【单选题】
How do you verify TaCACS+ connectivity to a device?___
A. You successfully log in to the device by using the local credentials
B. You connect via console port and receive the login prompt.
C. You connect to the device using SSH and receive the login prompt.
D. You successfully log in to the device by using ACS credentials
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
D
解析
暂无解析
相关试题
【单选题】
Which term best describes the concept of preventing the modification of data in transit and in storage?___
A. availability
B. confidentially
C. fidelity
D. integrity
【单选题】
Which loS command is used to define the authentication key for ntp?___
A. switch(config )#ntp authentication-key 1 mds Clcs
B. switch(config )#ntp authenticate
C. switch(config)#ntp trusted-key 1
D. switch(config)#ntp source 192.168.0.1
【单选题】
What is true about the cisco lOS Resilient Configuration feature ?___
A. The feature can be disabled through a remote session
B. There is additional space required to secure the primary cisco lOS image file.
C. The feature automatically detects image or configuration version mismatch.
D. Remote storage is used for securing files
【单选题】
When is the default deny all policy an exception in zone-based firewalls?___
A. when traffic terminates on the router via the self zone
B. when traffic traverses two interfaces in different zones
C. when traffic traverses two interfaces in the same zone
D. when traffic sources from the router via the self zone
【单选题】
.If an access port is assigned as an isolated port in a PVLAN, which network ports can it communicate with?___
A. promiscuous ports in the same PLVAN
B. isolated ports in the same PVLAN
C. all ports in the same PAVLAN at ILAR
D. all ports in the adjacent PVLAN
【单选题】
Which IPSEC mode is used to encypt traffic directly between a client and a server VPN endpoint?___
A. quick mode
B. transport mode
C. aggressive mode
D. tunnel mode
【单选题】
Which command do you enter to verify that a vpn connection is established between two endpoints and that the connection is passing traffic? ___
A. Firewall#sh crypto session
B. Firewall#debug crypto isakmp
C. Firewall#tsh crypto ipsec sa
D. Firewall#sh crypto isakmp sa
【单选题】
which type of Pvlan port allows communication from all port types?___
A. isolated
B. in -line
C. community
D. promiscuous
【单选题】
Which command do you enter to configure your firewall to conceal internal addresses?___
A. no ip directed-broadcast
B. no ip logging facility
C. no proxy-arp
D. no ip inspect audit-trial
E. no ip inspect
F. route
【单选题】
Which feature defines a campus area network? ___
A. It has a limited number of segments.
B. It has limited or restricted Internet access
C. It lacks ex1ternal connectivity.
D. It has a single geographic location
【单选题】
What technology can you use to provide data confidentiality data integrity and data origin authentication on your network?___
A. IPSec
B. Certificate Authority
C. IKE
D. Data
E. ncryption Standards
【单选题】
which standard is a hybrid protocol that uses oakley and skerne ke y exchanges is an ISAKMP framework?___
A. SHA
B. IPSec
C.
D. ES
【单选题】
What is the effect of the asa command crypto isakmp nat-traversal?___
A. It opens port 500 only on the out side interface
B. It opens port 500 only on the inside interface
C. It opens port 4500 on all interfaces that are IPSec enabled
D. It opens port 4500 only on the out side interfac
【单选题】
Which Fire POWER preproce ssor engine is used to prevent SYN attacks?___
A. Inline normalization
B. IP Defragmentation
C. Ports can
D. etection
【单选题】
Which NAT type allows objects or groups to reference an IP address ?___
A. identity NAt
B. static NAT
C. dynamic
D. dynamic NAT
【单选题】
Which Auto NAT policies are processed first?___
A. Dynamic NAT with longest prefix
B. Dynamic NAT with shortest prefix
C. static NAT with longest prefix
D. static NAT with shortest prefix
【单选题】
Which feature allows a dynamic Pat pool to se lect the next address in the pat pool instead of the next port of an existing address?___
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
【单选题】
Which IPS detection method can you use to detect attacks that are based on the attackers IP address?___
A. anomally-based
B. policy-based
C. signature-based
D. reputation-based
【单选题】
Which type of encryption technology has the broadest platform support?___
A. software
B. middleware
C. file-level
D. hardware
【单选题】
Which type of address translation supports the initiation of comm unications bidirectionally ?___
A. multi-session PAT
B. dynamic NAT
C. dynamic PAT
D. static NAT
【单选题】
Which label is given to a person who uses existing computer scripts to hack into computers while lacking the expertise to write the own?___
A. script kiddy
B. white hat hacker
C. hacktivist
D. phreaker
【单选题】
What is the primary purpose of a defined rule in an IPS?___
A. to configure an event action that takes place when a signature is triggered
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to detect internal attacks
【单选题】
Which option is the default valuce for the Diffie- Hell man group when configuring a site-to-site VPn on an asa device ?___
A. Group 1
B. Group 2
C. Group 5
D. Group 7
【单选题】
Which feature filters CoPP packets?___
A. access control lists
B. class maps
C. policy maps
D. route maps
【单选题】
Which command is used in global configuration mode to enable AAA?___
A. configure-model aaa
B. configure aaa-modelA
C. aaa new-model
D. aaa
E. XEC
【单选题】
Which statement about the given configuration is true?___
A. The single-connection command causes the device to establish one connection for all TACACS
B. The single-connection command causes the device to process one TacAcs request and then move to the next server
C. The timeout com mand causes the device to move to the next server after 20 seconds of TACACS inactive
【多选题】
What are two well-known security terms?___
A. phishing//网络钓鱼
B. ransomware //勒索软件
C. BPDU guard
D. LACP
E. hair-pinning
【多选题】
Which two commands must you enter to securely archive the primary bootset of a device___
A. router(config )#secure boot-config
B. router(config)#auto secure
C. router(config)#secure boot-image
D. router(config)#service passw ord-encryption
【多选题】
Which two functions can SIEM provide ?___
A. correlation between logs and events from multiple systems
B. event aggregation that allows for reduced log storage requirements
C. proactive malware analysis to block malicious traffic
D. dual-factor authentication
E. centralized firewall management
【多选题】
Which two features of Cisco Web Reputation tracking can mitigate web-based threats?___
A. buffer overflow filterin dhsuowip
B. Bayesian filters
C. web reputation filters
D. outbreak filtering
E. exploit filtering
【多选题】
What are two challenges when deploying host- level IPS? ___
A. The deployment must support multiple operating systems.
B. It is unable to provide a complete networ k picture of an attack.
C. It is unable to determine the outcome of e very attack that it detects
D. It does not provide protection for offsite computers
E. It is unable to detect fragmentation attacks
【多选题】
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?___
A. file reputation
B. file analysis
C. signature updates
D. network blocking
【多选题】
Which two statements about host-based iPS solutions are true?___
A. It uses only signature-based polices
B. It can be deployed at the perimeter.
C. It can be have more restrictive policies than network-based IPS
D. it works with deployed firewall
E. It can generate alerts based on be havior at the de sto
【多选题】
When two events would cause the state table of a stateful firewall to be updated? ___
A. when a packet is evaluated against the outbound access list and is denied
B. when a con nection is created
C. when rate-limiting is applied
D. when a connection s timer has expired within the state table.
E. when an outbound packet is forwarded to the outbound interface
【多选题】
Which two characteristics apply to an intrusion Prevention System(IPS)?___
A. Cannot drop the packet on its own
B. Cabled directly inline with the flow of the network traffic
C. Runs in promiscuous mode wat
D. Does not add delay to the original traffic
E. Can drop traffic based on a set of rules
【多选题】
crypto ipsec trans form-set myset esp-md5-hmac esp-aes-256,What are two effects of the given command?___
A. It configures authentication use AES 256.
B. It configures authentication to use MD5 HMAC
C. It configures authentication use AES 256.
D. It configures encryption to ase MD5 HMAC.
E. It configures encryption to use AES 256
【多选题】
your security team has discovered a malicious program that has been harvesting the CEos email messages and the com pany 's user database for the last 6 months. What are two possible types of attacks your team discovered?___
A. social activism
B. EPolymorphic Virus
C. advanced persistent threat
D. drive-by spyware
E. targeted malware
【单选题】
以下关于数据处理的叙述中,不正确的足___。
A. :数据处理不仅能预测不久的未来,自时还能影响未
B. :数据处理和数据分析可以为决策提供真知灼见
C. :数据处理的重点应从技术角度去发现和解释数据蕴涵的意义
D. :数据处理足从现实世界到数据,冉从数据到现实世界的过程
【单选题】
“互联网十制造”是实施《中国制造2025》的重要措施。以下对“互联网十制造”主要特征的叙述中,不正确的是___。
A. :数字技术得到普遍应用,设计和研发实现协同与共享
B. :通过系统集成,打通整个制造系统的数据流、信息流
C. :企业生产将从以用户为中心向以产品为中心转型
D. :企业、产品和用户通过网络平台实现联接和交互
推荐试题
【多选题】
"280.☆☆☆运营管理部辖属三中心内部业务检查基本原则包括()。___
A. 真实性原则
B. 制度性原则
C. 统一性原则
D. 分类管理原则
E. 保密性原则
F. 风险性原则"
【多选题】
"283.☆☆存款人申请办理支付密码器注册、增加账号、删除账号、指定签名支付密码器、同一账号增加支付密码器、更换账号密钥、停用及其启用、挂失、解锁和对账号更换支付密码器等业务时,需向该账户的开户行提交的申请材料有___
A. 书面申请
B. 经办人员身份证明文件
C. 当地人民银行规定的相关证明文件
D. 如非法定代表人或单位负责人办理的,还需提供授权书
E.
F. "
【多选题】
"286.☆☆需要对ITM发生的业务进行人工审核时,主要审核内容包括:()___
A. 客户身份识别
B. 客户登记的信息是否真实有效,包括身份证件有效期、职业、联系方式、联系地址等。
C. 介质状态是否存在异常。
D. 客户的签名是否正确有效。
E. 必须审核的交易信息是否准确。
F. 业务遵循的其他管理要求。"
【多选题】
"287.☆☆为确保业务审核的合规性和有效性,需要对ITM发生的业务进行人工审核时,以下审核人员要求描述正确的选项是:()___
A. 具有行内运营操作资质、持证上岗
B. 由人力资源部任命的路支行行长(包括路支行行长、支行(含营销支行)营业部经理及主持工作的副职)
C. 对于理财类产品营销工作职责,至少须具备零售客户经理上岗证的员工方可履行。
D.
E.
F. "
【多选题】
"288.☆☆☆自助机具ITM的密码、钥匙以及通讯设备的保管和使用要求:()___
A. 自助机具的密码、钥匙须分人掌管,严禁交叉使用。
B. 自助机具密码由一名工作人员专门掌管,并做好密码的保密工作,严禁密码泄漏。
C. 机具密码每三个月或掌管机具密码的管理人员发生变动时须更改。
D. 对于机具已改装动态密码锁的,自助机具钥匙和通讯设备必须分别由专人负责保管、交接,使用后分别存放于专用保险箱保管,不得随意放置。
E. 如机具动态密码锁通过通讯设备向后台实时获取的,机具钥匙和通讯设备必须由两名装清机工作人员分别掌管,严禁交叉使用。
F. "
【多选题】
"289.☆☆☆自助机具ITM的备用密码、备用钥匙管理要求:()___
A. 每台自助机具的密码变更后应留有副本,密码副本必须由二名密码掌管人会同装入信封,并在信封封口上加盖两人的名章(骑缝章)。
B. 每台自助机具的备用钥匙,必须按机具双人会同按要求装入信封,并在信封封口上加盖两人的名章(骑缝章)。
C. 各单位必须每半年核对一次自助机具密码副本、备用钥匙的保管、使用情况。
D.
E.
F. "
【多选题】
"290.☆☆☆以下自助机具ITM装归钞的主要业务操作流程操作描述正确的选项是:()___
A. 双人会同将清点无误后的钞券装入钞箱内
B. 双人会同至机具端做完清机轧账的操作
C. 一人开启机具保险柜密码锁(开启保险柜密码时,另一人的视线必须回避)。
D. 检查无误后,更换新的钞箱,关闭机具保险柜门,在机具中设置装钞信息,另一人复核确认装钞信息设置准确。
E. 装机完毕后,应现场使用银行卡进行取钞测试。
F. "
【多选题】
"291.☆☆ITM业务受理方式包括:()___
A. 全自助服务。客户通过ITM提示,或由网点工作人员指导,自主判断操作动作,自助完成业务全流程办理。
B. “客户自助+行员审核”服务。客户通过ITM申请办理业务,由ITM服务专员现场通过移动终端或ITM设备对客户的身份信息、签约信息、交易内容、电子签名等内容进行审核。
C. “客户自助+行员审核+行员授权”服务。客户通过ITM申请办理的高风险业务,如密码重置等,需通过行员审核和授权双人确认完成交易。
D.
E.
F. "
【多选题】
"292.☆☆以下自助机具ITM重要空白凭证装清机业务操作流程操作描述正确的选项是:()___
A. 自助机具重要空白凭证使用应贯彻号码从小到大的原则
B. 双人会同将准备装入机具的重要空白凭证清点无误
C. 双人会同至机具端做清机轧账的操作
D. 一人开启机具保险柜钥匙锁,并打开保险柜门,另一人开启机具重空保险柜钥匙锁,取出机具内原有的重要空白凭证,并检查机具通道内是否有遗漏凭证,如有须及时取出。
E. 检查无误后,更换重要空白凭证,须按凭证号码顺序摆放,并在机具中设置装入重要空白凭证信息,凭证信息须与凭证号码的先后顺序一致。
F. "
【多选题】
"293.☆☆以下自助机具ITM钞箱现金清点操作流程描述正确的选项是:()___
A. 取回的钞箱如换人清点,则须办妥交接手续
B. 每台机具的钞箱现金(含废钞)清点结束后,必须将点钞设备中及台面上的现金全部拿清归档后,再清点下一台机具的钞箱现金。做到箱箱清、台台清、台面清
C. 钞券清点应在监控录像下进行
D.
E.
F. "
【多选题】
"294.☆☆以下自助机具ITM重要空白凭证清点操作流程描述正确的选项是:()___
A. 取回的重要空白凭证如换人清点,则须办妥交接手续
B. 每台机具的重要空白凭证(含作废)清点结束后,必须将台面上的重要空白凭证全部拿清归档后,再清点下一台机具的重要空白凭证。做到台台清、台面清。
C. 重要空白凭证清点应在监控录像下进行,清点时须核对数量及编号,如在清点中发现不符的,应换人复点及时上报和查明原因,并做好账务处理。
D.
E.
F. "
【多选题】
"295.票据销毁操作流程下列说法正确的是()。___
A. A、至少二名以上监销人员会同进行现场销毁,并在“销毁清册”上签字
B. B、总行运营管理部或各地分运营管理部门负责监销
C. C、销毁完成当日,票据库根据已签字“销毁清册”和“销毁审批表”进行系统操作
D. D、系统控号使用备忘账户付出记账、系统不控号使用“待销毁票据核销出库”交易记账
E.
F. "
【多选题】
"299.☆☆☆票据销毁操作流程下列说法正确的是()。___
A. 至少二名以上监销人员会同进行现场销毁,并在“销毁清册”上签字
B. 总行运营管理部或各地分运营管理部门负责监销
C. 销毁完成次日,票据库根据已签字“销毁清册”和“销毁审批表”进行系统操作
D. 票据库对各单位上缴的待销毁重要空白凭证,应清点核对无误。
E.
F. "
【多选题】
"300.☆☆外库柜员营业终了清点重要空白凭证后可以采用的保管方式是()。___
A. 入柜(箱)上锁
B. 入专箱寄放金库
C. 网点封闭环境内不可移动的双锁钢箱
D. 入网点简易库房
E.
F. "
【多选题】
"301.☆☆各单位与以下客户建立或者维持业务关系前,描述正确的是()___
A. A.与境外金融机构建立代理行或者类似业务关系的,应经总行高级管理层批准。
B. B.为提供货币兑换、跨境汇款等资金(价值)转移服务的境外非金融机构提供金融服务或者与其开展业务合作的,应经所在单位反洗钱领导小组批准。
C. C.客户的法定代表人为特定政治公众人物,应经所在单位反洗钱领导小组批准。
D. D.客户授权办理业务人员来自高风险国家或者地区,应经所在单位反洗钱工作领导小组批准。
E.
F. "
【多选题】
"302.☆☆符合以下任一条件的客户,应将其洗钱风险等级调整为高风险,并进一步了解客户财产和资金来源,提高业务关系存续期间的交易监测分析频率和强度。()___
A. A.客户被列入我国发布或者承认的应实施反洗钱监控措施的名单
B. B.客户拒绝配合我行依法开展的客户尽职调查工作
C. C.客户受到人民银行反洗钱行政调查
D. D.客户多次被作为可疑交易报告主体上报
E.
F. "
【多选题】
"303.☆当客户发生的可疑交易符合下列情形之一,应在向中国反洗钱监测分析中心提交可疑交易报告的同时,以电子形式或书面形式向所在地中国人民银行或者其分支机构报告,并配合反洗钱调查___
A. A.明显涉嫌洗钱、恐怖融资等犯罪活动
B. B.严重危害国家安全或者影响社会稳定
C. C.客户被有权机关查询
D. D.其他情节严重或者情况紧急的情形
E.
F. "
【多选题】
"304.☆各经营单位发生()情况应在10个工作日内上报总行。___
A. A.制定或修订主要反洗钱内控制度
B. B.监管机构反洗钱现场检查或现场走访
C. C.反洗钱工作负责人、反洗钱岗位人员调整
D. D.洗钱风险自评估报告或其他相关风险分析材料
E.
F. "
【多选题】
"305.☆自然人客户的“客户身份基本信息”包括()___
A. A.姓名
B. B.性别
C. C.国籍
D. D.职业
E. E.住所地或者工作单位地址、联系方式
F. F.身份证件或者身份证明文件的种类、号码和有效期限"
【多选题】
"306.☆☆出现以下情形时,应限制、中止直至终止与客户的业务关系()___
A. A.客户先前提交的身份证件或者身份证明文件已过有效期,经联系后客户没有在合理期限内更新且没有提出合理理由的
B. B.发现客户身份证件或者身份证明文件以外的其他身份基本信息发生变更的
C. C.发现客户先前提交的身份证明文件系伪造、变造的
D. D.发现客户的身份证明文件已注销或者被吊销的
E.
F. "
【多选题】
"308.☆符合下列条件之一的客户,可不进行客户风险评分,直接将其评定为低风险客户()___
A. A.客户为各级党和政府机关
B. B.客户为中国人民解放军和武警部队(包括其下属的各类企事业单位)
C. C.国家事业单位
D. D.国有企业
E.
F. "
【多选题】
"309.☆☆一次性金融服务是指,为不在本银行机构开立账户的客户提供()服务___
A. A.现金方式向他行账户汇款
B. B.现金存款
C. C.现钞兑换(同币种间)
D. D.票据兑付
E.
F. "
