【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
推荐试题
【判断题】
依据《中华人民共和国安全生产法》,生产经营单位的从业人员有权了解其作业场所和工作岗位存在的危险因素、防范措施及事故应急措施,有权对本单位的安全生产工作提出建议
A. 对
B. 错
【判断题】
依据《中华人民共和国消防法》,任何单位、个人不得损坏、挪用或者擅自拆除、停用消防设施、器材,不得埋压、圈占、遮挡消火栓或者占用防火间距,不得占用、堵塞、封闭疏散通道、安全出口、消防车通道。人员密集场所的门窗不得设置影响逃生和灭火救援的障碍物
A. 对
B. 错
【单选题】
依据《中华人民共和国安全生产法》,生产经营单位采用新工艺、新技术、新材料或者使用新设备,必须了解、掌握其___,采取有效的安全防护措施,并对从业人员进行专门的安全生产教育和培训。
A. 安全使用说明
B. 安全技术特性
C. 安全操作流程
D. 安全运行维护说明
【单选题】
依据《云南电网有限责任公司安全生产领域监督问责业务指导书》,发生有影响的电力事件、未有效履行安全生产职责、未有效落实安全生产工作部署等情形,由各级___根据要求,组织有关责任单位或责任人进行约谈。
A. 安全监管部门
B. 安全监管部门或专业管理部门
C. 专业管理部门
D. 领导办公室
【单选题】
依据《中华人民共和国安全生产法》,生产经营单位应当按照国家有关规定将本单位重大危险源及有关安全措施、应急措施报有关地方人民政府___和有关部门备案。
A. 应急办
B. 办公室
C. 安全生产监督管理部门
【单选题】
依据《中华人民共和国安全生产法》,生产经营单位必须为从业人员提供符合国家标准或者行业标准的___,并监督、教育从业人员按照使用规则佩戴、使用。
A. 技术措施
B. 管理措施
C. 劳动防护用品
D. 生活用品
【单选题】
依据《云南电网有限责任公司安全生产领域监督问责业务指导书》,“红牌”警告期为___年,期满后,经事故单位申请,由公司组织检查合格后摘牌。
A. 半年或一年
B. 一年
C. 两年
D. 一至两年
【单选题】
依据《云南电网有限责任公司安全生产领域监督问责业务指导书》,公司分子公司安委会办公室,公司安委会办公室,应分别在事故调查结束后的___、20天,监督行政问责决定的执行完成。
A. 5天
B. 10天
C. 15天
D. 20天
【单选题】
依据《中国南方电网有限责任公司基建安全管理办法》,公司基建项目施工作业执行___制度。每项作业任务开展前,现场技术员必须结合作业内容和步骤,确认安全风险与相应控制措施,由安全员审核,现场负责人签发。进入生产运行区域开展施工作业,必须执行“两票三制”等公司安全生产相关规定。
A. 工作票
B. 安全技术交底
C. 安全施工作业票
D. 操作票
【单选题】
依据《云南电网公司安全管理办法》,各单位要推行对承包商人员进行资质管理和培训,加强承包商项目的___与入场检查,开展对承包商安全业绩评价与考核工作。
A. 资质备案
B. 前期准备
C. 工器具
D. 工作票
【单选题】
依据《云南电网公司安全管理办法》,安全生产委员会主任由本单位的安全生产第一责任人担任,其他分管负责人和有关部门主要负责人为成员。并设立安全生产委员会办公室,挂靠同级___部门,作为安委会的日常办事机构。
A. 生产
B. 办公
C. 安全监管
D. 基建
【单选题】
依据《中华人民共和国安全生产法》,有关生产经营单位应当按照规定提取和使用___,专门用于改善安全生产条件。
A. 安全生产保障金
B. 安全生产费用
C. 安全生产专项资金
D. 安全生产项目资金
【单选题】
依据《云南电网公司安全管理办法》,承包商人员应通过公司的“两种人”资格考试及发包单位的___考试合格后,方可进入生产现场施工作业。
A. 技术
B. 操作
C. 业务
D. 安全
【单选题】
依据《云南电网公司安全管理办法》,各单位应设立___,作为应急管理的领导机构,负责决定应急管理重大事项,指挥应急处置工作。
A. 应急处理中心
B. 应急指挥中心
C. 应急急救中心
D. 应急行动中心
【单选题】
依据《云南电网公司安全管理办法》,各级___依据职责分工,按照“谁分管,谁负责”的原则,是分管领域的安全生产第一责任人,按岗位职责对分管领域的安全生产工作负领导责任,向行政正职负责。
A. 分管领导
B. 安全生产第一责任人
C. 行政副职(包括总工程师、总经济师、总会计师等)
D. 业务管理人员
【单选题】
依据《中国南方电网有限责任公司电力事故事件调查规程》,人身重伤是指使人肢体残废、毁人容貌、丧失听觉、丧失视觉、丧失其他器官功能或者其他对于人身健康有重大伤害的损伤,通常指事故发生后人员受伤且损失工作日等于和超过___日的失能伤害,依照国家法规及县级以上医疗机构诊断确定。
A. 7
B. 30
C. 100
D. 105
E. 365
【单选题】
依据《中华人民共和国安全生产法》,生产经营单位应当在有较大危险因素的生产经营场所和有关设施、设备上,设置明显的安全___。
A. 红线
B. 措施
C. 警示标志
D. 须知
【单选题】
依据《中华人民共和国安全生产法》,生产经营单位___以任何形式与从业人员订立协议,免除或者减轻其对从业人员因生产安全事故伤亡依法承担的责任。
A. 不得
B. 可以
C. 允许
D. 适宜
【单选题】
依据《云南电网有限责任公司安全生产领域监督问责业务指导书》,发生电力人身事故(含负有监督管理责任的承包商人身事故)、有责任的一般及以上电力安全事故、设备事故时等级调整方式为___。
A. 警告
B. 降星
C. 降钻
D. 取消钻级
【单选题】
依据《中国南方电网有限责任公司安全生产令》,加强系统运行管理,全力控制、减轻和消除电力安全事故损害,防止___及以上电力安全事故发生。
A. 一般
B. 较大
C. 重大
D. 特大
【单选题】
依据《中华人民共和国安全生产法》,生产经营单位的主要负责人和安全生产管理人员必须具备与本单位所从事的生产经营活动相应的__和___。
A. 生产知识,管理能力
B. 安全生产知识,管理能力
C. 法律知识,管理能力
D. 生产知识,法律知识
【单选题】
依据《中华人民共和国安全生产法》,生产经营单位的主要负责人依照规定受刑事处罚或者撤职处分的,自刑罚执行完毕或者受处分之日起,___内不得担任任何生产经营单位的主要负责人;对重大、特别重大生产安全事故负有责任的,终身不得担任本行业生产经营单位的主要负责人。
A. 一年
B. 三年
C. 五年
D. 十年
【单选题】
依据《中华人民共和国安全生产法》,生产经营单位应当建立健全生产安全事故___制度,采取技术、管理措施,及时发现并消除事故隐患。事故隐患排查治理情况应当如实记录,并向从业人员通报。
A. 应急处置
B. 问题整改管理
C. 隐患排查治理
D. 预防管控
【单选题】
依据《云南电网有限责任公司安全监督管理办法》,各级专业部门相关管理人员岗位职责应明确安全___工作职责,实现“管业务必须管安全”。
A. 监督实施
B. 监督管理
C. 监督检查
D. 监督强化
【单选题】
依据《云南电网有限责任公司安全生产领域监督问责业务指导书》,发生3人以下死亡的一般人身死亡事故,分子公司__个工作日内到公司说清楚,县公司___个工作日内到分子公司说清楚。
A. 5、3
B. 10、5
C. 7、5
D. 7、3
【单选题】
依据《云南电网有限责任公司消防安全管理实施细则》,消防安全主体责任是指生产、办公场所的___管理单位履行日常消防管理工作所应承担的直接责任。
A. 直接
B. 上级
C. 下级
D. 平级
【单选题】
依据《中国南方电网有限责任公司电力安全工作规程》,在电气设备上工作需要选用工作票,常说的8+2+2系统。指厂站1、2、3种;线路1、2种工作票;新增___票,及书面形式记录和调度检修申请单和一、二级动火工作票。
A. 线路三种工作票、带电作业工作票
B. 电话口头命令、书面形式布置和记录
C. 低压配电网工作票、带电作业工作票、紧急抢修工作票
D. 调度检修申请单、一、二级动火工作票。
