You are configuring an LDAP authentication server, and you want to configure role-mapping rules based on group membership. When you attempt to search for groups in the server catalog, no groups appear.Assuming the LDAP server is reachable and functioning

第1题：

ou perform a security audit of a server named DC1. You install the Microsoft Network Monitor 3.0 application on DC1.You plan to capture all the LDAP traffic that comes to and goes from the server between 20：00 and 07：00 the next day and save it to the E:///data.cap file.You create a scheduled task. You add a new Start a program action to the task. You need to add theapplication name and the application arguments to the new action. What should you do？（）

• A、Add nmcap.exe as the application name. Add the /networks * /capture LDAP /file e：/data.cap /stopwhen /timeafter 11hours line as arguments.
• B、Add netmon.exe as the application name. Add the /networks */capture LDAP /file e：/data.cap /stopwhen /timeafter 11hours line as arguments.
• C、Add nmcap.exe as the application name. Add the /networks * /capture !LDAP /file e：/data.cap /stopwhen /timeafter 11hours line as arguments.
• D、Add nmconfig.exe as the application name. Add the /networks * /capture &LDAP /file e：/data.cap /stopwhen /timeafter 11hours line as arguments.

第2题：

What is the correct command for creating a new user ID authenticated with LDAP？（）  

• A、mkuser -R LDAP 
• B、mkuser -L LDAP 
• C、mkuser -auth LDAP 
• D、mkuser -a auth1=LDAP 

第3题：

You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?（）

• A、Dynamic auth table mapping is not enabled.
• B、A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.
• C、To create a static auth table mapping, you must delete the default policy.
• D、The default policy applies only to the factory-default role User.

第4题：

You work as the exchange administrator at Company.com.the Company.com network contains an exchange server 2010 organization.Company.com has its headquarters in stockholm where you are located.you are responsible for an exchange 2010 edge transport server named -ex01.during the course of the week you receive an instruction from the cio to make sure that e-mail messages sent to unknown addresses in the organization is rejected automatically.What should you do？（）

• A、You should consider configuring recipient filtering.
• B、You should consider configuring sender reputation.
• C、You should consider configuring content filtering.
• D、You should consider configuring sender filtering.

第5题：

ou work as an administrator at ABC.com. The ABC.com network consists of an Active Directory forest that contains a root domain， named ABC.com， and two child domains， named us.ABC.com and uk.ABC.com. All servers on the ABC.com network have Windows Server 2012 R2 installed. The root domain hosts a domain local distribution group， named ABCGroup. You are preparing to issue ABCGroup read-only access to a shared folder hosted by the us.ABC.com domain. You want to make sure that ABCGroup is able to access the shared folder in the us.ABC.com domain.  Which of the following actions should you take？（）

• A、You should consider re-configuring ABCGroup as a universal Admins group.
• B、You should consider re-configuring ABCGroup as a universal security group.
• C、You should consider re-configuring ABCGroup as a global administrators group.
• D、You should consider re-configuring ABCGroup as a local administrators group.

第6题：

You perform a security audit of a server named DC1. You install the Microsoft Network Monitor 3.0 application on DC1.You plan to capture all the LDAP traffic that comes to and goes from the server between 20:00 and 07:00 the next day and save it to the E:/data.cap file.You create a scheduled task. You add a new Start a program action to the task.You need to add the application name and the application arguments to the new action.What should you do？（）

• A、Add nmcap.exe as the application name. Add the /networks * /capture LDAP /file e:/data.cap / stopwhen / timeafter 11hours line as arguments.
• B、Add netmon.exe as the application name. Add the /networks */capture LDAP /file e:/data.cap / stopwhen / timeafter 11hours line as arguments.
• C、Add nmcap.exe as the application name. Add the /networks * /capture !LDAP /file e:/data.cap / stopwhen / timeafter 11hours line as arguments.
• D、Add nmconfig.exe as the application name. Add the /networks * /capture &LDAP /file e:/data.cap / stopwhen / timeafter 11hours line as arguments.

第7题：

You work as an administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com. All servers in the ABC.com domain， including domain controllers， have Windows Server 2012 R2 installed.You have been instructed to modify the name of the local Administrator account on all ABC.com workstations. You want to achieve this using as little administrative effort as possible. Which of the following actions should you take？（）

• A、You should consider configuring the Security Options settings via the Group Policy Management Console （GPMC）.
• B、You should consider configuring the Security Options settings via Server Manager.
• C、You should consider configuring the replication settings.
• D、You should consider navigating to Local Users and Groups via Computer Management on each workstation.

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

What is the correct command for creating a new user ID authenticated with LDAP?（）

• A、mkuser -R LDAP <new uid>
• B、mkuser -L LDAP <new uid>
• C、mkuser -auth LDAP <new uid>
• D、mkuser -a auth1=LDAP <new uid>

第14题：

Which parameter do you use to enable Junos Pulse Access Control Service enforcement on a policy on a ScreenOS platform?（）

• A、uac-policy
• B、ic-policy
• C、inyranet-auth
• D、uac-auth

第15题：

如果/etc/syslog.conf中，包含以下设置：“auth.warning/var/adm/auth.log”，则以下说法正确的是：（）。

• A、/var/adm/auth.log将仅仅记录auth的warning级别的日志
• B、/var/adm/auth.log将记录auth的emerg、alert、crit、err、warning级别的日志
• C、/var/adm/auth.log将记录auth的warning、notice、info、debug级别的日志
• D、/var/adm/auth.log将记录auth的所有级别的日志

第16题：

You perform a security audit of a server named DC1. You install the Microsoft Network Monitor 3.0 application on DC1. You plan to capture all the LDAP traffic that comes to and goes from the server between 20：00 and 07：00 the next day and save it to the e：/data.cap file. You create a scheduled task. You add a new Start a program action to the task. You need to add the application name and the application arguments to the new action. What should you do？（） 

• A、 Add nmcap.exe as the application name. Add the /networks * /capture LDAP /file e：/data.cap / stopwhen /timeafter 11hours line as arguments
• B、 Add netmon.exe as the application name. Add the /networks */capture LDA /file e：/data.cap /stopwhen / T.imeafter 11hours line as arguments
• C、 Add nmcap.exe as the application name. Add the /networks * /capture !LDAP /file e：/data.cap /stopwhen /timeafter 11hours line as arguments
• D、 Add nmconfig.exe as the application name. Add the /networks */capture &LDAP /file e：/data.cap / stopwhen /timeafter 11hours line as arguments

第17题：

Company.com has employed you as their Exchange administrator.The Company.com network contains an Exchange Server 2010 Organization.You are responsible for managing the Company.com network.You receive an instruction from management to reject e-mail messages that have a spam confidence level （SCL） of 5.You thus decide to configure the organization to accomplish this task. What should you do？（）

• A、You should consider configuring the sender reputation.
• B、You should consider configuring the sender filtering.
• C、You should consider configuring the content filtering.
• D、You should consider configuring the recipient filtering.

第18题：

You work as an administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com. All servers in the ABC.com domain， including domain controllers， have Windows  Server 2012 R2 installed.You have installed the DNS Server Role on a ABC.com server， named ABC-SR13. ABC.com’s workstations make use of a web proxy to access the Internet， and refer to ABC-SR13 as a primaryDNS server.You have been instructed to make sure that Internet host names for ABC.com’s workstations are not resolved by ABC-SR13.  Which of the following actions should you take？（）

• A、You should consider configuring a primary zone on ABC-SR13.
• B、You should consider configuring a secondary zone on ABC-SR13.
• C、You should consider configuring a reverse lookup zone on ABC-SR13.
• D、You should consider configuring a forward lookup zone on ABC-SR13.

第19题：

You work as the IT professional in an international company which is named wiikigo. You are experienced in implementing and administering a network operating system. You are specialized in configuring IP addressing and services. Configuring name resolution and network access and so on.Your company is desigiing its network. The network will use an IPv6 prefix of 2001:DB8: BBCC:0000::/53. You have to identify an IPv6 addressing scheme that will support 2000 subnets. Which network mask should you use?（）

• A、You should use /63.
• B、You should use /64.
• C、You should use /61.
• D、You should use /62.

第20题：

第21题：

第22题：

第23题：