. 错
【判断题】
粗锉刀适用于加工余量小、精度要求高和表面粗糙度值较小的工件
A. 对
B. 错
【判断题】
新锉刀应一面用钝后再用另一面
A. 对
B. 错
【判断题】
交叉锉法一般适用于作粗锉,精锉时必须采用顺向锉,使锉痕变直纹理一致
A. 对
B. 错
【判断题】
A. 对
B. 错
【判断题】
锉刀是锉削的主要工具,锉刀主要用合金钢制成
A. 对
B. 错
【判断题】
锉刀按齿纹分为单齿纹和双齿纹。单齿纹锉刀的齿纹只有一个方向,与锉刀中心线成70°,一般用于锉硬金属,如铜、锡、铅等
A. 对
B. 错
【判断题】
锉刀按断面形状可分成:板锉(平锉);方锉;三角锉;圆锉;半圆锉等
A. 对
B. 错
【判断题】
普通锉刀的规格一般是用锉刀的长度,齿纹类别和锉刀断面形状表示的
A. 对
B. 错
【判断题】
锉削过程中,两手用力也时刻在变化。开始时,左手压力大推力小,右手压力小推力大。随着推锉过程,左手压力逐渐减小,右手压力逐渐增大
A. 对
B. 错
【判断题】
锉刀往复运动速度一般为80 次/min~90 次/min,推出时慢,回程时可快些
A. 对
B. 错
【判断题】
锉削平面的方法有 3 种:顺向锉法、交叉锉法、推锉法
A. 对
B. 错
【判断题】
锉削平面时,锉刀要按一定方向进行锉削,并在锉削回程时稍作平移,这样逐步将整个面锉平
A. 对
B. 错
【判断题】
检验工具有刀口形直尺、90°角尺、游标角度尺等。刀口形直尺、90°角尺可检验零件的直线度、平面度及垂直度
A. 对
B. 错
【判断题】
检验时,如果刀口形直尺与零件平面透光强弱不一,则该零件平面度合格;如果透光微弱而均匀,则说明该零件平面凹凸不平
A. 对
B. 错
【判断题】
可在刀口形直尺与零件紧靠处用塞尺插入,根据塞尺的厚度即可确定平面度的误差
A. 对
B. 错
【判断题】
钳工加工孔的方法一般指钻孔、扩孔和铰孔
A. 对
B. 错
【判断题】
一般情况下,孔加工刀具都应同时完成两个运动:主运动,即刀具绕轴线的旋转运动;进给运动,即刀具沿着轴线方向对着零件的直线运动
A. 对
B. 错
【判断题】
麻花钻是钻孔的主要刀具。麻花钻用低速钢制成,工作部分经热处理淬硬。麻花钻由钻柄、头部和工作部分组成
A. 对
B. 错
【判断题】
钻头颈部是磨削工作部分和钻柄时的退刀槽。钻头直径、材料、商标一般刻印在颈部
A. 对
B. 错
【判断题】
钻头导向部分经铣、磨或轧制形成两条对称的螺旋槽,用以排除切屑和输送切屑
A. 对
B. 错
【判断题】
钻孔钻削用量包括钻头的钻削速度或转速和进给量。钻削用量受到钻床功率、钻头强度、钻头耐用度和零件精度等许多因素的限制
A. 对
B. 错
【判断题】
钻孔前先用样冲在孔中心线上打出样冲眼,用钻尖对准样冲眼锪一个小坑,检查小坑与所划孔的圆周线是否同心(称试钻)
A. 对
B. 错
【判断题】
用扩孔钻或钻头扩大零件上原有的孔叫扩孔。孔径经钻孔、扩孔后,用铰刀对孔进行提高尺寸精度和表面质量的加工叫铰孔
A. 对
B. 错
【判断题】
攻螺纹是用丝锥加工出外螺纹
A. 对
B. 错
【判断题】
丝锥是加工小直径内螺纹的成形工具,它由切削部分,校准部分和柄部组成
A. 对
B. 错
【判断题】
丝锥切削部分和校准部分一般沿轴向开有 1~2条容屑槽以容纳切屑,并形成切削刃和前角γ 切削部分的锥面上铲磨出后角α
A. 对
B. 错
【判断题】
常用高碳优质工具钢或高速钢制造,手用丝锥一般用 T12A或 9SiCr制造
A. 对
B. 错
【判断题】
双手转动铰手,并横向加压力,当丝锥切入零件 1~2 牙时,用直尺检查丝锥是否歪斜,如丝锥歪斜,要纠正后再往下攻
A. 对
B. 错