【单选题】
Which command should beused to ena ble AAA Authentication to determine if a user can access the privilege command level?___
A. aaa authentication enable local
B. aaa authentication enable level=
C. aaa authentication enable method de fault
D. aaa authentication enable defa ult local
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
D
解析
暂无解析
相关试题
【单选题】
On an ASA, the policy indicates that traffic should not be translated is often referred to as which of the following?___
A. NAT zero
B. NAT forward
C. NAT nul
D. NAT allow
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
推荐试题
【多选题】
借款人有下列情形之一,由贷款人对其部分或全部贷款加收利息。情节特别严重的,由贷款人停止支付借款人尚未使用的贷款,并提前收回部分或全部贷款()。___
A. 不按借款合同规定用途使用贷款的
B. 用贷款进行股本权益性投资的
C. 用贷款在有价证券、期货等方面从事投机经营的
D. 依法取得经营房地产资格的借款人,用贷款从事房地产投机的
【多选题】
对担保贷款而言,如果借款人有能力归还本息,但是出现以下不利因素,则应将该笔贷款归为关注类()。___
A. 抵押物价值下降
B. 银行对抵押物失去控制
C. 保证人的财务状况出现疑问,失去保证能力
D. 保证人保证意愿较差,不与银行配合,有意逃避保证责任
【多选题】
对抵押物的检查应包括()。___
A. 存续状况及使用状况
B. 价值和变现能力
C. 抵押人有无擅自转让、出租或其他处分抵押物的行为
D. 是否被重复抵押
E. 抵押人(出质人)有无使抵(质)押物价值减少的行为
F. 是否出现抵押(质押)人的其它债权人优先于农信社受偿的情况
【多选题】
发生以下那些情形时,需在信贷管理系统内将客户列入黑名单管理( )。___
A. 贷款风险五级分类被认定为可疑、损失类
B. 贷款风险五级分类被认定为次级并且贷款本息逾期超过 90 天
C. 客户在金融系统融资发生违约行为引起诉讼、以物抵债、贷款核销等情形时
D. 客户为他人提供担保的贷款发生 1-3 情形的
E. 恶意逃废农村信用社债务的
F. 人民银行反洗钱系统列入黑名单的客户、在其它金融机构被列为黑名单的
【多选题】
各市农信办、县级行社对辖内信贷管理系统运行情况进行检查的主要内容包括()。___
A. 操作人员的职责履行情况
B. 用户密码的使用和修改是否符合规定
C. 输入的客户信息是否真实、完整、有效,是否与纸质客户档案相对应
D. 信贷业务授权和系统操作授权是否按规定进行,有无未授权、超授权、转授权、操作业务现象
E. 客户基本信息、客户信用等级、对客户授信额度等是否根据实际变化而随时更新修改
【多选题】
关于对借款人的贷后财务监控,下列说法错的是()。___
A. 企业提供的财务报表如为复印件,需要公司盖章
B. 企业提供的财务报表如经会计师事务所审计,需要完整的审计报告(不包括附注)
C. 财务报表应含有资金运用表
D. 对于关键数据,主要进行纵向比较
【多选题】
农信社信贷档案由以下哪些组成()。___
A. 客户提交的相关资料
B. 客户经理的调查资料
C. 内部审查、审议审批等资料
D. 信用发放与支付凭证
E. 贷后管理过程中形成的资料
【多选题】
商业银行贷后管理中有关经营者的预警信号主要有()等。___
A. 冒险投资于其他新业务
B. 董事会、所有权或重要的人事变动
C. 冒险兼并其他公司
D. 关键人物的态度变化尤其是缺乏合作态度
E. 财务报表呈报不及时
【多选题】
同时满足下列那些情形时,将客户从信贷管理系统黑名单中注销()。___
A. 所欠农村信用社系统贷款本息全部结清 15 天以上
B. 客户为他人提供担保的不良贷款本息全部结清
C. 不再被其它金融机构列为黑名单的
D. 不再属于省联社规定其它应该进入黑名单的
【多选题】
下列关于贷款档案管理,说法对的是()。___
A. 永久、20 年期贷款档案由贷款档案员填写贷款档案移交清单后向档案部门移交归档
B. 一般短期贷款适用于 3 年期,结清后原则上再保管 3 年
C. 一般中长期贷款适用于 20 年期,结清后原则上再保管 20 年
D. 经风险管理部及业务经办部门认定有特殊保存价值的项目可列为永久保存。
【多选题】
下列属于贷后检查人员在检查结束后可以对计划预备类贷款提出的应对建议的是()。___
A. 要求信贷人员针对贷款情况制定清晰的退出预备计划
B. 通过提高利率、调整贷款期限、增加担保、降低整体授信额度等措施将整体授信风险下降至可控范围内
C. 能够通过进一步的扶持措施,使借款人生产经营情况好转摆脱困境的,可制定扶持计划并视情况实施
D. 按照合同加收罚息,使借款人改变不明智行为。或宣布贷款提前到期,收回贷款
【多选题】
信贷业务档案要严格保密,原则上不对外查询。法律、法规明确规定的有权机关依法需调阅、影印信贷档案时,必须持有()。___
A. 协助查询通知书或其他有效法律文书
B. 调阅人工作证明
C. 经县级行社行长(或主任)批准同意查阅的批示
D. 查询申请书
【多选题】
以下关于贷款偿还的描述中,对的是( )。___
A. 贷款逾期后,银行要对应收未收的利息计收利息,即计复利
B. 对不能按借款合同约定期限归还的贷款,应当按规定加罚利息
C. 因提前还款而产生的费用应由银行负担
D. 因提前还款而产生的费用应由借款人负担
【多选题】
银行风险预警后处置措施有()。___
A. 列入重点观察名单
B. 要求客户限期纠正违约行为
C. 要求增加担保措施
D. 停止发放贷款
E. 暂停发放新贷款或收回已发放的授信额度
【多选题】
在贷后管理中,资产保全部门按规定负责管理客户部门移交的不良贷款,包括()。___
A. 不良贷款的清收、盘活、保全
B. 对不良贷款进行责任认定
C. 抵债资产的接受和处置
D. 表外利息的减免和核销
【多选题】
在抵押期间,银行经办人员对抵押物检查时应()。___
A. 定期检查抵押物的存续状况、占有、使用、转让、出租等处置行为
B. 发现抵押物价值减少,应及时查明原因并采取有效措施
C. 如发现抵押人的行为将造成抵押物价值减少,应要求抵押人停止担保
D. 如抵押人行为已造成抵押物价值减少,应要求抵押人恢复抵押物价值
【多选题】
客户为自然人的,申请信贷业务应当具备下列基本条件:()。___
A. 借款用途明确合法
B. 借款申请数额、期限合理
C. 借款人具备还款意愿和还款能力
D. 借款人信用状况良好
【多选题】
系统操作员、系统管理员要按规定操作,严守机密,不得将有以下行为()。___
A. 按规定授权获取更高权限
B. 将操作密码告知无关人员
C. 泄漏客户的商业秘密
D. 将数据结构告知无关人员
【多选题】
下列叙述对的是()。___
A. 个人贷款按贷款方式分为信用贷款和担保贷款
B. 办理个人贷款遵循先客户评级、后额度授信、再具体用信的原则
C. 办理个人贷款严格执行贷款面谈、面签制度
D. 办理个人贷款遵循依法合规、审慎经营、平等自愿、公平诚信的原则
