【多选题】
Which two statements about the self zone on a cisco Xone based policy firewall are true?___
A. Multiple interfaces can be assigned to the self zone
B. it supports stateful inspections for multicast traffic
C. zone pairs that include the self zone apply to traffic transiting the device.
D. it can be either the source zone or the destination zone
E. traffic entering the self zone must match a rule
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
DE
解析
暂无解析
相关试题
【多选题】
Which type of attack can exploit design flaws in the implementation of an application without ?___
A. DHCP starvation attacks
B. low-rate dos attacks
C. application DDos flood attacks
D. application DDoS flood attacks
E. volume-based DDoS attacks
【单选题】
Which type of firewall can server as the interme diary between a client and a server ?___
A. Stateless firewall
B. application firewall
C. proxy firewall
D. personal firewall
【单选题】
What is the highest security level that can be configured for an interface on an ASA?___
A. 0
B. 50
C. 10
D. 200
【单选题】
Which term refers to the electromagnetic interference that can radiate from network cables?___
A. Gaussian distributions
B. Doppler waves
C. emanations
D. multimode distortion
【单选题】
How does a zone pair handle traffic if the policy de fination of the zone pair is missing?___
A. It inspects all traffic.
B. It drops all traffic.
C. It permits all traffic wihtout logging
D. It permits and logs all traffic
【单选题】
default how does a zone based firewall handle traffic to add from the self zone?___
A. It permits all traffic without inspection
B. It inspects all traffic to determine how it is handled
C. It permits all traffic after inspection
D. It frops all traffic
【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
推荐试题
【单选题】
如纳税人以现金、刷卡(未通过横向联网电子缴税系统)方式向税务机关缴纳税款,税务机关应开具并交付纳税人的纸质税收票证是___
A. 《税收缴款书(银行经收专用)》
B. 《税收缴款书(税务收现专用)》
C. 《税收缴款书(代扣代收专用)》
D. 《税收缴款书(出口货物劳务专用)》
【单选题】
小张是大通县税务局今年新招录的公务员,按照党政机关办公用房建设标准的规定,小张的办公室用房使用面积标准是___
A. 24平方米
B. 18平方米
C. 12平方米
D. 9平方米
【单选题】
“三定”后,A县第一税务分局作为A县税务局的派出机构,承担办税服务职能。下列各种人员中可以担当该办税服务厅值班领导的是___
A. A县税务局局长
B. A县第一税务分局局长
C. A县税务局纳服股科员
D. A县第一税务分局咨询岗人员
【单选题】
某信息技术公司在办理税务注销手续时想要享受即时办结服务,则该公司存在的以下情形中,不符合即办条件的是___
A. 处于税务检查状态
B. 无欠税(滞纳金)及罚款
C. 已缴销增值税专用发票及税控专用设备
D. 纳税信用级别为B级
【单选题】
结合2018年“春风行动”各项措施的时间节点,国家税务总局分季度、分主题推出系列活动,第四季度活动的主题是___
A. 纳税人开放日
B. 媒体记者体验行
C. “春风亮点”展示交流
D. 两会代表委员话春风
【单选题】
某软件企业办税人员致电12366纳税服务热线,咨询关于享受企业所得税优惠政策的事项办理问题。针对他提出的以下观点,不正确的是___
A. 该企业享受优惠事项采取自行判别、申报享受的方式
B. 该企业对优惠事项留存备查资料的真实性、合法性承担法律责任
C. 该企业留存备查资料应从企业所得税汇算清缴期结束次日起保留5年
D. 该企业在完成年度汇算清缴后,应按照后续管理要求向税务机关提交资料
【单选题】
纳税人跨区域经营合同延期的,可以办理报验管理有效期限延期手续的税务机关是___
A. 只能是机构所在税务机关
B. 经营地或机构所在地的税务机关
C. 只能是经营地税务机关
D. 必须核销报验重新开具报验手续
【单选题】
税务稽查“双随机一公开”是指___
A. 随机确定检查时间,随机选派检查人员,公开随机抽查结果
B. 随机确定检查地点,随机选派检查人员,公开随机抽查结果
C. 随机抽取检查对象,随机选派检查人员,公开随机抽查结果
D. 随机抽取检查对象,随机确定检查频次,公开随机抽查结果
【单选题】
国税地税征管体制改革总任务中的“强化一个根本”是指___
A. 加强经费保障和资产管理
B. 增强税费服务征管质效
C. 加强党对税收工作的全面领导
D. 增强纳税人和全社会的获得感与满意度
【单选题】
为了有效推进国税地税征管体制改革,税务总局打造了立体化的组织领导体系,即“1+10+36+6+N+1”。其中,最后一个数字“1”代表的是___
A. 派出一个工作小组
B. 成立一个联络督导组
C. 开展一轮巡视
D. 组织一次网络竞赛
【单选题】
为弘扬和践行中国税务精神,各地税务干部纷纷唱响《中国税务之歌》,其歌词中“责任”和“荣光”指的是___
A. 干好税务、带好队伍
B. 为国聚财、为民收税
C. 依法治税、从严治队
D. 聚财为国、执法为民
【单选题】
选拔任用党政领导干部,必须经过民主推荐。民主推荐包括会议推荐和个别谈话推荐,推荐结果作为选拔任用的重要参考,在一定时间内有效。上述“一定时间”是___
A. 当次选拔任用工作中
B. 一年内
C. 两年内
D. 近两次选拔任用工作中
【单选题】
世界银行近期发布全球公共部门绩效报告,我国税务部门绩效管理经验入选最佳案例。该报告对中国税务部门的“绩效工作格局”给予了高度评价。其中,“绩效工作格局”是指___
A. 上不封顶、下不保底、责任明确、流程优化
B. 横向到边、纵向到底、任务到岗、责任到人
C. 一年试行、两年见效,三年完善、长期稳定
D. 全员参与、量化考核、总体规划、分步实施
【单选题】
税务部门通过税收大数据,运用成熟可靠的税收经济关联指标,让数据说话,从而提升税务工作质效。此次机构改革,主要承担上述职能的新设部门是___
A. 税收风险管理部门
B. 大企业管理服务部门
C. 税收经济分析部门
D. 收入规划核算部门
【单选题】
下列公文标题中,标点符号使用正确的是___
A. 国家税务总局××省税务局关于印发“×××意见”的通知
B. 国家税务总局××省税务局关于印发《×××办法》的通知
C. 国家税务总局××省税务局关于印发×××行动计划〈2018-2020〉的通知
D. 国家税务总局××省税务局关于减免增值税、企业所得税的批复
【单选题】
根据国务院关于老干部离职休养的相关规定,税务系统要落实好离退休干部的“两项待遇”,具体是指___
A. 工资待遇、生活待遇
B. 工资待遇、护理待遇
C. 政治待遇、生活待遇
D. 政治待遇、工资待遇
【单选题】
按照“优化协同高效”原则,在机构职能确定上,省级以下税务局应重点突出的职能是___
A. 思想政治建设和干部队伍建设
B. 大数据分析和税收风险防控
C. 大企业和自然人税费管理
D. 直接面向纳税人和缴费人的管理服务
【单选题】
下列对税收违法行为的举报,应通过 “快捷处理通道”受理的是___
A. 某酒店拒绝为客人开具合理发票
B. 某企业虚开增值税发票
C. 某公司存在隐瞒收入、虚增成本的行为
D. 某商贸企业骗取出口退税
【单选题】
2018年4月,习近平在全国网络安全和信息化工作会议上强调要“把握好时度效,构建网上网下同心圆”。其中“构建网上网下同心圆”所体现的网络强国战略要求是___
A. 要加强网上正面宣传,旗帜鲜明坚持正确政治方向、舆论导向、价值取向
B. 要深入开展网络安全知识技能宣传普及,提高广大人民群众网络安全意识和防护技能
C. 要树立正确网络安全观,加强信息基础设施、网络安全防护和网络安全事件应急指挥能力
D. 要加强党中央对网信工作的集中统一领导,确保网信事业始终沿着正确方向前进
【单选题】
根据《国家税务总局突发事件总体应急预案》的相关规定,对不同等级突发事件采用不同的预警颜色表示。其中,特别重大事件等级的颜色是___
A. 红色
B. 橙色
C. 黄色
D. 蓝色
【单选题】
征信就是专业化的、独立的第三方机构为个人或企业建立信用档案,依法采集、客观记录其信用信息,并依法对外提供信用信息服务的一种活动。目前我国征信业的监督管理部门是___
A. 中国银行保险监督管理委员会
B. 中国证券监督管理委员会
C. 中华人民共和国财政部
D. 中国人民银行
【单选题】
2018年8月,国家税务总局和公安部、海关总署、中国人民银行联合召开会议,部署打击税收违法犯罪专项行动。具体是指___
A. 打击虚开增值税发票、偷税漏税违法犯罪
B. 打击虚开增值税发票、逃税抗税违法犯罪
C. 打击虚开增值税发票、骗税抗税违法犯罪
D. 打击虚开增值税发票、骗取出口退税违法犯罪
【单选题】
下列情形中,属于党的纪律处分的是___
A. 某区税务局法制股赵某受到记过处分
B. 某县税务局副局长钱某受到免职处理
C. 某市税务局所得税科孙某被判处有期徒刑4年
D. 某省税务局办公室李某受到严重警告处分
【单选题】
电视剧《创业时代》女主角那蓝说:“我买包烟,里面含税;买个化妆品,里边含税。国家利用这些税金完善一切。”这段话中提到的商品价格所包含的税,目前已立法的是___
A. 增值税
B. 消费税
C. 烟叶税
D. 个人所得税
【单选题】
某稽查局因执法需要,依照规定程序准备购置一辆执法用车。以下选项符合购买标准的是___
A. 国产价值16万的比亚迪新能源汽车
B. 进口价值16万的丰田新能源汽车
C. 进口价值16万的二手越野车
D. 海关拍卖的价值16万的走私车
【单选题】
假如唐僧穿越回到2018年的西安大雁塔,并与某便利店老板达成口头协议,将皇帝赐予他的紫金钵盂与便利店销售的高仿佛经进行置换。此项业务中便利店应缴纳的税是___
A. 增值税
B. 消费税
C. 印花税
D. 关税
【单选题】
以下关于延期申报与延期缴纳税款的说法中,正确的是___
A. 纳税人申请延期申报的最长期限不超过六个月
B. 纳税人申请延期缴纳税款前,需要预缴一定税款
C. 纳税人申请延期缴纳税款的,可向主管税务机关申请代为转报申请材料
D. 纳税人延期申报预缴税额大于实际应纳税额的,税务机关结算退税同时向纳税人计退利息
【单选题】
蓝斯登原则亦称蓝斯登定律,是美国管理学家蓝斯登提出来的。其含义是,在你往上爬的时候,一定要保持梯子的整洁,否则下来时可能会滑倒。以下语句中,最能体现蓝斯登原则的一句是___
A. 走自己的路,让别人去说吧
B. 进退有度,才不至于进退维谷
C. 惟有看得清,方能走得远
D. 以其不争,故天下莫与之争
【单选题】
根据中央纪委关于集中整治形式主义、官僚主义的工作意见,近期要重点整治四个方面的问题。其中在履职尽责、服务经济社会发展方面,重点整治的问题是___
A. 对中央精神只做口号式、机械式的传达,不加消化、囫囵吞枣,上下一般粗的传达
B. 单纯以会议贯彻会议、以文件落实文件,过度留痕,缺乏实际行动和具体措施
C. 政务服务窗口态度差、办事效率低,政务服务热线、网站、APP运行“僵尸化”
D. 不担当、不作为、慢作为、乱作为、假作为等严重影响改革发展高质量的突出问题
【单选题】
根据党的十九届三中全会要求,要加快推进政府机构、职能、权限、程序、责任法定化,规范和约束履职行为,让权力在阳光下运行,强化机构编制管理刚性约束,加大机构编制违纪违法行为查处力度。其中,在各级政府部门全面推行的一项基本制度是___
A. 权力清单制度
B. 权责清单制度
C. 负面清单制度
D. 职能清单制度
