【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
A. 4
B. 3
C. 2
D. 5
【单选题】
Which command enables authentication at the oSPFv2 routing process level?___
A. ip ospf authentication message-digest
B. area 0 authentication message-digest
C. ip ospf message-digest-key 1 mds Cisco
D. area 0 authentication ipsec spi 500 md5 1234567890ABCDEF1234567890ABCDEF
【单选题】
Which type of firewall monitors a nd protects a specific system?___
A. firewall
B. application firewall
C. stateless firewall wvp
D. personal firewall
【单选题】
On an ASA, which maps are used to identify traffic?___
A. Route maps
B. Policy maps
C. Class maps
D. Service maps
【单选题】
Which type of social engineering attack targets top executives?___
A. whaling
B. vishin
C. spear phishing ng
D. baiting
【单选题】
What is the minimum Cisco lOS version that supports zone-based firewalls?___
A. 12.1T
B. 15.1
C. 15.0
D. 124
【单选题】
In which type of attack does an attacker overwrite an entry in the CAM table to divert traffic destined to a legitimate host?___
A. DHCP spoofing
B. ARP spoofing
C. CAM table overflow
D. MAC spoofing
【多选题】
Which two attack types can be prevented with the impleme ntation of a Cisco IPS solution?___
A. DDos
B. man-in-the-middle
C. worms
D. ARP spoofing
E. VLAN hopping
【多选题】
choose four___
A. DHCP snooping ——————————blocks DHCP messages
B. Dynamic ARP inspection——————verifies IP-to-MAC traffic on untrusted ports
C. IP sources guard ——————————provides layer 2 interface security with ports ACLs
D. Port security————————————mitigates MAC-address spoofing at the access interface
【多选题】
choose four___
A. Step1————————run the system setup wizard
B. Step2————————add an authentication realm
C. Step3————————configure identity management
D. Step4————————configure directory group
【多选题】
What are two advanced features of the Cisco AMp solution for endpoints ___
A. contemplation
B. foresight
C. sandboxing
D. reputation
E. reflection
【多选题】
Which two characteristics of RADIUS are true?___
A. It encrypts only the password between user and server.
B. It uses TCP ports 1812/1813
C. It uses UDP ports 1812/1813.
D. It uses UDP port 49
E. It uses TCP port 49
【多选题】
What are two challenges of using a network-based IPS? ___
A. It is unable to determine whether a detected attack was successful
B. It requires additional storage and proce ssor capacity on syslog servers
C. As the network expands, it requires you to add more sensors.
D. It is unable to detect attacks across the entire network
E. It must support multiple operating systems.
【多选题】
What are two default be haviors of the traffic on a zone-based firewall?___
A. Traffic within the self -zone uses an im plicit deny all.
B. All traffic between zones is implicitly blocked
C. Communication is allowed between interfadAss that are members of the same zone
D. Communication is blocked between interfaces that are members of the same zone
E. The CBAC rules that are configured on router interfaces apply to zone interfaces
【多选题】
Which two advantages does the on-premise model for MDM deployment have over the cloud-based model?___
A. The on-premise model is easier and faster to de ploy than the cloud-based model
B. The on-premise model is more scalable than the cloud-based model
C. The on-premise model is generally less expensive than the cloud-based model
D. The on-premise model generally has less latency than the cloud- based model.
E. The on-premise model provides more control of the MDM solution than the cloud
【多选题】
Which two actions can an end usts take to manage a lost or stolen device in Cisco ISE? ___
A. Activate Cisco ISE End point Protection Services to quarantine the device.
B. Add the mac address of the device to a list of blacklisted devices
C. Force the device to be locked with a PIN
D. Request revocation of the digital certificate of the device.
E. Reinstate a device that the user previously marked as lost or stolen
【多选题】
Which two problems can arise when a proxy firewall serves as the gateway between networks?___
A. It can prevent content caching
B. It can limit application support
C. It is unable to prevent direct connections to other networks
D. It can cause reduced throughput.
E. It is unable to provide antivirus protection
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two methods are available to add a new root certificate?___
A. Use sCep
B. Install from SFTP server
C. Install from a file
D. Use Https
E. Use LDAP
【多选题】
Which two are considered basic security principles?___
A. Accountability
B. Redundancy
C. High Availabilit
D. Integrity
E. Confidentiality
【多选题】
Which two roles of the Cisco WSA are true?___
A. IPS
B. firewall
C. antispam
D. web proxy
E. URL filter
【单选题】
Which next-generation encryption algorithm supports four variants?___
A. SHA-2
B. SHA-1
C. MD5
D. HMAC
推荐试题
【判断题】
按照《中国银监会办公厅关于印发银行业金融机构案件处置三项制度的通知》规定,银监会机关相关部门及银监局接到《案件信息确认报告》后,应当按照相关规定,决定成立专案组,确定主办人员
A. 对
B. 错
【判断题】
按照《中国银监会办公厅关于印发银行业金融机构案件处置三项制度的通知》规定,金融机构案件处置三项制度包括《银行业金融机构案件处置工作规程》、《银行业金融机构案件(风险)信息报送及登记办法》、《银行业金融机构案件防控工作联席会议制度》
A. 对
B. 错
【判断题】
甲银行为银监会直接监管的银行业金融机构,2014年3月15日甲银行行长林某被纪检部门双规。依据《银行业金融机构案件(风险)信息报送及登记办法》规定,甲银行总部应于事件发生后24小时内报送案件风险信息
A. 对
B. 错
【判断题】
甲银行于2014年4月收到重大案件举报线索,反映其下属A支行存在内外勾结,违规放贷,可能造成银行资产损失的情况。依据《银行业金融机构案件(风险)信息报送及登记办法》规定,甲银行应及时向当地银监局上报银行业金融机构案件信息
A. 对
B. 错
【判断题】
按照《银行业金融机构国别风险管理指引》规定,国别风险,是指由于某一国家或地区经济、政治、社会变化及事件,导致该国家或地区借款人或债务人没有能力或者拒绝偿付银行业金融机构债务,或使银行业金融机构在该国家或地区的商业存在遭受损失,或使银行业金融机构遭受其他损失的风险
A. 对
B. 错
【判断题】
按照《银行业金融机构国别风险管理指引》规定,支付风险是国别风险的主要类型之一,是指借款人或债务人由于本国外汇储备不足或外汇管制等原因,无法获得所需外汇偿还其境外债务的风险
A. 对
B. 错
【判断题】
按照《银行业金融机构国别风险管理指引》规定,银行业金融机构应当建立与国别风险暴露规模相适应的监测机制,在单一和并表层面上按国别监测风险,监测信息应当妥善保存于国别风险评估档案中
A. 对
B. 错
【判断题】
A银行董事会认为,考虑到A银行已经建立了完善的国别风险内部评级体系,能够有效识别风险,为提高管理效率,依据《银行业金融机构国别风险管理指引》规定,无须再对国别风险实行限额管理
A. 对
B. 错
【判断题】
2012年,深圳怡化公司与福建某银行签订了ATM机具外包协议,协议就ATM的日常维护、保养、更换、升级以及银行信息保密等条款均做了明确约定。2013年,该公司维护人员在对某台机具设备更换记录有客户卡号、金额的日志纸时,不慎将日志纸遗失,依据《银行业金融机构外包风险管理指引》规定,该银行有权终止该外包协议
A. 对
B. 错
【判断题】
按照《中国银行业监督管理委员会办公厅关于规范市场竞争、严禁高息揽存的通知》规定,银行业金融机构在营销过程中不得擅自提高存款利率,不得向存款户发放现金,向存款客户赠送小礼品是行之有效的营销手段之一
A. 对
B. 错
【判断题】
某区人民法院于9月1日应A案件中原告甲的要求,采取诉前保全措施,对王某存在大兴银行的50万元存款进行了冻结。9月5日,该区所属市中级人民法院以B案件判决已生效为由要求扣划该笔存款,并为此出具了协助扣划存款通知书。依据《金融机构协助查询、冻结、扣划工作管理规定》(银发〔2002〕1号)有关规定,该市中级人民法院以上行为是否正确
A. 对
B. 错
【判断题】
大兴银行小张接待了该市某区人民法院两名执法人员,对方要求扣划之前已冻结张某某存在该行的50万元存款,并要求提取现金。小张要求对方出具:一是有权机关执法人员的工作证件;二是有权法院签发的协助扣划存款通知书,并已由主要负责人签字;三是已生效了的法律文书;四是该区法院出具同意其提取现金的通知书。在收到以上四项有效材料后,小张为其支取了现金。依据《金融机构协助查询、冻结、扣划工作管理规定》(银发〔2002〕1号)的有关规定,小张以上行为是否正确
A. 对
B. 错
【判断题】
某日,某市中级人民法院有权执法人员至大兴银行柜面拟冻结该行储蓄客户王某的50万元存款,银行柜面工作人员小王负责办理该项业务,在了解到对方来意后,小王查看了执法人员相关证件及相关法律文书,并挂了电话给该储蓄客户王某通知相关冻结事项后,再配合执法人员办理了冻结业务。试问,依据《金融机构协助查询、冻结、扣划工作管理规定》(银发〔2002〕1号)有关规定,小王以上操作是否正确
A. 对
B. 错
【判断题】
按照《中国银监会关于整治银行业金融机构不规范经营的通知》规定,银行业金融机构要遵循利费分离原则,严格区分收息和收费业务,不得将利息分解为费用收取,严禁变相提高利率
A. 对
B. 错
【判断题】
按照《中国银监会关于整治银行业金融机构不规范经营的通知》规定,银行业金融机构应依法承担贷款业务及其他服务中产生的尽职调查、押品评估等相关成本,不得将经营成本以费用形式转嫁给客户
A. 对
B. 错
【判断题】
按照《银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,“其他违法违规行为”中的“法”、“规”指除刑法以外的法律法规、监管规章及规范性文件、自律性组织制定的有关准则,以及银行业金融机构制定的适用于自身业务活动的行为准则
A. 对
B. 错
【判断题】
按照《银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,在银行业金融机构营业场所和办公场所内,针对银行业金融机构从业人员或客户的人身安全实施暴力行为,应当由公安机关立案侦查的刑事犯罪案件不纳入案件进行统计
A. 对
B. 错
【判断题】
按照《银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,银行业金融机构从业人员违规使用银行业金融机构重要空白凭证、公章等,套取银行业金融机构信用参与非法集资等活动,涉嫌触犯刑法,已由公安、司法机关立案侦查或按规定应移送公安、司法机关立案查处的案件纳入第二类案件进行统计
A. 对
B. 错
【判断题】
按照《银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,外部人员实施的网上银行诈骗、电话银行诈骗、电信诈骗、盗刷银行卡及POS机套现等案件,经公安机关立案后,除有证据证明银行业金融机构及其从业人员存在违法违规行为的以外,纳入第一类案件进行统计,按月报送案件数据
A. 对
B. 错
【判断题】
某银行员工在柜面转账过程中,未按客户要求转入相应账户,而是将资金转入其关联账户,在后台授权过程中,被发现,并对该员工进行控制,报送公安机关调查。案件发生后,该银行应以《案件风险信息(成功堵截)》格式上报,依据《中国银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,成功堵截的案件或事件,应纳入案件统计
A. 对
B. 错
【判断题】
甲曾经是A银行的一位个贷客户经理,他把在A银行工作时积累下来的客户名单和之前办理业务时保留的客户信息资料以5000元都卖给了乙。后乙利用这些资料对客户进行电话诈骗,累计骗得50多万元。依据《中国银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,由于甲和乙均非A银行员工,A银行也非案件受害人,故A银行无需将上述事件纳入案件统计
A. 对
B. 错
【判断题】
某银行员工张某协助他人伪造贷款资料,骗取银行贷款人民币3000万元,造成银行重大损失,被追究刑事责任,依据《中国银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,该案件应属于第二类案件
A. 对
B. 错
【判断题】
陈某以人民币1万元从他人手中购得假币5万元,并通过其在某银行支行上班的朋友林某将全部假币替换,林某获得好处费1万元。一个月后,林某因涉嫌金融工作人员购买假币、以假币换取货币罪被公安机关抓获,林某足额赔偿了银行的损失。由于该案件已经破获,且银行无实际经济损失,依据《中国银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,可以不纳入案件统计
A. 对
B. 错
【判断题】
某一银行客户经理虚假注册了一家壳公司,借助其自身岗位的便利条件为其自己注册的公司申请安装了POS机,利用平常工作中收集的客户身份信息,以其自身注册的公司为客户开立虚假收入证明申请信用卡,然后再通过壳公司的POS机刷信用卡套现,套出现金500万元用于民间借贷赚取利息收益。在发现问题以后,该银行立即向公安机关报案。依据《中国银监会关于修订银行业金融机构案件定义及案件分类的通知》规定,该银行应按照《银行业金融机构案件处置工作规程》开展案件调查、审结及后续处置工作
A. 对
B. 错
