SCSA题库5-Sun 310-014 Version 9.0(140题)
注册网络信息安全员CNISA考试试卷,下载请好评,尊重劳动成果
注册⽹络信息安全员CNISA考试试卷,下载请好评,尊重劳动成果注册⽹络信息安全员CNISA 考试试题(闭卷)(考试时间:120分钟;总分:140分)⼀⼆三四五总分得分评卷⼈⼀、单项选择题(20题,每试题2分)1、操作系统是企业⽹络管理平台的基础,其安全性是第⼀位的,所以作为⼀名合格的企业安全管理员,应该了解操作系统所⾯临()的安全威胁。
A.操作系统软件⾃⾝的漏洞 B.开放了所有的端⼝ C.开放了全部的服务 D.病毒2、ARP –D 命令的作⽤是:( )A.显⽰本地ARP 缓存表B.清空本地ARP 缓存表 C .绑定IP-MAC D.复制缓存表3、计算机蠕⾍是⼀种特殊的计算机病毒,它的危害⽐⼀般的计算机病毒要⼤许多。
要想防范计算机蠕⾍就需要区别开其与⼀般的计算机病毒,这些主要区别在于()。
A.蠕⾍不利⽤⽂件来寄⽣ B.蠕⾍病毒的危害远远⼤于⼀般的计算机病毒 C.⼆者都是病毒,没有什么区别 D.计算机病毒的危害⼤于蠕⾍病毒4、瑞星“云安全”系统主要针对:()A.实现互联⽹计算机的“云计算”B.数据⽹络存储,保护数据安全C.⽹站挂马等互联⽹病毒传播⾏为D.统计瑞星客户资料5、⼀下那种病毒会造成系统安全模式⽆法使⽤:()A.⼤⽆极B.灰鸽⼦C.橙⾊⼋⽉D.新CIH6、“振荡波”病毒属于:()A.⽊马病毒B.蠕⾍病毒C.流氓软件D.宏病毒7、以下哪个程序可以做为动态分析⼯具:()A.IceSwordB.WinHexC.UltraEdit-32D.SoftICE8、计算机病毒主要造成:()A.磁盘⽚的损坏B.磁盘驱动器的破坏C.CPU 的破坏D.程序和数据的破坏9、以下哪个现象与ARP 欺骗⽆关:( )A.访问外⽹时断时续B.⽆法ping 通⽹关C.⽆法访问固定站点D.反复弹出垃圾⽹页 10、硬盘分区表是由( )命令创建的。
A.FormatB.FdiskC.DebugD.Copy11、下列描述中正确的是()A.所有计算机病毒只在可执⾏⽂件中传染。
SCSA题库1-Test1
【题库】Solaris学习考试题1Test #1What command is used to change run levels?A. shutdownB. initC. killD. suThe correct answer is: BWhat method(s) can be used to remove software packages from a system?A. pkgrmB. rm -rC. AdmintoolD. All of the aboveThe correct answer is: ACWhich file contains the IP addresses and host names of machines on your network?A. /etc/inet/hostsB. /etc/hostname.xxyC. /etc/defaultdomainD. /etc/nodenameThe correct answer is: A1.A umask value of 022 sets the default permission on a directory to which of the following?A. 644B. 755C. 022D. 533The correct answer is: B2. Which of the following is NOT a valid software configuration cluster to choose during installation of the Solaris 2.6 operating environment?A. CoreB. ClientC. End UserD. DeveloperThe correct answer is: B3. What command will display partition information about a disk?A. prtvtocB. sysdefC. df -kD. sysinfoThe correct answer is: A4. What command is used to set the auto-boot parameter?A. setenv auto-boot?=falseB. set auto-boot=falseC. eepromD. nvsetThe correct answer is: C5. Software packages usually start with which of the following?A. An abbreviation of the software packageB. The company's stock symbolC. SUNWD. Anything the vendor choosesThe correct answer is: B6. What file allows a specified user permission to log in remotely from the specified host without having to supply a password?A. /.rhostsB. /etc/hosts.equivC. /etc/default/loginD. /etc/hostsThe correct answer is: A7. What command schedules a command to run once at a given time?A. crontabB. priocntlC. atD. cronThe correct answer is: C8. Which command(s) executes a shell on a remote system?A. rexecB. telnetC. ftpD. rcpE. rshThe correct answer is: E9. Which directory is the full device path name found in?B. /devicesC. /dev/dskD. /kernelThe correct answer is: B10. What utility has a built-in function to do incremental backups?A. tarB. ppioC. ufsdumpD. ddThe correct answer is: C11. Which command(s) is used to transfer one or more files between two systems on the network?A. rloginB. rshC. telnetE. rcpThe correct answer is: DE12. What directory contains the Solaris default initialization files?A. /etc/defaultB. /etc/skelC. /etc/dfsD. /homeThe correct answer is: B13. Which command displays information about users logged on the local or other systems?A. whoB. loginsC. fingerD. rexecThe correct answer is: C14. Given the following backup schedule, which tapes would be needed to fully restore the system if it goes down on a Saturday?oFirst Monday of the month-level 0 (tape 1) oAll other Mondays-level 1 (tape 2) oWednesdays-level 2 (tape 3) oFridays-level 4 (tape 4)A. All four of them.B. Tapes 2-4.C. Tapes 1, 2, and 4.D. Tapes 1, 3, and 4.The correct answer is: A15. What is another term for swap space?A. Virtual memoryB. Random Access MemoryC. Partition C or Slice 2D. Static memoryThe correct answer is: AWhat command verifies the accuracy of a software package installation?A. pkgaddB. pkgchkC. pkgaskD. pkginfoThe correct answer is: BWhat command can be used to change the priority on a process?A. niceB. priocntlC. psD. hupThe correct answer is: ABWhen adding a new user account in AdminTool, what option(s) is not available for setting the password?A. Password is cleared until first loginB. Account is lockedC. No password assignedD. Have the system generate a passwordThe correct answer is: D16. What command shows the jobs queued up by the at command?A. atqB. at -lC. psD. crontabThe correct answer is: AB17. Which OpenBoot PROM command can be used to verify PROM settings?A. bannerB. devaliasC. printenvD. probe-scsiThe correct answer is: C18. Which of the following is a network component that forwards Ethernet packets from one network to another?A. HubB. SwitchC. Network interfaceD. RouterThe correct answer is: D19. Which of the following statements about IP addresses are true?A. An IP address can include letters, digits, and minus signs.B. An IP address is written as four sets of numbers separated by periods.C. An IP address provides a means of identifying and locating network resources.D. An IP address is divided into three unique numbers: network, class, and host.E. An IP address identifies the machine to its peers on the network.The correct answer is: BCEWhat command creates and modifies entries in /etc/ttydefs file to describe terminal line characteristics?A. pmadmB. nlsadminC. sacadmD. sttydefsThe correct answer is: D20. Which of the following do NOT make secure passwords?A. PhrasesB. Nonsense wordsC. Words with numbers or symbolsD. Employee numbersThe correct answer is: D21. A umask value of 022 sets the default permission on a file to which of the following?A. 644B. 755C. 022D. 533The correct answer is: A22. Which of the following is a character device name?A. /dev/dsk/c0t3d0s0B. /dev/rdsk/c0t3d0s0C. /dev/cuaD. /devicesE. /sbus@1,f8000000/esp@0,40000/sd@3,0:aThe correct answer is: B23. What mount option is used to mount file systems that have files larger than 2GB?A. largefilesB. nolargefilesC. lfD. nlfThe correct answer is: A24. UID 0 is typicallyA. rootB. daemonC. admD. lprThe correct answer is: A25. What command is used to add, delete, enable, disable, start, and stop port monitors?A. pmadmB. ttyadmC. nlsadminD. sacadmThe correct answer is: D26. In the output from the ps command, what does the UID field display?A. The parent processB. The process IDC. The process ownerD. The Priority of the processThe correct answer is: C27. You can use Web Start to perform which of the following tasks?A. To setup your server as a Web serverB. To start up a default Internet browser, such as NetscapeC. To simplify the creation of the JumpStart configuration fileD. To set up software on a remote system via the Web.The correct answer is: C28. What file contains a list of file systems to be automatically mounted at boot up?A. /etc/fstabB. /etc/dfs/dfstabC. /etc/vfstabD. /etc/rc2.d/S74autofsThe correct answer is: C29. What task is SAF NOT able to perform?A. Setting up ttymon and listen port monitors.B. Troubleshooting tty devicesC. Setting up listen port monitor servicesD. Set up TCP/IP services.The correct answer is: D30. What is the difference between chmod and umask?A. A chmod value can be set by individual users; umask operates on the system level.B. chmod uses the sticky bit and umask doesn't.C. umask permissions are stored in a directory rather than in the files.D. umask changes the default permissions for every file and directory created in the future; chmod works on a specific directory or file that already exists.The correct answer is: DHow many system run states are there?A. 3B. 7C. 6D. 8The correct answer is: BWhat option to the ps command lists only the processes for a particular user?A. -PB. -fC. -lD. -uThe correct answer is: D31. Which of the following statements is true of a software package?A. A software package is a group of files and directories that describe a software application, such as manualpages and line printer support.B. A software package is a standard way to deliver bundled and unbundled software.C. Software packages are grouped into software clustersD. Software packages are administered using the installf(1M) commandThe correct answer is: D32. On file permissions, what does the w in the following example mean?-rwxr-xr-xA. Write privileges for the ownerB. Write privileges for the owner and groupC. Write privileges for everyoneD. Write privileges for root onlyThe correct answer is: A33. Which of the following is NOT true regarding the cpio command?A. It is used for copying data from one place to another.B. It is not a good tool for backups.C. It can back up and restore individual files - not just whole file systems.D. It can span multiple tapes.E. Backups made by cpio are smaller than those created with tar.The correct answer is: B34. What is a minimum requirement to complete a successful login to a Solaris system?A. A login IDB. A default login shellC. A login (home) directoryD. A unique network identificationThe correct answer is: A35. When installing a patch, which option does not create a backup of the files to be patched?A. -fB. -pC. -BD. -dThe correct answer is: D36.What configuration file contains configuration data for the port monitors that the SAC controls?A. Devices or _porttabB. gettydefs or zsmon/_pmtabC. ttytab or _safD. _sactabThe correct answer is: D37. The respawn action in the /etc/inittab file performs which of the following actions?A. Restart the commandB. Reboot the systemC. Restart all system processesD. Wait for a command to be completedThe correct answer is: A38. Which file lists all uses of the "su" command?A. /var/adm/wtmpB. /var/adm/messagesC. /var/adm/lastlogD. /var/adm/sulogThe correct answer is: D39. What command lists the files on a tape?A. tar -cvfB. tar -xvfC. tar -tvfThe correct answer is: CWhich of the following statements are true about the/etc/hostname.xxy file?A. It is a system script file.B. It is a SPARC executable file.C. It contains the host name of the local host.D. It identifies the network interface on the local host. The correct answer is: D40. To boot a system into a single user state, what command is entered at the OK prompt?A. bootB. boot -sC. boot -aD. boot -nThe correct answer is: B41. An AutoClient system has:A. A local disk and local swap, (/) and /usr are cached from a networked server.B. No local disk , (/) and /usr are cached into RAM from a remote server.C. Has a local disk, a local root (/), but /usr is cached from a remote server.D. Has a local disk, a local root (/), and a local /usr, but swap is on a remote server.The correct answer is: A42. Which of the following is NOT true of dd?A. It quickly converts and copies files with different data formats.B. It is a good backup tool.C. It is used to transfer a complete file system or partition from your hard disk to a tape.D. It is used to copy all data from one disk to another.The correct answer is: B43. Which of the following is a mechanism for gaining access to a port service?A. PortB. SACC. SAFD. Port MonitorThe correct answer is: D44. What command is used to remove a patch from a system?A. uninstallB. pkgrm -pC. patchrmD. rm -rThe correct answer is: C45. Which crontab entry instructs the system to run logchecker at 3:10 on Sunday and Thursday nights?A. 0 4 * * 10,3 /etc/cron.d/logcheckerB. 10 3 * * 0,4 /etc/cron.d/logcheckerC. * * 10 3 0,4 /etc/cron.d/logcheckerD. 10 3 * * 0-4 /etc/cron.d/logcheckerThe correct answer is: B46. Which of the following is not an example of a default user initialization files?A. .cshrcB. .loginC. .profileD. .exrcThe correct answer is: D47. Which of the following are characteristics of a character device?A. Character device interfaces transfer only small amounts of data, one character at a time.B. With a character device file, data is written directly to the disk, bypassing system I/O buffers.C. Buffering is controlled by the application program.D. All of the above.The correct answer is: D48. What command makes specific checks and adjustments to system files and permissions to assure system security?A. chmodB. ASETC. ACLD. Make the proper entry in the /etc/default/login file.The correct answer is: B49. What command can be used in conjunction with tar and cpio to perform incremental backups?A. sortB. findC. grepD. diffThe correct answer is: BWhat command(s) shows all patches applied to a system?A. patchadd -pB. pkginfoC. showrev -pD. All of the aboveThe correct answer is: ACWhat information does the inode contain?A. The type of the fileB. File directory informationC. The number of bytes in the fileD. Logical volume informationThe correct answer is: AC50. What command prepares a compressed tar patch file ( witha ".Z" extension) for installation and saves approximately 25% on temporary disk space usage?A. installpatch -uB. installpatch -fC. uncompressD. unzipThe correct answer is: C51. How many secondary groups can a user belong to?A. 1B. 32C. UnlimitedD. 16The correct answer is: D52. What is the recommended command used to create file systems?A. AdminToolB. newfsC. mkfsD. formatThe correct answer is: B53. What command configures port monitor services and the associated processes for individual ports?A. pmadmB. sacadmC. ttyadmD. nlsadminThe correct answer is: A54. What signal stops a process unconditionally?A. 9B. 0C. 15D. 1The correct answer is: A55. What command(s) can be used to display disk space information?A. duB. dfC. quotaD. requotaE. All of the aboveThe correct answer is: E56. In the standard device file naming convention "cXtYdZ", the "tY" portion of the file name identifies which of thefollowing?A. The controller card to which this device is attachedB. The SCSI target address of the deviceC. The LUN of the deviceD. The function number as contained on the "Core I/O" board. The correct answer is: B57. Which network class is for medium sized networks such as campuses and large businesses with many hosts on their network?A. Class AB. Class BC. Class CD. Class DThe correct answer is: B58. What is SAF?A. Storage Access FacilityB. It is the tool used for administering terminals, modems, and other network devices.C. It is the daemon that starts and controls various port monitors.D. It connects incoming requests on serial lines to the login service and login program.The correct answer is: BWhat is the best way to delete a login but retain the user's files?A. Delete the login, but unselect the Delete Home Directory check boxB. Change the password on the loginC. Change the uid of the loginD. Delete the login, but don't delete any files with the "rm" command.The correct answer is: A59. A system is booted from the boot PROM by typing which of the following?A. bootB. bC. boot cdromD. All of the aboveThe correct answer is: D。
信息安全技术考试试题
信息安全技术考试试题一、选择题(每题 2 分,共 40 分)1、以下哪种加密算法属于对称加密算法?()A RSAB AESC ECCD SHA-2562、数字签名的主要作用是()A 保证数据的机密性B 保证数据的完整性和不可否认性C 实现身份认证D 提供数据加密3、在网络安全中,以下哪种攻击方式属于主动攻击?()A 窃听B 篡改C 流量分析D 监听4、防火墙的主要功能不包括()A 访问控制B 数据加密C 网络地址转换D 入侵检测5、以下哪种密码技术用于验证消息的完整性?()A 对称加密B 非对称加密C 哈希函数D 数字证书6、下面关于 SSL 协议的描述,错误的是()A 位于应用层和传输层之间B 可以实现数据加密和身份认证C 是一种网络层安全协议D 广泛应用于电子商务等领域7、入侵检测系统(IDS)的主要作用是()A 防止网络攻击B 检测和响应网络攻击C 修复网络漏洞D 提供网络访问控制8、以下哪种备份方式恢复数据的速度最快?()A 完全备份B 增量备份C 差异备份D 以上都不对9、在访问控制中,基于角色的访问控制(RBAC)的优点不包括()A 灵活性高B 便于管理C 降低授权管理的复杂性D 权限分配直观10、下面关于病毒的描述,错误的是()A 计算机病毒是一种程序B 病毒能够自我复制C 病毒只会对计算机系统造成破坏D 病毒可以通过网络传播11、以下哪种网络攻击手段可以获取用户的账号和密码?()A 拒绝服务攻击B 缓冲区溢出攻击C 跨站脚本攻击D 网络监听攻击12、数据隐私保护中,脱敏处理的主要目的是()A 加密数据B 隐藏敏感信息C 压缩数据D 提高数据访问效率13、以下哪种身份认证方式安全性最高?()A 用户名和密码B 动态口令C 指纹识别D 智能卡14、网络安全策略中,最小特权原则的含义是()A 为用户分配尽可能少的权限B 为用户分配最高的权限C 为用户分配平均的权限D 以上都不对15、下面关于漏洞扫描的描述,正确的是()A 可以发现系统中的所有漏洞B 只能发现已知的漏洞C 不能发现网络设备的漏洞D 对系统性能没有影响16、以下哪种加密方式可以用于保护电子邮件的安全?()A PGPB SSLC SSHD IPSec17、在云计算环境中,数据安全面临的主要挑战不包括()A 数据隐私泄露B 数据丢失C 数据隔离D 计算资源不足18、下面关于移动设备安全的描述,错误的是()A 移动设备容易丢失或被盗B 移动设备的操作系统相对安全C 移动应用可能存在安全漏洞D 公共无线网络存在安全风险19、以下哪种技术可以防止网络钓鱼攻击?()A 反病毒软件B 防火墙C 网站认证D 入侵检测系统20、数据备份的策略不包括()A 定期备份B 异地备份C 实时备份D 随机备份二、填空题(每题 2 分,共 20 分)1、信息安全的三要素是、、。
SCSA题库(最新)-职称计算机考试其它试卷与试题
16. [SSL]SANGFOR SSL VPN与微软AD域对接实现用户认证,以下相关说法正确的是( A SSL VPN设备端不需要进行任何配置即可进行对接认证 B 同步用户信息包含用户组织结构、用户名、用户密码等信息 C 需要将AD域用户同步到SSL VPN设备才能用于用户认证 D 用户登录时账户校验是在AD域上进行
18. 加密和解密是对数据进行的某种交换,加密和解密的过程都是在( A 明文 B 密文 C 信息 D 密钥
)的控制下进行的[2分]-----正确答案(D)
19. [AC]关于恢复设备出厂设置,以下说法不正确的是( )[2分]-----正确答案(B) A 可以通过SANGFOR Updater加载升级包恢复出厂设置 B 可以通过U盘恢复出厂设置 C 可以通过设备控制台恢复出厂设置 D 可以通过交叉线恢复出厂设置
4. [AC]QQ邮箱内容审计不成功的排查不正确的是( A 需要开启审计策略 B 需要开启SSL识别,把加入进去 C 需要AC设备能上网 D 检查是否全局排除了
)[2分]-----正确答案(C)
5. DOS攻击不包括以下哪一种( A ARP攻击 B Smurf攻击 C DNS Flooding D UDP Flooding
SCSA题库(最新)
试卷总分:576 答题时间:600分钟
1. [SSL]关于SANGFOR SSL VPN中远程应用发布,说法错误的是?( A 应用运行在WindowsServer服务器 B 需要WindowsServer进行配置并授权 C 客户端不需要安装发布的应用程序就可以使用该应用 D 终端服务器支持WindowsServer和Linux服务器
)[2分]-----正确答案(D)
8. [NGAF]关于恢复设备出厂设置,以下说法不正确的是( )[2分]-----正确答案(B) A 可以通过SANGFOR Updater加载升级包恢复出厂设置 B 可以通过U盘恢复出厂设置 C 可以通过设备控制台恢复出厂设置 D 可以通过交叉线恢复出厂设置
2024年第一期CCAA注册审核员ISMS信息安全管理体系考试题目含解析
2024年第一期CCAA注册审核员ISMS信息安全管理体系考试题目一、单项选择题1、Saas是指()A、软件即服务B、服务平台即月勝C、服务应用即服务D、服务瞇即服务2、下列不属于公司信息资产的有A、客户信息B、被放置在IDC机房的服务器C、个人使用的电脑D、审核记录3、制定信息安全管理体系方针,应予以考虑的输入是()A、业务战略B、法律法规要求C、合同要求D、以上全部4、从计算机安全的角度看,下面哪一种情况是社交工程的一个直接例子?()A、计算机舞弊B、欺骗或胁迫C、计算机偷窃D、计算机破坏5、组织应()与其意图相关的,且影响其实现信息安全管理体系预期结果能力的外部和内部事项。
A、确定B、制定C、落实D、确保6、以下说法不正确的是()A、应考虑组织架构与业务目标的变化的风险评估进行再评审B、应考虑以往未充分识别的威胁对风险评估结果进行再评估C、制造部增加的生产场所对信息安全风险无影响D、安全计划应适时更新7、当发生不符合时,组织应()。
A、对不符合做出处理,及时地:采取纠正,以及控制措施;处理后果B、对不符合做出反应,适用时:采取纠正,以及控制措施:处理后果C、对不符合做出处理,及时地:采取措施,以控制予以纠正;处理后果D、对不符合做出反应,适用时:采取措施,以控制予以纠正;处理后果8、依据《中华人民共和国网络安全法》,以下正确的是()。
A、检测记录网络运行状态的相关网络日志保存不得少于2个月B、检测记录网络运行状态的相关网络日志保存不得少于12月C、检测记录网络运行状态的相关网络8志保存不得少于6个月D、重要数据备份保存不得少于12个月,网络日志保存不得少于6个月9、关于容量管理,以下说法不正确的是()A、根据业务对系统性能的需求,设置阈值和监视调整机制B、针对业务关键性,设置资源占用的优先级C、对于关键业务,通过放宽阈值以避免或减少报警的干扰D、依据资源使用趋势数据进行容量规划10、根据《互联网信息服务管理办法》规定,国家对经营性互联网信息服务实行()A、国家经营B、地方经营C、许可制度D、备案制度11、在根据组织规模确定基本审核时间的前提下,下列哪一条属于增加审核时间的要素?A、其产品/过程无风险或有低的风险B、客户的认证准备C、仅涉及单一的活动过程D、具有高风险的产品或过程12、依据GB/T22080/ISO/IEC27001,建立资产清单即:()A、列明信息生命周期内关联到的资产,明确其对组织业务的关键性B、完整采用组织的固定资产台账,同时指定资产负责人C、资产价格越高,往往意味着功能越全,因此资产重要性等级就越高D、A+B13、容灾的目的和实质是()A、数据备份B、系统的C、业务连续性管理D、防止数据被破坏14、下列哪项不是监督审核的目的?()A、验证认证通过的ISMS是否得以持续实现B、验证是否考虑了由于组织运转过程的变化而可能引起的体系的变化C、确认是否持续符合认证要求D、做出是否换发证书的决定15、关于信息安全管理体系认证,以下说法正确的是()A、认证决定人员不宜推翻审核组的正面结论B、认证决定人员不宜推翻审核组的负面结论C、认证机构应对客户组织的ISMS至少进行一次完整的内部审核D、认证机构必须遵从客户组织规定的内部审核和管理评审的周期16、虚拟专用网(VPN)的数据保密性,是通过什么实现的?()A、安全接口层(sSL,SecureSocketsLayer〉B、风险隧道技术(Tunnelling)C、数字签名D、风险钓鱼17、信息分级的目的是()A、确保信息按照其对组织的重要程度受到适当级别的保护B、确保信息按照其级别得到适当的保护C、确保信息得到保护D、确保信息按照其级别得到处理18、当发现不符合项时,组织应对不符合做出反应,适用时()。
深信服 SCSA 认证模拟题
深信服 SCSA 认证模拟题(二)1. IP 数据报文在网络层选路时,是基于下列哪个原则?() [单选题] *A. 最长匹配(正确答案)B. 最短匹配C. 模糊匹配D. 路由表序列匹配2. 在一个 C 类网段中要划分出 32 个子网,下面哪个掩码最合适?() [单选题] *A. 255.255.255.252B. 255.255.255.248(正确答案)C. 255.255.255.240D. 255.255.255.2553. SNMP 依赖于下列哪种协议工作?() [单选题] *A. IPB. ARPC. TCPD. UDP(正确答案)4. IP 报文头部中有一个 TTL 字段,关于该字段的说法正确的是?() [单选题] *A. 该字段长度为 7 位B. 该字段用于数据包分片C. 该字段用于数据包防环(正确答案)D. 该字段用于标记数据包的优先级5. 下列关于 trunk 端口与 access 端口描述正确的是?() [单选题] *A. Access 端口只能发送 untagged 帧(正确答案)B. Access 端口只能发送 tagged 帧C. Trunk 端口只能发送 untagged 帧D. Trunk 端口只能发送 tagged 帧6. 关于 RIP 协议,下列描述正确的是?() [单选题] *A. 路由器不可能发送跳数为 16 的路由器条目给它的直连邻居B. 路由器可能会收到直连邻居发送的跳数为 16 的路由条目,但收到后会立即丢弃,不再做任何别的处理C. 路由器可能会收到直连邻居发送的跳数为 16 的路由条目,收到后会利用它来更新自己的路由表(正确答案)D. 路由表可能会发送跳数为 16 的路由条目给它的直连邻居,但直连邻居收到后不会利用它来更新自己的路由表7. 如果希望一台 DHCP 客户机总是获得一个固定的 IP 地址,那么需要在 DHCP 服务器上为其设置什么?() [单选题] *A. IP 作用域B.IP 地址的保留(正确答案)C. DHCP 中继代理D. IP 地址的限制8. 关于 HTTP 响应状态码 302 说法正确的是?() [单选题] *A. 网页重定向(正确答案)B. 服务器错误C. 找不到网页D. 请求成功9. 下列哪个是 windows 系统常用的 DNS 测试的命令? () [单选题] *A. nslookup(正确答案)B. ipconfigC. route -nD. tracert10. 下列关于网络安全的描述正确的是?() [单选题] *A. 计算机网络环境下的信息安全(正确答案)B. 物理安全中的一部分C. 网络安全不属于信息安全组成部分,需要单独对待D. 技术手段可以完全杜绝网络安全事件11. 下列关于溢出类型攻击的防范哪个方法是错误的?() [单选题] *A. 填充数据时计算边界B. 使用没有缓冲区溢出问题的函数C. 基于探测方法的防御D. 可在堆栈上执行代码的防御(正确答案)12. 为了避免冒名发送数据或发送后不承认的情况出现,可以采用的办法是?()[单选题] *A. 访问控制B. 数字签名(正确答案)C. 数字水印D. 发电子邮件确认13. 关于 IPSEC VPN 以下说法错误的是?() [单选题] *A. 对于 IPv4,IPsec 是可选的,对于 IPv6,IPsec 是强制实施的B. IPsec 提供对 IP 及其上层协议的保护C. IPsec 是一个单独的协议(正确答案)D. IPsec 安全协议给出了封装安全载荷和鉴别头两种通信保护机制14. 下列关于 IPSEC VPN 中 AH 服务与 ESP 服务的说法错误的是?() [单选题] *A. ESP 主要可以提供完整性,数据保密,数据源认证等服务B. AH 可以提供数据完整性,数据源认证,抗重放攻击服务C. 采用 ESP 服务保护的 VPN 隧道机密性较高所以 IPSEC VPN 中通常使用 ESPD. 采用 AH 服务保护的 VPN 隧道有较强的完整性保护,可以保护整个 IP 头部以及负载的完整性(正确答案)15. 下列关于 IPSEC VPN 建立第二阶段说法正确的是?() [单选题] *A. 出站策略为对端子网 ip,入站策略为本端子网 ipB. 出站策略为本端子网 ip,入站策略为对端子网 ip(正确答案)C. 只需要配置出站策略,入站策略无需配置D. 只需要配置入站策略,出站策略无需配置16. 关于 SANGFOR DLAN 设备,下面哪种情况是完全免费的?() [单选题] *A. SANGFOR DLAN 设备与 SANGFOR DLAN 设备之间对接(正确答案)B. SANGFOR DLAN 设备与华为的 VPN 设备对接C. SANGFOR DLAN 设备与深信服 PDLAN 互联D. SANGFOR DLAN 设备以网关多线路模式部署17. 某用户总部 VPN 网关部署,出口有双线路,公网地址分别为:202.96.137.75 和58.24.3.66 ,用户希望 VPN 连接时,两条线路能自动选路,那么总部 VPN 基本配置中,WEBAGENT 该如何填写? () [单选题] *A. 202.96.137.75#58.24.3.66:4009(正确答案)B. 58.24.3.66:4009C. 202.96.137.75:4009D. 202.96.137.75;58.24.3.66:400918. 某用户总部和分支均通过 ADSL 拔号上网,用户要分支和总部建立 SNAGFOR VPN 连接以实现两端内网互访,以下说法正确的是?() [单选题] *A. SANGFOR VPN 无法实现客户的需求,需要改为标准 IPSEC VPN 实现B. SANGFOR VPN 可以实现客户的需求,分支出口直接做 TCP 4009 的端口映射即可C. SANGFOR VPN 可以实现客户的需求,通过 WEBAGENT 动态寻址实现(正确答案)D. 拨号环境,公网地址不固定,分支无法找到对端的正确 IP,无法实现,需要客户申请固定IP19. SANGFOR VPN 协议默认端口是?() [单选题] *A. TCP 4009 和 UDP 4009(正确答案)B. TCP 4430 和 UDP 4430C. TCP 4500 和 UDP 4500D. TCP 4007 和 UDP 400720. SANGFOR VPN 支持远程出差员工连接总部 VPN 吗?() [单选题] *A. 支持,但是需要总部是固定公网 IPB. 支持,而且不需要总部是固定公网 IP(正确答案)C. 支持,不需要下载客户端软件D. 不支持21. IPSEC 的数据加密协议是()。
2021年华为5G认证考试题库(含答案)
2021年华为5G认证考试题库(含答案)单选题(总共182题)1.NSA网络中,以下哪一层的统计最接近用户的体验速率?A、RRC层B、RLC层C、物理层D、PDCP层答案:D2.在NSA组网中,以下哪个定时器或常量不会用于下行链路检测?A、T301B、T310C、N300D、N310答案:C3.一NR小区SSB波束采用默认模式,天线挂高35米,机械下倾角为3°,数字下倾配置为0°,则此小区主覆盖波瓣的下沿(近点)距离基站大约是多少米?A、1200米B、330米C、150米D、670米答案:B4.NSA架构中,B1事件的门限值是如何发给UE的? A、通过Pss/SssB、通过RRC重配置信令C、通过OSI消息D、通过PBCH广播答案:B5.以下哪项是NR中的基本调度单位?A、REB、REGC、CCED、PRB答案:D6.如果出现了NSA接入失败,以下哪类问题可以通过性能指标做统计,并且可以统计相应的失败原因?A、eNodeB不发起gNodeB添加B、gNodeB拒绝添加请求C、UE无MR上报D、UE在eNodeB侧随机接入失败答案:B7.在切换准备过程中,源小区基于以下哪个参数确定切换的目标小区?A、频点B、NCGIC、PCID、TAC答案:C8.以下关于下行频率资源分配的描述,错误的是哪项?A、支持type0和type1两种分配方式B、type0是RBG粒度的分配方式,支持非连续分配和连续分配C、type0是RB粒度的分配方式,仅支持非连续分配D、type1是RB粒度的分配方式,仅支持连续分配答案:C9.5GRAN2.164T64R的AAU可以最多支持多少种广播波束场景配置?A、17B、3C、8D、5答案:A10.在NR用户上行速率测试中,对2T4R的终端,建议“上行最大MIMO层数”建议配置为以下哪项?A、Laver2B、Laver1C、Layer3D、Layer4答案:A11.以下哪种SRS的资源仅用于高频组网?A、NoncodebookB、BeammanagementC、CodebookD、Antennaswitching答案:D12.在NR辅站变更成功后,MeNodeB会通知MME以下哪条信令?A、PathUpdateProcedureB、RRCConnectionReconfigurationpleteC、SgNBInformationTransferD、SgNBReconfigurationplete答案:A13.做5G的C波段上行链路估算时,UE的发射功率一般为多少?A、26dBmB、30dBmC、33dBmD、23dBm答案:D14.如果需要开启干扰随机化调度,那么站内三个小区的PCI需要满足什么原则A、PCImod3错开B、PCImod8错开C、PCImod6错开D、PCImod4错开答案:A15.在NSA接入过程中,如果gNodeB收到了“additionrequest”消息,但是没有回复任何消息,以下哪项是可能的原因?(单选)A、gNodeB检测到X2链路故障B、无线资源不足C、gNodeB检测到s1链路故障D、License资源不足答案:A16.在同频切换的A3事件参数中,以下哪个参数不能基于QCI进行单独配置?A、A3偏置B、邻区偏置(CIO)C、A3幅度迟滞D、A3时间迟滞答案:B17.以下信道或信号中,发射功率跟随PUSCH的是哪项?A、PUCCHB、PUSCHC、PRACHD、SRS答案:A18.以下关于最小速率保障的描述,错误的是哪项?A、如果当前业务平均速率高于最小保障速率,基站会降低调度优先级B、如果当前业务平均速率低于最小保障速率,基站会提升调度优先级C、该参数不是3GPP规范的标准参数D、该参数是用于non-GBR业务答案:B19.Rel15版本中,5GPUSCH的最大码字数是多少个?A、4B、2C、1D、3答案:C20.以下关于SSB波束数量的描述,A、低频场景最个B、SA组网下,实际的波束数量通过SIB1消息下发C、最大的波束数量只和频段因素相关D、高频场景最4个答案:A21.在SIB1消息中,如果前导期望功率为-100dbm,SSB发射功率为18dbm,当前RSRP为-90dbm,那么终端第一个PRACH的前导发射功率是多少?A、10dBmB、-108dBmC、8dBmD、-118dBm答案:C22.针对60KHZ的SCS配置,一个无线帧中包含了多少个时隙?B、80C、160D、20答案:A23.RAN3.0,异频切换使用那个事件触发?A、A3B、A4C、A5D、A6答案:C24.在NR组网下,为了用户能获得接近上行最高速率,其MCS值最低要求应该是多少?A、16B、32C、25D、2025.以下关于PRACH的Scs描述,错误的是哪一项?A、短格式PRACH的SCS必须和PUSCHI的Scs一样B、长格式PRACH的SCs和PUSCH的scs一定不一样C、长格式PRACH采用固定的Scs,无法配置D、短格式PRACH的SCS可以配置,通过SIB1消息下发答案:A26.在5GC中,以下哪个模块用于用户的鉴权管理?A、ANFB、AUSFC、PCFD、SMF答案:B27.为了解决NR网络深度覆盖的问题,以下哪项措施是不可取的? A、采用低频段组网B、使用Lampsite提供室分覆盖C、增加NR系统带宽D、增加AAU发射功率答案:C28.NR触发A3事件的条件是以下哪项?A、Mn+Ofn-Hys>Ms+Ofs+OffB、Mn+Ofn+Ocn>Ms+Ofs+OcsC、Mn+Ofn+Ocn+HysD、Mn+Ofn+ocn-Hys>Ms+Ofs+Ocs+off答案:D29.在同频小区重选过程中,如果想实现终端从服务小区到某个特定邻区重选更容易,那么该如何修改参数?A、增加QoffsetB、增加QhystC、减小QoffsetD、诚小Qhyst答案:C30.以下哪种SCs不允许用于SSB?A、60KHzB、30KHzC、120KHzD、15KHz答案:A31.在NSA组网中,如果在eNodeb例配置的5GSSB频点和实际的不一致,会出现以下哪个问题?A、gnodeb拒地添加请求B、enodeb无法下发NR的测量配置C、UE随机接入失败D、UE无法上报5G测量结果答案:C32.以下关于PRACH虚警的描述,正确的是哪一项?A、U2020可以支持PRACH根序列冲突检测功能,降低虚警概率B、只要邻区之间PRACH信道时频位置相同,就会导致根序列冲突C、如有PRACH虚警问题,可以调整PRACH功控参数解决虚警问题D、只要邻区之间的PRACH前导序列有重复,就会导致根序列冲突答案:A33.5GCPE接收机的NoiseFigure(NF)典型值为哪项?A、1dBB、5dBC、7dbD、3dB答案:C34.gNOdeB通过PDCCH的DCI格式Uo/U1调整TPC取值,DCI长度是多少? A、4bitB、2bitC、3bitD、1bit答案:B35.64T64RAA支持的NR广播波束的水平3dB波宽,最大可以支持多少?A、65°B、90°C、45°D、110°答案:D36.每个终端最大可以配置多少个专用BWP?A、2个B、8个C、4个D、16个答案:C37.如果采用32T32R.100MHz带宽,MU-MIMO8流场景下,使用eCPRI接口所需要的带宽是多少?A、25GbpsB、50GbpsC、10GbpsD、100Gbps答案:C38.以下哪种UCI信息只能通过周期的PUCCH资源进行发送?A、PMIB、SRC、CQID、ACK-NACK答案:B39.NSA锚点切换流程中使用的是以下哪种事件报告?A、A4B、A3C、A5D、A6答案:B40.以下哪个参数不会出现在SCG的配置消息中?A、T304B、RSRP最小接收电平C、SSB发射功率D、SSB频点答案:C41.以下哪个场景属于NR基于非竞争的随机接入?A、初始RRC连接建立B、波束恢复C、RRC连接重建D、上行数据到达答案:B42.在NSA组网中,如果只有5G发送了掉话,那么终端收到的空口消息是以下哪条?A、RRCReleaseB、RRCReconfigurationC、SCGFailueInfoD、RRCReestablishment答案:C43.gNodeB根据UE上报的CQI,将其转换为几位长的MCS?A、4bitB、3bitC、2bitD、5bit44.在PDU会话建立过程中,以下哪个模块负责PCF的选择?A、AUSFB、SMFC、NSSFD、AMF答案:B45.在5G异频重选流程中,终端通过哪个消息获取异频的重选优先级?A、SIB2B、SIB3C、SIB4D、SIB5答案:C46.55SA组网中,以下哪种RC状态转换流程是不支持的?A、RC空闲到RRC连接B、RRC去激活到RRC空闲C、RRC空闲到RRC去激活D、RRC去激活到RRC连接答案:C47.5G中上行一共定义多少个逻辑信道组?A、4B、2D、8答案:D48.如果小区最大发射功率为100W,SCS=30kHZ,带宽为100MHZ,乘用64T64R 的AAU,那么小区基准功率大约为多少?A、31.9dBmB、-3.3dbmC、0dbmD、34dbm答案:B49.MIB消,息中的哪个参数指示了CORRESETO的时域位置?A、ssb-subcarrieroffsetB、systemframemumbetC、PDCCH-configSIB1高4位D、PDCCH-configSIB1低4位答案:C50.以下哪项不是对CPE做NR下行峰值调测时的建议操作?A、时隙配比设置为4:1B、调制阶数设置支持256QAMMIMO层数设置为4流D、把CPE终端放置在离AAU两米处答案:D51.以下几类数传问题中,哪一项不仅仅是空口质量的问题造成的?A、调度次数低B、IBLER高C、RAK低D、MCS低答案:A52.NR小区中,以下哪个指标可以反映UE业务态的覆盖情况?A、SSBRSRPB、CSIRSRPC、PDSCHRSRPD、CSISINR答案:B53.如果NR广播波束配置成水平3dB为65度波束,则对64T64R的AAU来说。
计算机三级信息安全技术题库
计算机三级信息安全技术题库计算机三级信息安全技术考试是一项严肃的考试,旨在验证考生在信息安全技术方面的知识和能力。
为了帮助考生更好地备考,下面将为大家提供一些常见的信息安全技术题库,希望能对考生有所帮助。
一、密码学1. 对称加密和非对称加密的区别是什么?请举例说明。
2. 什么是密钥长度?密钥长度对密码安全有何影响?3. 请简要介绍DES和AES两种常见的对称加密算法。
4. RSA算法的原理是什么?请解释公钥和私钥的作用。
5. 请简要介绍Diffie-Hellman密钥交换算法的原理。
二、网络安全1. 什么是防火墙?防火墙有哪些常见的工作模式?2. 请简要介绍DDoS攻击的原理和防范措施。
3. 什么是入侵检测系统(IDS)和入侵防御系统(IPS)?它们有何区别?4. 请解释网络钓鱼攻击和社会工程学攻击的原理,并提供相应的防范建议。
5. 什么是虚拟私有网络(VPN)?它如何保护网络传输的安全性?三、安全管理与风险评估1. 请解释信息安全管理的核心思想和重要性。
2. 请简要介绍信息安全三要素(机密性、完整性和可用性)。
3. 什么是风险评估?风险评估的步骤和方法有哪些?4. 请解释合规性和安全性之间的关系,并提供相应的案例说明。
5. 请简要介绍信息安全政策的制定和执行过程。
四、软件安全1. 请解释缓冲区溢出漏洞的原理,以及如何防范缓冲区溢出攻击。
2. 什么是跨站脚本攻击(XSS)?如何防范XSS攻击?3. 请简要介绍SQL注入攻击的原理,并提供相应的防范建议。
4. 什么是代码注入攻击?请解释远程代码执行的风险。
5. 请简要介绍软件安全评估的目的和方法。
五、物理安全与生物识别1. 请解释生物识别技术的原理和应用。
2. 什么是多因素认证?为什么多因素认证比单因素认证更安全?3. 请简要介绍视频监控系统和入侵报警系统在物理安全中的作用。
4. 请解释灾备和容灾的概念,并提供相应的案例说明。
5. 请简要介绍生物识别技术在金融行业的应用和挑战。
网络安全证书信息保护技术考试 选择题 54题
1. 在网络安全中,什么是“零信任”模型的核心原则?A. 信任所有用户B. 不信任任何用户C. 仅信任内部用户D. 仅信任外部用户2. 以下哪种加密算法通常用于保护数据的完整性?A. RSAB. AESC. SHA-256D. DES3. 在SSL/TLS协议中,哪个组件负责验证服务器的身份?A. 客户端证书B. 服务器证书C. 公钥D. 私钥4. 以下哪种攻击方式主要针对网络中的认证系统?A. DDoS攻击B. 中间人攻击C. 重放攻击D. SQL注入攻击5. 在数字证书中,哪个字段用于标识证书的颁发者?A. SubjectB. IssuerC. Serial NumberD. Validity Period6. 以下哪种技术可以防止数据在传输过程中被窃听?A. 数据加密B. 数据压缩C. 数据备份D. 数据归档7. 在PKI体系中,哪个组件负责生成和管理密钥对?A. CA(证书颁发机构)B. RA(注册机构)C. KMC(密钥管理中心)D. 终端用户8. 以下哪种协议用于在IP网络上安全地传输电子邮件?A. HTTPB. FTPC. SMTP9. 在网络安全中,什么是“双因素认证”?A. 使用两个不同的密码B. 使用两个相同的密码C. 使用两个不同的认证因素D. 使用两个相同的认证因素10. 以下哪种攻击方式会导致服务器资源被耗尽?A. 缓冲区溢出攻击B. DDoS攻击C. 跨站脚本攻击D. 文件包含攻击11. 在SSL/TLS握手过程中,哪个步骤用于交换密钥?A. ClientHelloB. ServerHelloC. CertificateD. Key Exchange12. 以下哪种加密方式属于对称加密?A. RSAB. AESC. ECCD. DSA13. 在数字证书中,哪个字段用于标识证书的持有者?A. SubjectB. IssuerC. Serial NumberD. Validity Period14. 以下哪种技术可以防止数据在存储过程中被篡改?A. 数据加密B. 数据压缩C. 数据备份D. 数据校验15. 在PKI体系中,哪个组件负责验证用户的身份?A. CA(证书颁发机构)B. RA(注册机构)C. KMC(密钥管理中心)D. 终端用户16. 以下哪种协议用于在IP网络上安全地传输文件?A. HTTPC. SFTPD. SMTP17. 在网络安全中,什么是“单点登录”?A. 使用一个密码登录多个系统B. 使用多个密码登录一个系统C. 使用一个认证因素登录多个系统D. 使用多个认证因素登录一个系统18. 以下哪种攻击方式会导致应用程序崩溃?A. 缓冲区溢出攻击B. DDoS攻击C. 跨站脚本攻击D. 文件包含攻击19. 在SSL/TLS握手过程中,哪个步骤用于验证客户端的身份?A. ClientHelloB. ServerHelloC. CertificateD. Client Certificate20. 以下哪种加密方式属于非对称加密?A. RSAB. AESC. DESD. 3DES21. 在数字证书中,哪个字段用于标识证书的有效期?A. SubjectB. IssuerC. Serial NumberD. Validity Period22. 以下哪种技术可以防止数据在传输过程中被篡改?A. 数据加密B. 数据压缩C. 数据备份D. 数据校验23. 在PKI体系中,哪个组件负责颁发证书?A. CA(证书颁发机构)B. RA(注册机构)C. KMC(密钥管理中心)D. 终端用户24. 以下哪种协议用于在IP网络上安全地传输即时消息?A. HTTPB. FTPC. SMTPD. XMPP25. 在网络安全中,什么是“多因素认证”?A. 使用多个不同的密码B. 使用多个相同的密码C. 使用多个不同的认证因素D. 使用多个相同的认证因素26. 以下哪种攻击方式会导致数据库数据被篡改?A. 缓冲区溢出攻击B. DDoS攻击C. 跨站脚本攻击D. SQL注入攻击27. 在SSL/TLS握手过程中,哪个步骤用于交换证书?A. ClientHelloB. ServerHelloC. CertificateD. Key Exchange28. 以下哪种加密方式属于哈希算法?A. RSAB. AESC. SHA-256D. DES29. 在数字证书中,哪个字段用于标识证书的唯一编号?A. SubjectB. IssuerC. Serial NumberD. Validity Period30. 以下哪种技术可以防止数据在存储过程中被窃听?A. 数据加密B. 数据压缩C. 数据备份D. 数据归档31. 在PKI体系中,哪个组件负责管理证书的撤销?A. CA(证书颁发机构)B. RA(注册机构)C. KMC(密钥管理中心)D. CRL(证书撤销列表)32. 以下哪种协议用于在IP网络上安全地传输VoIP通话?A. HTTPB. FTPC. SIPD. SRTP33. 在网络安全中,什么是“强密码”?A. 长度较短的密码B. 长度较长且包含多种字符类型的密码C. 长度较长但只包含数字的密码D. 长度较短但包含特殊字符的密码34. 以下哪种攻击方式会导致网络带宽被耗尽?A. 缓冲区溢出攻击B. DDoS攻击C. 跨站脚本攻击D. 文件包含攻击35. 在SSL/TLS握手过程中,哪个步骤用于交换加密算法?A. ClientHelloB. ServerHelloC. CertificateD. Cipher Suite36. 以下哪种加密方式属于流加密?A. RSAB. AESC. RC4D. DES37. 在数字证书中,哪个字段用于标识证书的扩展信息?A. SubjectB. IssuerC. Serial NumberD. Extensions38. 以下哪种技术可以防止数据在传输过程中被重放?A. 数据加密B. 数据压缩C. 数据备份D. 数据校验39. 在PKI体系中,哪个组件负责管理证书的更新?A. CA(证书颁发机构)B. RA(注册机构)C. KMC(密钥管理中心)D. OCSP(在线证书状态协议)40. 以下哪种协议用于在IP网络上安全地传输视频流?A. HTTPB. FTPC. RTSPD. SRTP41. 在网络安全中,什么是“弱密码”?A. 长度较短的密码B. 长度较长且包含多种字符类型的密码C. 长度较长但只包含数字的密码D. 长度较短但包含特殊字符的密码42. 以下哪种攻击方式会导致应用程序逻辑被破坏?A. 缓冲区溢出攻击B. DDoS攻击C. 跨站脚本攻击D. 逻辑漏洞攻击43. 在SSL/TLS握手过程中,哪个步骤用于交换会话ID?A. ClientHelloB. ServerHelloC. CertificateD. Session ID44. 以下哪种加密方式属于块加密?A. RSAB. AESC. RC4D. DES45. 在数字证书中,哪个字段用于标识证书的签名算法?A. SubjectB. IssuerC. Serial NumberD. Signature Algorithm46. 以下哪种技术可以防止数据在存储过程中被重放?A. 数据加密B. 数据压缩C. 数据备份D. 数据校验47. 在PKI体系中,哪个组件负责管理证书的查询?A. CA(证书颁发机构)B. RA(注册机构)C. KMC(密钥管理中心)D. OCSP(在线证书状态协议)48. 以下哪种协议用于在IP网络上安全地传输多媒体数据?A. HTTPB. FTPC. RTPD. SRTP49. 在网络安全中,什么是“密码策略”?A. 使用固定密码的规则B. 使用随机密码的规则C. 使用复杂密码的规则D. 使用简单密码的规则50. 以下哪种攻击方式会导致用户数据被泄露?A. 缓冲区溢出攻击B. DDoS攻击C. 跨站脚本攻击D. 数据泄露攻击51. 在SSL/TLS握手过程中,哪个步骤用于交换加密密钥?A. ClientHelloB. ServerHelloC. CertificateD. Key Exchange52. 以下哪种加密方式属于公钥加密?A. RSAB. AESC. RC4D. DES53. 在数字证书中,哪个字段用于标识证书的签名值?A. SubjectB. IssuerC. Serial NumberD. Signature Value54. 以下哪种技术可以防止数据在传输过程中被截获?A. 数据加密B. 数据压缩C. 数据备份D. 数据校验答案1. B3. B4. C5. B6. A7. C8. D9. C10. B11. D12. B13. A14. D15. B16. C17. C18. A19. D20. A21. D22. D23. A24. D25. C26. D27. C28. C29. C30. A31. D32. D33. B34. B35. D36. C37. D38. D39. D40. D41. A42. D43. D44. B45. D46. D47. D48. D49. C50. D51. D53. D54. A。
SCSA 4题库(53道)
SCSA 41、[ssL]下列关于SSLVPN单臂部署的说法正确的是?——[单选题]A 单臂部署不支持防火墙过滤规则B 单臂部署不支持配置静态路由C 回单臂部署不支持配置VAN口地址D 单臂部署不支持防DOS攻击功能正确答案:D2、[AC]U盘恢复设备控制台密码的操作步骤,下列选项中错误的的是?——[单选题]A U盘格式可以上FAT32B 新建一个reset-cfg. txt文件,放入U盘根目录C U盘格式可以上NFTSD 电脑和设备可以通信,访问设备地址https://ACIP/php/rp. Php正确答案:C3、[AF]路由属性的接口,都有链接故障检测的功能,关于链路检测功能的说法,错误的是?——[单选题]A 链路检测结果支持做为双机切换的条件B 链路检测结果支持做为接口是否启用的生效条件C 链路检测结果支持做为静态路由是否生效的条件D 链路检测结果支持做为策略路由选路的条件正确答案:C4、[AC]关于服务和端口的对应关系,不正确的是?——[单选题]A 设备同步日志到外置数据中心的服务端口为81B SANGFOR Firnware Updater连接设备的51111端口C 设备控制台的服务端口为443D 设备HTTP密码认证服务端口为80正确答案:A5、[EDRJEDR授权不包含下列哪项?——[单选题]A 智检测B 智防C 智响应D 智控正确答案:A6、[SsL]下列关于登录策略的说法正确的是?——[单选题]A 启用登录策略不会导致VPN在线用户断开B 登录策略功能不支持EC登录,只支持浏览器方式登录C 以上说法都都不对D 登录策略功能可以和SSL VPN多线路选路功能一起用正确答案:B7、[ssL]下列关于SsL VPN资源的说法正确的是?——[单选题]A SSL VPN资源可以关联给不同用户B SSL VPN只有web应用的资源可以隐藏C SsL VPN的资源不可以做排序D SSL VPN的资源导入导出时需要用txt格式正确答案:A8、[AF]为构建云端、网端、终端全方位立体化的安全防护体系,深信服下一代防火墙可与其他产品进行联动,形成整体的防护。
深信服SCSA认证考试模拟习题
SCSA认证考试模拟试题(2)1.对于恢复设施出厂设置,以下说法不正确的选项是A、能够经过 SANGFOR Firmware Updater加载升级包恢复出厂设置B、能够经过 U 盘恢复出厂设置C、能够经过设施控制台恢复出厂设置D、能够经过交错线恢复出厂设置2.下边对于外置数据中心的说法,错误的选项是A、当客户需要长久保留日记时,介绍安装外置数据中心B、外置数据中心才有附件内容搜寻功能C、外置数据中心支持安装在linux系统上D、外置数据中心介绍安装在windows 服务器系统上3.以下哪个破绽不是因为未对输入做过滤造成的A、DOS攻击B、SQL注入C、XSS攻击D、CSRF攻击4.以下哪种网络攻击不属于 DOS攻击A、SYN Flood 攻击B、ICMP Flood 攻击C、IP Spoofing攻击D、Tear Drop 攻击5.以下对于“公共用户”,描绘正确的选项是A.“公共用户”支持当地密码认证和证书认证B、“公共用户”支持短信认证,令牌认证等协助认证C、“公共用户”不支持硬件特点码认证D、“公共用户”不同意用户在线改正登录密码6. 以下有关 NGAF接口与地区的说法中,错误的选项是A、NGAF的一个路由口下能够增添多个子接口,且路由接口的IP 地点不可以与子接口的 IP 地点在同网段B、NGAF的一个地区能够包括多个接口,一个接口也能够属于多个地区C、NGAF的虚构网线地区只好包括虚构网线接口,不可以包括透明接口和三层接口D、单进单出透明部署状况下,能够经过配置VLAN接口 IP 来对设施进行管理7.对于不需要认证,以下说法错误的选项是A. 能够从数据包中获得到用户的IP 地点B、三层环境下能够直接从数据包中获得到用户的MAC地点C、能够从数据包中获得到用户所属的VLAN IDD、设施经过 NETBIOS协议能够获得到用户的计算机名8.对于受权有关的说法中,正确的选项是A、SSL VPN受权用户数就是能够创立的最大用户数B、SANGFOR VPN PDLAN与SSL VPN用户数能够手动调整,保持受权总数不变C、第三方对接标准IPSEC VPN对接不需要受权D、网关模式部署,能够随意使用多条外网线路,不需要WAN线路数受权9、以下说法不正确的选项是A.在大批数据进行加密的时候一般会采纳非对称加密进行加密数据传输B.RSA、 ECC、DH、DSA是常有的非对称加密技术C、DES、 AES、Blowfish 、IDEA等是常有的对称加密的算法D.非对称加密相对于对称加密而言,安全性更高10. 对于 SANGFOR PDLAN的说法错误的选项是A、PDLAN是 SANGFOR VPN的 Windows客户端软件B、PDLAN接入,总部一定配置虚构 IP 池C、总部新建账号时“种类”一定设置为“挪动”D、PDLAN接入后还需要配置地道路由才能接见总部内网网段11、AF开直通后会致使大多数策略不奏效,有哪些模块不受该影响呢A、DOS/DDOS防备中的鉴于数据包攻击和异样数据报文检测、网页防窜改、 http 与 ftp 隐蔽功能奏效B、只需针对单个 IP 开直通 , 所实用户流控策略就不会无效了。
SCSP试题二题库(57道)
SCSP试题二1、下面哪一项在设计高可用性网络时不需要考虑?——[单选题]A 链路高可用B 接口高可用C 设备高可用D 存储高可用正确答案:D2、通过 SSL 设备命令控制台执行 ping 命令测试设备和资源服务器的连通性,以下命令错误的是?——[单选题]A -tB ping-I C ping -c 10D ping -s 1500正确答案:A3、对接无线控制器进行 PORTAL 认证场景时,下面说法正确的是?——[单选题]A AC 作为 RADIUS 客户端B AC 作为 RADIUS 服务端C AC 不需要新建认证策略D 该场景认证协议支持 CHAP正确答案:B4、深信服等级保护增值服务项目包括?——[单选题]A 信息系统安全调研B 渗透测试服务C 等级保护差距评估D 等保安全复查服务正确答案:B5、 PowershellMiner 挖矿描述不正常的是?——[单选题]A 利用 WMI+Powershell 方式实现的无文件攻击行为B SMB 弱口令爆破攻击和“永恒之蓝”漏洞攻击C 只访问一个矿池地址D 杀软较难查杀正确答案:C6、选项中,具备唯一标识用户的属性是?——[单选题]A 职业B 部门C 性别D 登录名正确答案:D7、关于深信服网端云联动解决方案,产品与对应位置说明,错误的是?——[单选题]A 云脑对应云侧产品B EDR 对应端侧产品C AC 对应端侧产品D AF 对应网侧产品正确答案:C8、下面关于高可用需求说法错误的是?——[单选题]A 人们为了保障系统高度可用性,提升工作效率从而产生高可用性的设计需求B 异地容灾也是一种提升高可用性的方式C 衡量一个系统的高可用性可以用平均无故障时间和平均维修时间来衡量D 系统高可用可以后期扩展,所以无需在最初设计时考虑正确答案:D9、在组合方案的【方案一(口字型),AD 路由主备,AF 透明主主的口子型部署】中,下列说法不正确的是?——[单选题]A AF 透明双主部署,组成透明桥的上、下联接口需要避开 bypass 对B AF 的主主建立,建议用聚合口做心跳,聚合模式选择主备C AD 的主备建立,建议开启备机网口掉电,保障 AD 切换主备后,下联设备通过物理口可以探测到 AD 的状态D AD 的主备建立,建议除了开启拔线检测外,还需要开启 ARP 检测,监听链路状态正确答案:C10、当美国零售巨头塔吉特(Target)爆出数据泄密事件后,UEBA 开始作为一种什么工具来使用——[单选题]A 网络安全工具B 行为分析工具C 兴趣匹配工具D 行为管理工具正确答案:A11、关于等级保护 2.0,以下说法错误的是?——[单选题]A 对拟定为第二级以上的网络,其运营者应当组织专家评审;有行业主管部门的,应当在评审后报请主管部门核准B 跨省或者全国统一联网运行的网络由行业主管部门统一拟定安全保护等级,统一组织定级评审C 行业主管部门可以依据国家标准规范,结合本行业网络特点制定行业网络安全等级保护定级指导意见D 因网络撤销或变更调整安全保护等级的,应当在 30 个工作日内向原受理备案公安机关办理备案撤销或变更手续正确答案:D12、下面哪种功能会导致 CAS 认证不生效?——[单选题]A 关联 TCP 资源B 开启分布式集群功能C 开启端点安全功能D 开启允许接入客户端类型正确答案:C13、 AF 接入云脑联动赋能,哪个不是配置层面的必须项?——[单选题]A AF 必须可以联互联网B AF 必须开通云脑的相关序列号C AF 必须网关部署D AF 必须开启隐私设置的相关接入正确答案:C14、下面关于外部 RADIUS 认证错误的是?——[单选题]A AC 使用外部 RADIUS 认证需要将用户导入到本地B SSLVPN 使用外部 RADIUS 认证需要将用户导入到本地C AC 使用外部 RADIUS 认证时不需要新建认证策略D 全部都错误正确答案:D15、对于 TCP 协议的描述中,不正确的是?——[单选题]A TCP 半开连接指的是 TCP 三次握手正常完成之后没有数据传输的 TCP 连接B TCP 半开连接指的是客户端不回复 TCP 三次握手最后一个 ACK 包导致三次握手无法正常完成的 TCP 连接C TCP 的拥塞控制使用窗口大小来控制D TCP 有重传机制保证了 TCP 数据的可靠性正确答案:A16、深信服 AC 产品,可以匹配细分领域的安全需求说明,错误的是?——[单选题]A 可以匹配安全网关的上网行为管理品类B 可以匹配内容安全的不良信息监测与过滤品类C 可以匹配安全智能的高级威胁防护品类D 可以匹配安全智能的威胁情报品类正确答案:D17、使用动态令牌认证,进行令牌认证一直提示错误,但是输入无问题,下列原因不可能是?——[单选题]A 用户未开启动态令牌认证B 认证协议不一致C SSL 设备时间不对D 共享密钥不一致正确答案:A18、下列关于账号安全,说法错误的是?——[单选题]A 第三方认证中,在认证设置中的防暴力破解,设置封锁 IP 的设置无效B 第三方认证中,在认证设置中的防暴力破解,设置封锁用户,设置无效C 以安全的角度来说,不建议使用公有账号D 定期检查设备中是否存在测试账号,若有,不使用可以禁用或者删除此账号正确答案:A19、下列选择中,哪一项不是动态令牌的技术类型?——[单选题]A 挑战/应答B 时间同步C 动态同步D 事件同步正确答案:C20、选项中,常见认证类型说法正确的是?——[单选题]A 登录某论坛直接使用微信完成快捷登录,属于多因素认证B 登录公司统一的 OA 后,其他业务系统无需二次登录,属于 OAuth 认证C 门禁系统用指纹识别属于生物识别D 以上说法都正确正确答案:C21、深信服防火墙产品,可以匹配细分领域的安全需求说明,错误的是?——[单选题]A 可以匹配安全网关的防火墙品类B 可以匹配应用安全的 web 应用防火墙品类C 可以匹配数据安全的数据库安全品类D 可以匹配安全智能的高级威胁防护品类正确答案:C22、在申请证书时,选择使用手动的 DNS 验证方式验证域名的所有权,那么需要在 DNS 服务器上添加什么记录?——[单选题]A A 记录B NS 记录C TXT 记录D 显性 URL 记录正确答案:C23、客户的无线网络想实现结合深信服设备做 portal 认证,选项中说法错误的是?——[单选题]A 客户环境只有一台深信服 AC,实现认证同时还要满足管控和审计需求,无法实现和无线控制器对接需求B 客户环境无线控制器有华为、华三两种,深信服 AC 可以实现对接C 如果客户环境客户环境只有胖 AP,没有无线控制器,且经过胖 AP 后,已做过 NAT,则无法实现和深信服 AC 对接,实现 portal 认证获取到真实用户信息D 如果客户环境是一台深信服 AC,可以实现与无线控制器做 portal 对接,并可以实现策略管控和审计正确答案:A24、下列选项中,关于应用识别的识别能力,说法错误的是?——[单选题]A 方向识别是对数据包的方向进行甄别B 代理上网环境无法进行对应用的识别C 支持单包识别D 支持多包识别正确答案:B25、关于深信服 AC 的微信认证方式,说法错误的是?——[单选题]A 最新版本深信服 AC 微信认证支持“点一点”、“微信连wifi”、“扫一扫”三种实现方式B 微信连 wifi 的实现方式是利用腾讯微信的 portal 型接口C 微信认证用于店商有公众号的客户场景D 做微信认证 AC 糊自动放通认证用户访问互联网流量一分钟正确答案:A26、以下关于蜜罐技术的说法错误的是?——[单选题]A 蜜罐技术的实现原理是:内网僵尸主机向内网 DNS 发起恶意域名解析->内网DNS 经过AF 向公网发起DNS 解析->AF 获取到恶意域名解析流量->AF 主动将蜜罐地址作为解析地址回复给内网DNS->内网DNS 转发给主机->僵尸主机访问蜜罐地址->AF 识别到真实的僵尸主机地址并作拦截处理B 旁路镜像模式不支持蜜罐功能C 蜜罐 IP 地址的设置,此 IP 地址必须是真实存在的,且不能于内网网段冲突,访问此 IP 的数据需要经过 AFD 蜜罐技术是应用于内网存在 DNS 服务器的场景下,用于定位内网真实僵尸主机的 IP 地址正确答案:C27、关于 EDR 和 AC 的联动功能说明,说法错误的是?——[单选题]A 在 AC 推广部署上,可以选择填写推送 agent 安装界面的范围B 在 AC 推广部署上,会自动识别终端的操作系统不同,选择推送 windows 或者 linux 的安装链接C 在 AC 联动杀毒上,可以从 AC 界面直接对安装了 edr 软件的终端发起风险扫描D 在 AC 联动杀毒上,可以从 AC 界面对查杀的结果进行隔离、信任、忽略等处置正确答案:B28、关于等保测评,以下说法正确的是?——[单选题]A 第二级以访谈为主B 第二级和第三级先核查安全机制,再检查策略有效性C 第三级测评对象为所有设备D 安全技术方面的测评以配置核查和测试验证为主,几乎没有访谈正确答案:D29、 AD 域下发脚本方式单点登录,客户端和设备通讯端口是哪个?——[单选题]A 1773B 1774C 1775D 1776正确答案:C30、使用 OTP 服务器对接 SSL 设备下列说法错误的是?——[单选题]A 对接 SSL 设备需要在 OTP 服务器和 SSL 设备创建相同的用户B 对接 SSL 设备通信使用 TCP1812 端口C OTP 对接 SSL 设备需要在用户的辅助认证中勾选动态令牌D OTP 动态令牌认证不支持 PPTP 接入正确答案:B31、关于 wrireshark 使用说法正确的有?——[单选题]A ip.addr 过滤 IPB ip.dst 过滤源 IPC eth.mac 过滤 macD tcp/udp.srcport 过滤端口正确答案:A32、关于 OAuth 认证流程,下列选项中哪个描述是错误的?——[单选题]A 客户端主动发起授权请求,等待服务器回复B 服务器收到请求后直接发放令牌C 客户端使用令牌,申请资源D 服务器返回开放资源正确答案:B33、设备单臂部署,管理员发现登陆 VPN 后可以通过互联网登陆控制台,检查配置发现未发布控制台的资源,下列说法不合理的是?——[单选题]A 用户关联了 WEB 全网资源B 用户关联了 L3VPN 全网资源C 用户可能做了端口映射将 SSL 控制台映射到公网D 用户开启了远程维护正确答案:D34、下面的协议中不属于 UDP 的是?——[单选题]A SMTPB SNMPC DNSD TFTP正确答案:A35、勒索病毒 wannacry 以及挖矿病毒 wannamine 都是利用了永恒之蓝 MS17- 010 漏洞进行传播,请问病毒在传播时主要利用了哪个端口?——[单选题]A 3389B 445C 22345D 22正确答案:B36、关于 HTTP 端口,下面说法错误的是?——[单选题]A 控制台 HTTP 管理默认使用 1000 端口B 若有多线路选路需求,则需使用 HTTP 端口C SSL 设备可以通过 HTTP 端口接入用户D 若启用路分布式集群的功能,必须开启 HTTP 端口正确答案:C37、下列不属于准入系统角色的是?——[单选题]A 准入服务端B 准入驱动C 准入客户端D 准入软件正确答案:D38、通过 SSL 设备命令控制台抓取设备访问资源服务器的数据包,以下关于Tcpdump 命令的说法错误的是?——[单选题]A tcpdump -i eth0 host 192.168.1.1-c 10 是指只抓 10 个包B tcpdump 抓包参数-s0 是指抓取完整的数据,不截断C 将数据包保存下来的命令是 tcpdump -i eth0 host 192.168.1.1 -wD 将数据包保存下来的命令是 tcpdump -i eth0 host 192.168.1.1-nn -s0 –w正确答案:D39、关于短信认证,支持的网关类型,说法错误的是?——[单选题]A 支持 GSM 短信猫B 支持中国联通短信网关C 支持 http 接口D 支持对接阿里云短信平台正确答案:D40、关于【匿名认证】安全说法正确的是?——[单选题]A 可针对不同匿名用户配置不同的权限B 可针对不同匿名用户终端类型配置不同的权限C 可只允许移动终端用户匿名登录D 匿名用户,只能访问指定某个资源,不能添加多个资源正确答案:B41、以下关于 SSLVPN 诊断修复工具修复功能说法错误的是?——[单选题]A 工具首页可以点击立即扫描进行一键体检B 工具扫描完成之后会显示正常项目和待修复项C 工具扫描出的待修复项都支持点击修复一键修复D 工具扫描出的待修复项部分可以一键修复,部分需要按修复建议进行手动操作才能修复正确答案:C42、某客户使用AC 做了一条上网权限策略,发现启用后打开一些网站显示不全,下列说法错误的是?——[单选题]A 可能做了 SSL 识别,导致访问 https 网站证书不受信任B 可能是 URL 过滤把网站的外链给拒绝了C 可能是做的文件类型过滤,图片格式给拒绝了D 可能是做了端口控制把 443 或者 80 端口拒绝了正确答案:D43、以下关于 XSS 攻击错误的是?——[单选题]A XSS 是一种常见于 Web 应用中的计算机安全漏洞B 反射型 XSS,又称非持久型 XSS,是由于代码注入的是一个动态产生的页面而不是永久的页面,所以反射型 XSS 既不会经过网页的后端,也不会经过数据库C <script>alert(document.cookie);</script>这段脚本执行的结果是会弹出一个对话框显示用户的 cookie 信息D 攻击者可以通过使用<html>与</html>的 HTML 标签格式,向网页中插入一段 JavaScript 脚本时,使得这些脚本程序在浏览器中被执行从而实现 XSS 攻击正确答案:B44、微步可以查询到的信息不包括哪一项?——[单选题]A url/ipB 恶意文件C 域名反查D 勒索病毒是否可以解密正确答案:D45、下列关于数据库特性,说法错误的是?——[单选题]A MySQL 支持 TCP/IP、ODBC 和 JDBC 连接数据库B SQL Server 只能在 Windows 系统上运行C Sybase 支持 Unix 系统D Oracle 的操作较为复杂,对数据库管理人员要求较高正确答案:B46、当违规使用代理工具后惩罚措施正确的是?——[单选题]A 只能配置禁止上网B 不能配置惩罚时间C 添加到惩罚通道必须先配置流控策略D 触发禁止上网后重启可以解除正确答案:C47、 AC 主主模式下以下那个信息不会同步?——[单选题]A 在线用户信息B 序列号C 用户绑定信息D 会话信息正确答案:B48、 IT 系统管理员小明最近收到了一封电子邮件,电子邮件中要求他去访问一个某官网的网站链接,并且需要他实名注册,这可能属于哪种类型的网络攻击?——[单选题]A 水坑攻击B 鱼叉式钓鱼攻击C DDOS 攻击D 社会工程学攻击正确答案:B49、在互联网中,导致攻击与防御处于不对等状态的主要原因是?——[单选题]A 管理的脆弱性B 软件的脆弱性C 黑客的强大性D 网络软硬件的复杂性正确答案:D50、关于【防 HTTP 头部攻击设置】说法错误是?——[单选题]A 支持通配符【?】B 支持通配符【*】C 修改配置不需要重启 SSLVPND 支持 IP 地址51、过滤参数表达式中,关于逻辑连接符号解释错误的是?——[单选题]A “\”表示与B “|”表示或C “!”表示非D “*=”表示存在正确答案:A52、下列哪项功能没有在 AF8.0.8 版本的增强功能模块序列号中?——[单选题]A web 应用防护B 实时漏洞分析C 网关杀毒模块正确答案:C53、关于【密码认证选项】说法错误的是?——[单选题]A 连续输入密码错误后,可锁定用户一小时B 用户因密码错误太多锁定后,只能等待超时C 用户因密码错误太多锁定后,只能通过删除用户再新建用户接触锁定D 图形校验码针对外部用户生效正确答案:C54、不可以通过哪些方式查看到网站被挂的黑链?——[单选题]A 通过 SIP 上的黑链安全事件查看网站被挂黑链情况B 通过搜索引擎 site 功能搜索黑链关键字查看网站被挂黑链情况C 通过查看网站源码查看网站被挂黑链情况D 通过云盾查看网站被挂黑链情况正确答案:D55、以下关于 SQL 注入说法正确的是?——[单选题]A SQL 注入,攻击者只能通过 URL 地址栏输入域名的方式,利用某些特殊构造的 SQL 的特殊字符和指令,提交一段数据库查询代码,操纵并获得本不为用户所知的数据B SQL 注入的产生原因通常表现为:不当的类型处理、不安全的数据库配置、不合理的查询集处理、不当的错误处理、转义字符处理不合适等C 永远不要信任用户的输入,对用户的任何输入都做拦截处理,是很有效的SQL 注入防范方式D 在浏览器中输入 URL 在请求的过程中也可能会触发56、 SSL 和 CAS 对接后,发现 CAS 认证页面打不开,下面排查错误的是?——[单选题]A 确认 SSL 到 CAS 到连通性B 确认 SSL 是否加入 CAS 到受信应用C 确认 CAS 页面是否有不同域到页面,若有,则需配置登陆子站点D 确认是否有配置 CAS 资源正确答案:D57、 AC6.1 设备上下载下来的 logon 脚本,默认使用的什么端口?——[单选题]A TCP1775B UDP1775C TCP1773D UDP1773正确答案:D。
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Sun 310-014Solaris 9 Sun Certified System Administrator Part IVersion 9.0Important Note, Please Read CarefullyStudy TipsThis product will provide you questions and answers along with detailed explanations carefully compiled and written by our experts. Try to understand the concepts behind the questions instead of cramming the questions. Go through the entire document at least twice so that you make sure that you are not missing anything.Further MaterialFor this test TestKing also provides:* Interactive Test Engine Examinator. Check out an Examinator Demo at/index.cfm?pageid=724Latest VersionWe are constantly reviewing our products. New material is added and old material is revised. Free updates are available for 90 days after the purchase. You should check your member zone at TestKing an update 3-4 days before the scheduled exam date.Here is the procedure to get the latest version:1.Go to 2.Click on Member zone/Log in3.The latest versions of all purchased products are downloadable from here. Just clickthe links.For most updates, it is enough just to print the new questions at the end of the new version, not the whole document.FeedbackFeedback on specific questions should be send to feedback@. You should state: Exam number and version, question number, and login ID.Our experts will answer your mail promptly.CopyrightEach pdf file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular pdf file is being distributed by you, TestKing reserves the right to take legal action against you according to the International Copyright Laws.QUESTION NO: 1Which two describe /dev/rmt/0? (Choose two)A.The first instance of a tape drive.B.The physical device name for the default tape drive.C.The logical device name with hardware compression activated.D.The default tape device name as indicated in the /kernel/drv/st.conf file.E.The default tape device name that indicates the tape should not be rewound when thecurrent operation completes.Answer: A, DExplanation: The file /dev/rmt/0 is used as the default tape device in Solaris.It will be linked to a character special file such as /devices/pci@1f,0/pci@1/scsi@3/st@0,0: File /kernel/drv/st.conf is used as a configuration file for devices.QUESTION NO: 2You have only a limited number of tapes available, and need to use them to hold as much data as possible.Which tape device allows you to save the most data on a single tape?A./dev/rmt/ozB./dev/rmt/01C./dev/rmt0mD./dev/rmt/0hAnswer: DExplanation: The tape device /dev/rmt/0h is used as a high density device. that uses a compression ratio dependant on the capability of the drive.QUESTION NO: 3What is a valid /etc/vfstab entry for associating the /export directory with the device c2t3d0s0?A./dev/dsk/c2t3d0s0 /dev/rdsk/c2t3d0s0 /export ufs 1 yesB./dev/rdsk/c2t3d0s0 /dev/rdsk/c2t3d0s0 /export ufs 1 yes –C./dev/dsk/c2t3d0s0 /dev/rdsk/c2t3d0s0 /export ufs 1 yes –D./devices/dsk/c2t3d0s0 /devices/rdsk/c2t3d0s0 /export ufs 1yes –Answer: CExplanation: Entries within the/etc/vfstab file take the following format:Device to mount, Raw device, Mount point, FS type, fsck pass, Mount at boot, Mount options QUESTION NO: 4With the system powered off, you physically connect a new SCSI disk intro the existing SCSI chain. You boot the system using the boot –r command.In which four locations can you find the new device names for the new SCSI disk? (Choose four)A./devicesB./dev/dskC./dev/rdskD./kernel/drvE./etc/path_to_instF./etc/name_to_majorG./platform/sun4u/kernel/drvAnswer: A, B, C, EExplanation: The /devices , /dev/dsk and /dev/rdsk directories are re-built from theboot –r command.path_to_inst stores the physical device names, there is no major_to_minor.Incorrect Answers:The file /etc/name_to_major is used to map the device driver names to the major number mapping.The /kernel/drv directory is used for tape devices so would not be affected by a new SCSI diskQUESTION NO: 5Which command can you use to display jobs that are scheduled to run at a specific time?A.atqB.jobqC.jobsD.queuedAnswer: AExplanation: The atq command is used to list the contents of the at queue stored within the directory /var/spool/cron/atjobsQUESTION NO: 6You have four printers installed and configured on your print server. The printers are named according to their performance: veryfast, fast, medium, and slow. You want to define a print class, printclass, that incorporates all four printers and sends most of the work to the veryfast and fast printers.Which sequence of commands on the print server accomplishes this task?A.lpadmin –p veryfast,fast,medium,slow –c printclassB.lpsched –p veryfast,fast,medium,slow –c printclassC.lpadmin –p slow –c printclasslpadmin –p medium –c printclasslpadmin –p fast –c printclasslpadmin -p veryfast –c printclassD.lpadmin –p veryfast –c printclasslpadmin –p fast –c printclasslpadmin –p medium –c printclasslpadmin –p slow –c printclassAnswer: DExplanation: The order of the printers defined within the printer class indicates the priority. The first printer defined has a higher priority that the last printer defined, whereby sending print jobs to the first printer defined if not currently busy.QUESTION NO: 7What files does the last command read to determine login history?A./var/adm/wtmpB./var/adm/utmpxC./var/adm/wtmpxD./var/adm/lastlogAnswer: CExplanation: The utmpx file contains user access and administration information. The file wtmpx contains the history of user access and administrative information.To read the contents of the wtmpx file you have to use the fwtmp command:cat /var/adm/wtmpx | /usr/lib/acct/fwtmp | moreQUESTION NO: 8You telnet into a Solaris machine and log in as user1. Your account is set up to use the C shell (csh) and your home directory is /home/user1.Which three files (assuming they exist) does the C shell read to initialize your environment? (Choose three)A./etc/loginB./etc/.loginC./etc/profileD./home/user1/.loginE./home/user1/.cshrcF./home/user1/.profileAnswer: B, D, EExplanation: The .profile files are used by korn and bourn shell users.The /etc/login file does not exit by default. For C shell (csh) users the file is /etc/.login QUESTION NO: 9A patch can be installed with no backout information saved to economize on disk usage. Which is the correct command to install the patch 105050-05 with “no backout” from /tmp?A.patch < /tmp/105050-05B.patchadd /tmp/105050-05C.pkgadd –d /tmp/105050-05D.patchadd –d /tmp/105050-05Answer: DExplanation: Use the command patchadd to install patches.The -d flag is used to install patches without saving any original files.QUESTION NO: 10The SUNWman package has been spooled into the /export/host1/packages directory. Your current directory is /etc. You want to obtain detailed information about this package before installing it into the Solaris Operating Environment on your system.Which command displays the information you want to see?A.pkginfo –dl . SUNWmanB.pkginfo –dl /export/host1/packages SUNWmanC.pkginfo –d /export/host1/packages –l SUNWmanD.pkginfo –d SUNWman /export/hist1/packages –1Answer: CExplanation: The pkginfo command is used to display information on a patch.The command expects a directory location, the option to be performed (-l for list)and then the patch name.QUESTION NO: 11You have shut down your system to run level 0, and you are at the ok prompt. You want to display a list of disk device paths and choose one to use it a customized device alias.Which OBP command allows you to select a device path and later insert it into the command line that creates the new device alias?A.devaliasB.show-devsC.show-disksD.find-deviceAnswer: CExplanation: This will display a menu showing the physical device path for disk controllers. You can then use Ctrl Y (Control-Y) to select the disk controller required to paste onto the command line if setting up an alias.For example: nvalias mydisk (Ctrl-Y paste) /pci@1f,0/pci@1,1/ide@3/diskQUESTION NO: 12You have logged into the console as user1. Now you log in as root using the su command.Which user identities do the whoami and who am i commands report?A.whoami reports root, who am i reports root.B.whoami reports user1, who am i reports root.C.whoami reports root, who am i reports user1.D.whoami reports user1, who am i reports user1.Answer: CExplanation: whoami reports original user and who reports current user.The “am i” is an option within the who command.QUESTION NO: 13Your telnet into a Solaris machine and log in as user1. Your account is set up to use the Korn shell (ksh) and your home directory is /home/user1.The following files are read by the Korn shell to initialize your environment on login:A./home/user1/.kshrcB./etc/profileC./home/user1/.profileIn which order are they executed?A.A, B, CB.A, C, BC.B, A, CD.B, C, AE.C, A, BF.C, B, AAnswer: DExplanation: The /etc/profile system file is always executed before any local user files. The local .profile file is then executed prior to .kshrc (if it exists).The .kshrc file is used for setting up variables, the .profile file can however be used instead. QUESTION NO: 14An fsck has just been run on an unmounted file system that exists on/dev/rdsk/c0t3d0s7.Which command can you use to mount this file system as /export/eng_data?A.mount /dev/dsk/c0t3d0s7 /export/eng_dataB.mount /export/eng_date /dev/dsk/c0t3d0s7C.mount /dev/rdsk/c0t3d0s7 /export/eng_dataD.mount /export/eng_data /dev/rdsk/c0t3d0s7Answer: AExplanation: Always use the non-raw device for mounting a file system.Specify the device that is being mounted against the mount point.If the file system details are listed within the /etc/vfstab file then the commandmount /export/eng_date will also workQUESTION NO: 15Which command displays the list of alternate superblocks for a UFS file system onc0t0d0s0?A.fsck /dev/rdsk/c0t0d0s0B.format /dev/dsk/c0t0d0s0C.prtvtoc /dev/dsk/c0t0d0s0D.newfs –N /dev/rdsk/c0t0d0s0Answer: DExplanation: fsck is used if the file system has become inconsistent. The format command is used for formatting disks and creating VTOC’s. The prtvtoc command prints the vtoc for a disk.QUESTION NO: 16Which two are reasons to select Custom JumpStart installation over Web Start Flash installation? (Choose two)A.JumpStart uses a master system to serve the installations.B.JumpStart installation is faster than a Web Start Flash installation.C.JumpStart uses profiles that can be customized for different types of systems.D.JumpStart allows you to incorporate scripts to perform pre-installation and post-installation tasks.Answer: C, DExplanation: Custom Jumpstart is configurable so is generally used for automating Installations.QUESTION NO: 17You have 1 of 2 Solaris 9 installation CD-ROMs, and you want to spool the SUNWzip package from the /cdrom/sol_9_sparc_2/Solaris_9/Product directory to the default spooling directory?Which two commands can accomplish this? (Choose two)A.pkgadd –s spool – d /cdrom/sol_9_sparc_2/Solaris9/ProductSUNWzipB.pkgadd –d spool –s /cdrom/sol_9_sparc_2/Solaris_9/ProductSUNWzipC.pkgadd –d /cdrom/sol_9_sparc_2/Solaris_9/Product SUNWzip –s /var/spool/pkgD.pkgadd –s /var/spool/pkg –d/cdrom/sol_9_sparc_2/Solaris_9/Product SUNWzipAnswer: A, DExplanation: The default spool area is /var/spool/pkg The word spool can be used as a substitute for this default location. The parameter used by the pkgadd command to reference the spool area is -sQUESTION NO: 18You successfully installed the recommended patch cluster for the Solaris release installed on your system. A specific hardware component you want to attach requires a patch that is not found in the patch cluster.What should you do to check if the new patch is incompatible with any of those patches already installed?A.Install the patch and see if it works.B.Read the README file associated with the new patch.C.Read the README file associated with the patch cluster.D.No action is required because all patches are compatible.Answer: BExplanation: Each patch within a patch cluster has it’s own README file.QUESTION NO: 19The main tasks for configuring printer services are setting up the printer, setting ip the print server, setting up the print client, and verifying printer access.Place each task on its definition.Answer:QUESTION NO: 20Which two are correct statements about printer classes? (Choose two)A. A printer class can NOT include printers from different manufactures.B. A printer class must be defined before any printers can be added to it.C. A printer class is a way of grouping individual printers for load balancing.D. Printer priority within a class can be defined by adding the printers to the class in descending order priority.Answer: C, DExplanation: The following creates a class containing two printers. lpadmin -p “fast-printer” -c supports lpadmin -p “slow-printer” -c supportsPrints will be sent to the printer fast-printer if it is not busy, otherwise they will go to slow-printer . This is useful for load balancing print jobs.QUESTION NO: 21On may 11, at 9:30 A.M., an administrator accidentally removes several critical files from /etc . Analysis of the /etc/dumpdates file reveals the following:/dev/rdsk/c0t0d0s0 0 Fri May 10 10:15:38 2002 /dev/rdsk/c0t0d0s5 0 Fri May 10 10:46:06 2002 /dev/rdsk/c0t0d0s7 0 Fri May 10 10:54:56 2002 /dev/rdsk/c0t0d0s7 0 Fri May 10 10:59:02 2002 /dev/rdsk/c0t0d0s0 2 Sat May 11 10:15:03 2002 /dev/rdsk/c0t0d0s7 2 Sat May 11 10:25:23 2002 /dev/rdsk/c0t0d0s0 3 Sun May 12 10:15:14 2002Set up print client Configure the system to access aremote printer. Set up the printer Physically connect the printer to a machine of the network.Task – Select from these Definition – place here/dev/rdsk/c0t0d0s7 3 Sun May 12 10:22:22 2002A portion of the /ect/vfstab file shows:/dev/dsk/c0t0d0s0 //dev/dsk/c0t0d0s5 /opt/dev/dsk/c0t0d0s6 /usr/dev/dsk/c0t0d0s7 /export/homeWhich /etc/dumpdates entry identifies the tape from which you should obtain the deleted files?A./dev/rdsk/c0t0d0s0 3 Sun May 12 10:15:14 2002B./dev/rdsk/c0t0d0s0 0 Fri May 10 10:15:38 2002C./dev/rdsk/c0t0d0s6 0 Fri May 10 10:54:56 2002D./dev/rdsk/c0t0d0s5 0 Fri May 10 10:46:06 2002Answer: BExplanation: The /etc directory will be contained on the root ( / ) file system.The last backup of the root file system (/dev/dsk/c0t0d0s0) was on May 11 at 10:59,Which was after the deletion of the files – so, use the previous backup on May 10 at 10:15QUESTION NO: 22You are not allowed to bring the system down to single user mode, but you must back the active / (root) file system.What can you use to back up your / (root) file system?A.UFS SnapshotB.Solaris Volume ManagerC.The devfsadm commandD.Solaris Management ConsoleAnswer: AExplanation: Use UFS Snapshot to create an image of a live file system. Then backup the image.QUESTION NO: 23You use the ufsrestore command to extract the whole content of a file system (stored to tape with ufsdump) onto another file system.Which statement about inode allocation is true?A.The new file systems inodes are allocated successively as the files are restored,independent of the inode numbers recorded to tape.B.ufsrestore consults the inode map in each cylinder.If an inode to be restored is already allocated, ufsrestore quits with a failmessage.C.The inodes are allocated such that the inode numbers after the restore are identical tothe inode numbers recorded on tape, effectively overwriting inodes that had beenallocated before the restore.D.ufsrestore tries to allocate inode numbers for the restored files as they arerecorded on tape and evades to new, unallocated inodes whenever an inode number is already allocated in the file system.Answer: AExplanation: Ufsrestore will allocate and change inode, there’s why you need to do a full backup after restore.QUESTION NO: 24Which three commands stop the NFS server daemons? (Choose three)A./etc/init.d/nfs.server stopB./etc/rc5.d/K28nfs.server stopC./etc/rc2.d/K28nfs.server stopD./etc/rc0.d/S15nfs.server stopE./etc/rc3.d/S15nfs.server.stopF./etc/rc0.d/K28nfs.server stopAnswer: A, B, CExplanation: Answer A is the main script that the others are linked to.NFS is used at run level 3. Answers B, D and E do not exist.Incorrect Answers:D, E: D, E are scripts that starts with “S” meaning they are start scripts. You cannot use start scripts to stop NFS server.F: NFS server is not run at run level 0QUESTION NO: 25You have a system with a default configuration and a valid entry in the NFS server configuration file. What is the run level in which the NFS server daemons start automatically?A.0B. 1C. 2D.3E. 5F.SAnswer: DExplanation: Run level 2 is multi-user. Run level 3 is multi-user with NFS.QUESTION NO: 26You have been requested to restore some files to the home directory of/export/home/usera by using the tar command. You cd to the home directory of usera before doing the restore.What happens?A.If a file you want to restore existed, it would not be restored.B.An existing file is renamed to filename.old and a new file is restored,C.If a file you want to restore already existed, it would be overwritten by the restoredfile.D.If a file you want to restore already existed, only the modification time would beupdated.Answer: CExplanation: A restore overwrites any files already in that location with the same name. That is why it is best to always restore to a temporary area first to be on the safe side. QUESTION NO: 27Exhibit:1.extract2.add hosts3.cd /var/tmp4.cd /etc/inet5.mt –f /dev/rmt/On fsf 16.ufsrestore ivf /dev/rmt/07.mv /var/tmp/etc/inet/hosts /etc/inet/hosts8.quitThe steps that should be used to interactively restore the /etc/inet/hosts file from the second ufsdump file on a tape are shown in the exhibit.In which order should they be executed?A.3, 6, 4, 2, 1, 5, 7, 8B.3, 4, 5, 6, 2, 1, 7, 8C.3, 6, 5, 2, 1, 4, 8, 7D.3, 5, 6, 4, 2, 1, 8, 7Answer: DExplanation: The mt command moves the tape device forward one step. The add command adds a file to be restored to the restore list. The extract command extract the files listed in the restore list. The mv command moves the restored file to the correct locationQUESTION NO: 28You want to create a hard link to a regular file. What us required of the regular file for the ln command to succeed? (Choose two)A.The file must exist before you run the ln command.B.The file must be in the same directory as the new file name.C.The file must be in the same file system as the new file name.D.The file must be in a different directory from the new file name.E.The file must be in a different file system from the new file name.Answer: A, CExplanation: Hard links have to be within the same file system, soft links do not.The file to be linked to – the regular file must exist, otherwise you will have nothing to link to.QUESTION NO: 29You use the command lp file1 to print file1. Which source does the lp command check first to determine where to send print jobs?A.The LPDEST environment variable.B.The PRINTER environment variable.C.The printer defined as the default in the $HOME/.printers file.D.The printer defined as the default in the /etc/printers.conf file.Answer: AExplanation: The variable LPDEST is a user variable set in the local .cshrc, .profile or.kshrc files. This is the first to be checked. The PRINTER variable can also be used in the same manner but is checked after LPDESTQUESTION NO: 30Which command prints three copies of a file named myfile on the default printer?A.lp –3 myfileB.lp –c 3 myfileC.lp –n 3 myfileD.lp –0 3 myfileAnswer: CExplanation: This will print 3 copies of myfile to the default printer. The other commands Do not have the correct syntax.QUESTION NO: 31Which file associates GIDs with group names?A./etc/groupB./etc/groupsC./etc/systemD./etc/default/groupAnswer: AExplanation: The /etc/group file associates GIDs with group names. Files /etc/groups and /etc/default/group do not exist. The file /etc/system is a kernel configuration file.The format of the /etc/group file is:Group name : password (if any) : list of group members separated by commas QUESTION NO: 32Which file should you modify to change the number of groups to which a user can belong?A./etc/groupB./etc/systemC./etc/default/loginD./etc/default/passwdAnswer: BExplanation: files /etc/group, /etc/default/login and /etc/default/passwddo not contain the default number of groups to which a user can belong.The default number of groups for each user is set by NGROUPS_MAX to be 16 by default. This can be checked via the command: getconf NGROUPS_MAXThis number can be increased to an absolute value of 32 via set ngroups_max=32 being set within the /etc/system file and then rebooting with a boot –r command.QUESTION NO: 33Your company has 20 identical systems that are used to conduct training classes. Each week you must re-install the Solaris Operating Environment on all 20 systems and customize them for the class running that week.Which Solaris installation method should you use for this purpose?A.Solaris Web Star installation.B.Solaris Interactive installation.C.Solaris JumpStart installation.D.Solaris Live Upgrade installation.Answer: CExplanation: Solaris Jumpstart was developed for this very purpose.QUESTION NO: 34You are using a system running in single user mode and want to turn it off. Which three commands bring the system to a state where you can safely turn off the power? (Choose three)A.haltB.init 3C.init 5D.rebootE.poweroffF.reboot -- -rAnswer: A, C, EExplanation:Answers D and F reboots the system to the default init state – 3Answer B boots the system to the default.The command reboot -- -r passes the flag –r to the OBP, which is a re-boot.QUESTION NO: 35You can log in to both hostA and hostb using the same login name. You want to use the rcp command to copy a file from hostA to HostB.What do you need to do to allow this operation?A.Add your login name to the /etc/hosts.equiv file on hostb.B.Create hosts.equiv files in your home directories and put a + in the file onhostb.C.Ask the system administrator to add you to the /etc/.rhosts file on the hosthostb.D.Create a .rhosts file in your home directory on hostb and put the host namehostA in the file.Answer: DExplanation: Answer D will work correctly at only the local userid needs the .rhosts file to contain the host name of the sending machine.For answer B, it is not required to create a hosts.equiv file in both home directories on both machines, only the machine being copied to – i.e. hostb. This will work but overkillYou telnet into a Solaris machine and log in as user1. Your account is set up to use the Bourne shell (sh) and your home directory is /home/user1.Which two files (assuming they exist) does the Bourne shell read to initialize your environment? (Choose two)A./etc/loginB./etc/profileC./home/user1/.loginD./home/user1/.profileAnswer: B, DExplanation: Both the Bourne and Korn shells use the system wide /etc/profile file and the local user file /home/user1/.profile. The login files are used by the csh shellQUESTION NO: 37Which command adds the user user1 to the group staff?A.chuser –g staff user1ermod –G staff user1C.moduser –g staff user1D.groupmod –u user1 staffAnswer: BExplanation: The valid command to modify a user account is usermod.QUESTION NO: 38Which subcommand within the format utility, when executed from the initial menu, allows you to save new disk and slice information to a file?A.diskB.savebelD.formatE.updateF.partitionAnswer: BExplanation: The save command. : save - save new disk/partition definitionsdisk is used to select a different disk, label is used to write a label to disk, format is used to format and analyze, update is not a valid command and partition is used to define a partition table for a disk.Given the command:# pkgrm –s spool SUNWauddWhat is the result?A.It removes the SUNWaudd package, but saves a copy in a spooling area.B.It removes the SUNWaudd package from the /var/spool/pkg directory.C.It displays spooling information about the SUNWaudd package as it is being removed.D.It removes the SUNWaudd package that is currently installed in the Solaris OperatingEnvironment.Answer: BExplanation: The –s flag indicates the spool area located at /var/spool/pkg. The spool Command can be used instead of specifying /var/spool/pkg.QUESTION NO: 40Which are two reasons for using Web Start Flash installation instead of Solaris Web Start? (Choose two)A.Web Start Flash uses a Java technology-based GUI.B.Web Start Flash allows interactive customization of the installation.C.Web Start Flash installation is much faster because it is based on a previously installedsystem.D.Web Start Flash installation enables you to install many systems based on aconfiguration installed on a master system.Answer: C, DExplanation: Think Web start Flash – “Faster” to remember.Web Start Flash is used for quick default installations without any customization. QUESTION NO: 41You decide to create a class of printers. Which command can create a class of printers called supports?A.lpadmin –c supportB.lpadmin –c “printer name” –p supportsC.lpadmin –p support –c “printer name”D.lpadmin –p “printer name” –c supportsAnswer: DExplanation: You have to specify a printer to associate with the class.Remember p – printer, c – class.QUESTION NO: 42Your system is configured with a local print spooler called printer1 and has access to a remote print spooler called printer2. Your default printer is printer1.What command should you use to print file1 to printer2?A.lp printer2 file2B.lp file1 printer2C.lp –p printer2 file1D.lpr –p printer2 file1E.lp –dprinter2 file1Answer: EExplanation: As you are not printing to your default printer you will need to specify the printer via the –d option.The –p option is used to enable notification when the print job has completed. See man page extract below. None of the answers given are correct.The answer should be lp –dprinter2 file1-p Enables notification on completion of the print request.Delivery of the notification is dependent on additional software.QUESTION NO: 43Which command can be used to retrieve just the /etc/inet/hosts file from the ufsdump file on the /dev/rmt/0 tape device?A.ufsrestore ./etc/inet/hosts /dev/rmt/0B.ufsrestore Ovf /dev/rmt/0 ./etc/inet/hostsC.ufsrestore rvf /dev/rmt/0 ./etc/inet/hostsD.ufsrestore svf /dev/rmt/0 ./etc/inet/hostsE.ufsrestore -xvf /dev/rmt/0 ./etc/inet/hostsAnswer: EExplanation: Valid options for ufsrestore are: I, r, R, t or xOption r is used for recursive restore only. Option 0 is used as the dump level in ufsdump. QUESTION NO:44You have defined two device aliases named bootdisk01 and bootdisk02. These aliases allow you to boot your system from two different disks, and currently bootdisk01 is used by default.Which Solaris command should you use to cause the system to boot from bootdisk02 by default?。