【单选题】
Which statement about command authorization and security contexts is true?___
A. If command authorization is configured, it must be enabled on all contexts.
B. The change to command invokes a new context session with the credentials of the currently
C. AAA settings are applied on a per-context basis
D. The enable. 15 user ang admins with chang to permission ha e dfferent command authorization levels pertontext
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
B
解析
暂无解析
相关试题
【单选题】
Which command do you enter to enable authentication for OSPF on an interface?___
A. router(config-if)#ip ospf message-digest-key 1 md5 CIS COPASS
B. router(config-if)#ip ospf authentication message-digest
C. router(config-if)#ip ospf authentication-key CISCOPASS
D. router(config-if)#area 0 authentication message-digest
【单选题】
What feature defines a campus area network?___
A. It has a single geographic location
B. It lacks external connectivity.
C. It has a limited number of segments.
D. It has limited or restricted Internet access
【单选题】
Which type of attack most commonly involves a direct attack on a network?___
A. :phishing
B. Trojan horse
C. denial of service
D. social engineering
【单选题】
What information does the key length provide in an encryption algorithm?___
A. the cipher block size
B. the hash bloc k size
C. the number of permutations
D. the packet size
【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
A. SHA
B. IPSec
C.
D. ES
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
推荐试题
【简答题】
三月检车门检查中,如何检查S1、S3行程开关外观及其紧固状态?(摘自三月检规程)
(1)在开门状态下,外观无损坏;
(2)检查行程开关安装螺栓防松线清晰无错位;
(3)检查行程开关夹紧圈,要求夹紧圈齐全、无损伤;检查摆臂滚轮的状态,要求滚轮齐全无松脱;
(4)在门打开或关闭的过程中,行程开关S1接线与丝杆螺母无干涉;
(5)检查S1、S3安装座无裂纹,铰链臂上的压簧动作灵活,无卡滞、无断裂,推杆螺母防松线清晰无错位。
【简答题】
长沙轨道交通1号线空气制动系统由哪些组成?(摘自车辆检修工教材)
答:主要由供风装置、制动控制设备、基础制动装置、悬挂装置、升弓模块、轮缘润滑供风装置、车钩操作装置等部件组成。
【简答题】
EBCU 是基于微处理器的电子控制单元,EBCU主要有哪些功能?(摘自车辆检修工教材)
答:EBCU 有以下功能:
1)常用摩擦制动控制
2)制动力管理
3)故障诊断
4)网络通讯
5)车辆状态指示与通报
【简答题】
LCD显示屏的播放模式有哪些?(摘自维修手册)
答:(1)全部播放来自于地面编播中心视频(车地无线系统下传的视频);
(2)全部播放地面数字移动电视的视频;
(4)播放车载预录视频;
(5)播放列车紧急预案。
【简答题】
广播主机机柜包括那些模块?(摘自维修手册)
答:(1)广播系统3U机箱
(2)电源模块
(3)MVB模块
(4)录音模块
(5)重联/模拟总线模块
(6)司机室音量调节模块
(7)司机室交换机
(8)PA主控
【简答题】
贯通道的主要功能。(摘自维修手册)
答:(1)、为相邻两节车厢之间的乘客提供站立、通过的空间
(2)、可以降低外部噪声和热量传递
(3)、作为整列车内的可变形区域,为列车通过曲线时提供可恢复的变形能力
【简答题】
客室侧门接入下列5 条列车线,分别是?(摘自维修手册)
答:(1)零速列车线
(2)门允许列车线
(3)开门列车线
(4)关门列车线
(5)网络硬线切换控制列车线,当“网络硬线切换”开关打到“网络位时”EDCU 车门接受列车网络开关门指令。
【简答题】
客室侧门具有的主要功能有哪些?(摘自维修手册)
答:(1)开、关门功能
(2)障碍物探测功能
(3)车门故障切除功能
(4)紧急解锁功能
(5)车门安全回路及旁路功能
(6)外部操作功能 (每车2 套门)
(7)车门故障显示、存储和诊断功能
(8)单门维护按钮开关门功能 (仅用于维修人员本地操作)
(9)零速保护功能
【简答题】
构架主要功能。(摘自维修手册)
答:(1)、安装转向架部件,如轮对、一系悬挂装置、二系悬挂装置、牵引电机、齿轮箱、牵引装置、基础制动单元、减振器等。
(2)、传递牵引力、制动力和承担车体重量,以及传递各部件产生的作用力。
【简答题】
简述车钩连挂过程。(摘自维修手册)
答:当车钩表面接合时,进入凹锥体的钩舌紧靠对应车钩的钩板。钩板在拉伸弹簧力的作用下旋转,直到钩舌啮合到钩板槽中。锁定后,钩锁在拉伸弹簧的作用下进入连挂位置,车钩锁定。
【简答题】
列车在连挂运行中具有哪些功能? (摘自维修手册)
答:(1)在激活司机室能施加/缓解所有车停放制动;
(2)在任一司机室能对其它司机室进行通信;
(3)在激活司机室能对所有客室进行广播;
(4)在任何司机室可通过操作“紧急”蘑菇按钮对全列车紧急制动。
【简答题】
由于城轨列车运营区间短,启动和制动频繁,城轨车辆制动的特点有?(摘自车辆检修工教材)
答:制动响应快及制动功率大;
车辆制动力根据载荷自动调整;
使用独立牵引电机,适于采用电制动;
制动系统安全可靠性要求高;
【简答题】
TCMS具有哪些特点?(摘自维修手册)
答:(1)分布式模块化设计,易于装卸和维修;
(2)采用TCN总线,易于扩展,适应不同形式的列车编组;
(3)通信采用双通道冗余机制,提高系统运行可靠性;
(4)智能人机界面显示,提升系统可用性;
(5)机械连接采用特殊设计,电气接触优良,抗电磁干扰性能高。
【简答题】
TCMS 系统采用模块化设计,分为不同的功能模块,分别是?(摘自维修手册)
答:模拟量输入输出模块(AXMe)、数字量输入模块(DIMe)、数字量输入输出模块(DXMe)、事件记录模块(EDRM)、人机接口元(HMI)、中继模块 (REP)、车辆控制模块(VCMe)、远程通讯模块RCMe
【简答题】
TCMS 主要完成的控制功能有?(摘自维修手册)
答:(1)司机室激活控制;
(2)方向控制;
(3)紧急牵引控制;
(4)空电联合制动控制;
(5)保持制动控制;
(6)安全连锁控制;
(7)空调启动控制;
(8)扩展供电功能控制;
(9)压缩机控制;
(10)限速控制。
【简答题】
HMI 是TCMS 的显示终端设备,是司机和维护人员操作列车的窗口,具备哪些功能?(摘自维修手册)
答:(1)信息显示。向车辆驾驶人员和维护人员提供车辆综合信息,各设备的工作状态,故障信息的综合与处理等功能。
(2)参数设定。对轮径值、列车重量、站点、时间日期等参数进行更改与设定。
(3)数据转储。通过 USB 接口,将故障信息转储地面进行统计、分析。
【简答题】
VCMe 是TCMS 的核心模块,具备哪些功能?(摘自维修手册)
答:(1)车辆级过程控制。执行诸如牵引/制动控制、空电联合控制和空调顺序启动等一系列控制功能;
(2)通信管理。具有多功能 MVB 的管理能力,并且能够进行被动的主权转移功能。
(3)显示控制。与 HMI 显示有关的数据传输。
(4)故障诊断。状态数据、故障数据的采集处理,并通过 HMI 报告司机。
【简答题】
牵引电传动系统包括哪些设备:(摘自维修手册)
答:能耗记录仪箱、高压电器箱、线路电抗器、制动电阻箱、牵引逆变器箱、牵引电机、司控器、避雷器等设备。
辅助电源系统主电路的组成:(摘自维修手册)
【简答题】
答:辅助电源主电路包括以下部分:受电电路、输入滤波电路、电容器充放电电路、IGBT 逆变电路、输出变压器、交流滤波电路、输出接触器、信号检测电路、直流电源电路。
简述牵引逆变器的保护功能。(摘自维修手册)
【简答题】
长沙地铁1号线列车传动控制单元DCU 机箱内部插件有:(摘自维修手册)
(1)、开关电源(PWR)
(2)、数字入出(DIO)
(3)、系统通信与管理(SMC)
(4)、电机控制单元(MCU)
(5)、信号处理单元(SPU)
(6)、辅助处理单元(APU)
(7)、脉冲转换单元(PCU)
【简答题】
在双周检作业中,空调系统需进行那些作业内容。(摘自双周检规程)
答:(1)更换混合空气过滤网滤芯;清洁混合空气过滤网框架;清洁新风金属过滤网,如有损坏则更换。
(2)清洁窥视镜,并观察液体管路窥视镜里的湿度显示正常。
(3)检查主回路、控制回路电气插头。
(4)检查冷凝风机单元功能、外观及紧固状态。
(5)检查空调冷凝腔盖板;送风腔、蒸发腔盖板;轴销。
(6)作业完成后检查各盖板锁、压板状态。
【简答题】
兆欧表测量前的检查要注意哪些项点?(摘自电工基础)
答:(1)将兆欧表开路,摇动发电机手柄到额定转速指针应指在“∞”位置。
(2)将“电路”、“接地”两接线柱短路,缓慢转动发电机手柄,指针应指向“0”位置。
【简答题】
在三月检作业中,如何检查司机台下灭火器状态。(摘自三月检规程)
答:(1)压力指针不在红色区域内,保险插销及铅封完好,灭火器固定牢固、绑带锁扣牢固、绑带无打结;
(2)瓶身、喷头、软管、把手无破损。
【简答题】
请详细说出年检检查车下设备箱各电器部件的作业标准和要求(摘自年检规程)
答:(1)车下辅助设备箱安装螺钉紧固,防松线清晰无错位,箱体及支架无变形、裂纹,箱盖安装紧固、挂耳无断裂,锁闭良好;
(2)各电器设备齐全,无损坏,安装紧固;
(3)各电器接线紧固,手动进行紧固;
(4) 清洁箱体内灰尘;
(5) 箱体内外各接线插紧固,接线插紧固螺钉无松动。
【简答题】
在偶数次三月检作业中,制动电阻箱需要做哪些检查?(摘自三月检规程)
答:(1)检查制动电阻箱体及安装
(2)检查制动电阻箱控制盒及电缆状态
(3)清洁制动电阻进出风口
(4)检查制动电阻风扇
(5)检查箱体上各种标志、标签
【简答题】
在日检作业时,如何进行外部照明检查?(摘自日检规程)
答:(1)方向手柄置“零”位,本端红色运行灯、尾灯亮;
(2)方向手柄置“前”位,本端头灯、白色运行灯亮;
(3)方向手柄置“后”位,本端头灯、尾灯及运行灯亮;
(4)将头灯旋钮开关分别置“近光”、“远光”位,对应远光灯、近光灯分别亮;
(5)目视检查各灯罩无丢失、无裂纹。
【简答题】
静调电源柜送电操作顺序。
答:(1)、静调电源柜电缆接头接到车间电源插座。
(2)、合上车辆的列车激活开关。
(3)、合上静调电源柜总控电源开关。
(4)、打开电子锁使静调电源柜控制回路得电。
(5)、按下合闸按钮,送电。
