【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
AB
解析
暂无解析
相关试题
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
推荐试题
【单选题】
___是坚持党的领导、人民当家做主、依法治国有机统一的根本制度安排。
A. 人民代表大会制度
B. 中国共产党领导的多党合作和政治协商制度
C. 基层群众自治制度
D. 少数服从多数
【单选题】
实现“一国两制”的前提是___
A. 港、澳、台享有高度自治权
B. 国家的主体坚持社会主义制度
C. 国家主权统一于中华人民共和国
D. 港、澳、台保持原有的资本主义制度长期不变
【单选题】
1997年7月1日,中国政府对香港恢复行使主权,香港特别行政区成立。香港特别行政区基本法开始实施。香港进入“一国两制”、“港人治港"、高度自治的历史新纪元。香港特别行政区的高度自治权是___
A. 特别行政区的完全自治
B. 中央授权之外的剩余权力
C. 特别行政区本身固有的权力
D. 中央授予的地方事务管理权
【单选题】
从“一国两制”的构想延伸下去,邓小平进一步提出了解决某些国际争端的新思想___
A. 主权第一,共同开发
B. 搁置主权,共同治理
C. 主权第一,和平共处
D. 搁置主权,共同开发
【单选题】
我国实行“一国两制”不会改变人民民主专政国家的社会主义性质,这是因为___
A. 特别行政区只是中华人民共和国的一个行政区域
B. 特别行政区是在中华人民共和国中央人民政府的统一领导下
C. 特别行政区享有内地一般地方行政区所没有的高度自治权
D. 两种制度地位不同,社会主义制度是主体
【单选题】
首次以“台湾回到祖国怀抱,实现祖国统一大业”来代替“解放台湾”的是___
A. 1978年的党的十一届三中全会公报
B. 1949年新华社发表的《中国人民一定要解放台湾》的时评
C. 1979年全国人大常委会发表的《告台湾同胞书》
D. 1982年全国人大五届五次会议通过的《中华人民共和国宪法》
【单选题】
党的十八大报告指出,香港澳门回归以来,走上了同祖国内地优势互补共同发展的宽广道路。“一国两制”实践取得举世公认的成功。中央政府对香港澳门实行的各项方针政策,根本宗旨是___
A. 把发挥祖国内地坚强后盾作用和提高港澳自身竞争力有机结合起来
B. 维护国家主权安全 、发展利益 ,保持香港、澳门长期繁荣稳定
C. 把坚持一国原则和尊重两制差异结合起来
D. 把维护中央权力和保障特别行政区高度自治权结合起来
【单选题】
1992年,海峡两岸关系协会与台湾海峡交流基金会达成“九二共识”,"九二共识”的内容是___
A. 海峡两岸均坚持一个中国原则
B. 大陆实行社会主义制度,台湾实行资本主义制度
C. 两岸要推进经济合作,促进共同发展
D. 两岸要结束敌对状态,达成和平协议
【单选题】
为了维护国家和民族的根本利益.中国共产党适时提出了“联蒋抵美"的策略。毛泽东起草的以国防部长名义发布的《告台湾同胞书)等公告,公布了对台湾的新政策。这一新政策指的是___
A. 提出了“一国两制”的方针
B. 提出了武力解放台湾的政策
C. 提出了和平解放台湾的方针
D. 提出了“联蒋抵美”的策略
【单选题】
正式把“一国两制"确定为中国的一项基本国策是在___
A. 1985年邓小平会见英国首相撒切尔夫人时
B. 1985年的六届全国人大三次会议上
C. 1979年元且全国人大发布《告台湾同胞书》时
D. 1979年邓小平访美时
【单选题】
和平发展理应成为两岸关系发展的主题。实现两岸关系和平发展的有效途径是___
A. 为两岸同胞谋福祉
B. 加强经济上的交流合作,互利互惠,共同发展
C. 在“九二共识"基础上进行两岸对话谈判,开展平等协商
D. 坚持体现一个中国原则的“九二共识”
【单选题】
2008年12月31日,胡锦涛在纪念《告台湾同胞书》发表30周年座谈会上发表重要讲话,所回答的基本问题是___
A. 为什么要维护国家主权完整怎样维护国家主权完整
B. 为什么要签订"两岸经济合作框架协议”怎样继续推动“两岸和平协议”
C. 为什么要推动两岸和平统一,怎样推动两岸和平统一
D. 为什么要推动两岸关系和平发展,怎样推动两岸关系和平发展
【单选题】
1997年香港回归,回归完成了香港宪制秩序的巨大转变,构成特别行政区的宪制基础的是___
A. 中华人民共和国宪法
B. 香港特别行政区基本法
C. 中华人民共和国宪法和香港特别行政区基本法
D. 香港特别行政区基本法和澳门特别行政区基本法
【单选题】
台湾问题迟迟不能得到解决的主要原因是___
A. 岛内“台独”势力长期主政,无意与大陆和谈
B. 美国长期以来的阻挠和破坏
C. 我国的综合国力无力解决
D. 台湾同胞意见不一
【单选题】
台湾春节包机从2004年的经香港中转变为2005年首次双向对飞,双向载客。这一变化充分说明___
A. 实现祖国和平统一已经开始
B. 台湾地区的“一国两制”与港澳地区有重要差异
C. 民族团结是中华民族的最高利益
D. 实现“三通”是两岸同胞的共同愿望
【单选题】
中国政府主张“一国两制”和平统一台湾,但决不承诺放弃使用武力,目的是___
A. 准备最后用武力解放台湾
B. 以武力压台湾统一
C. 对付“台独”和某些外国势力企图把台湾从祖国大陆分裂出去的阴谋
D. 对付台湾人民
【单选题】
在“一国两制”构想中,港、澳、台作为特别行政区,拥有高度的自治权,这种自治权是指___
A. 可以行为允许那些叛国、分裂国家、煽动叛孔的人的行为
B. 可以允许那些企图颠覆中央人民政府的行为
C. 可以允许那此窃取国家机密的行为
D. 必须在基本法规定的范围内,而且不能有损害国家利益的行为
【单选题】
“一国两制”最重要的前提条件是___
A. 港、澳、台地区不行使军事自治
B. 坚持一个中国的原则
C. 港、澳、台地区保持经济繁荣
D. 港、澳、台地区保持原有的资本主义制度
【单选题】
“和平统一,一国两制”是解决我国台湾问题的基本方针,也是两岸统一的最佳方式。中国政府开始宣布采用和平统一祖国的方针,是在___
A. 《关于台湾回归祖国,实现和平统一的方针政策》
B. 1979年《告台湾同胞书》
C. 六届人大二次会议的《政府工作报告》
D. 1995年1月30日,江泽民提出的八项主张
【单选题】
根据我国现行宪法的规定,根据特定地区的特殊情况,可以决定设置特别行政区及特别行政区实施的制度实施高度自治的中央国家机构是___
A. 全国人民代表大会
B. 全国人民代表大会常务委员会
C. 全国人民政治协商会议
D. 国务院
【单选题】
台湾问题的性质不同于香港问题和澳门问题。台湾问题的实质是___
A. 中国与美国的关系问题
B. 中国的内政问题
C. 历史上殖民主义侵略遗留下来的问题
D. 中国与日本的关系问题
【单选题】
2015年8月25日,大陆海峡两岸关系协会与台湾海峡交流基金会领导人第十一次会谈在福州举行,双方签署了《海峡两岸避免双重课税及加强税务合作协议》和《海峡两岸民航飞行安全与适航合作协议》。至此,两岸两会恢复制度性协商7年来,已签署23项协议,并达成一系列共识。回顾上述成果产生的历程可以发现,两岸双方坚持“九二共识”,是两会协商得以持续向前推进的宝贵经验。坚持“九二共识”的核心在于___
A. 坚持共产党的领导
B. 认同大陆和台湾同属一个中国
C. 努力增进两岸民众福祉
D. 寄希望于台湾人民
