多选题The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Cat
题目
Switch1(config-if)# switchport port-security maximum 1
Switch1(config)# mac-address-table secure
Switch1(config)# access-list 10 permit ip host
Switch1(config-if)# switchport p ort-security violation shutdown
Switch1(config-if)# ip access-group 10
相似考题
更多“The network security policy requires that only one host be p”相关问题
-
第1题:
For the following statements, which one is perceived as a drawback of implementing Fibre ChannelAuthentication Protocol (FCAP)?()
- A、It is restricted in size to only three segments
- B、It requires the use of netBT as the network protocol
- C、It requires the implementation of IKE
- D、It relies on an underlying Public Key Infrastructure
正确答案:D -
第2题:
You are developing a Windows Communication Foundation (WCF) service. One of the parameters used with the service operations is a security token. The security token is not sensitive. The monitoring software tracks security tokens and can read tokens in clear text only.The company security policy requires that you validate all clear text data passed over the corporate network.You need to ensure that the service verifies that the security token is not changed during transit. What should you do?()
- A、For all the security-sensitive members, set the ProtectionLevel parameter of the MessageBodyMember or MessageHeader attribute to EncryptAndSign.
- B、Implement IEndpointldentityProvider in the message contract class.
- C、Implement ISecureConversationSession in the message contract class.
- D、For all the security-sensitive members, set the ProtectionLevel parameter of the MessageBodyMember or MessageHeader attribute to Sign.
正确答案:D -
第3题:
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。
- A、Switch1(config-if)# switchport port-security maximum 1
- B、Switch1(config)# mac-address-table secure
- C、Switch1(config)# access-list 10 permit ip host
- D、Switch1(config-if)# switchport port-security violation shutdown
- E、Switch1(config-if)# ip access-group 10
正确答案:A,D -
第4题:
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()
- A、TestKing1(config-if)# switchport port-security maximum 1
- B、TestKing1(config)# mac-address-table secure
- C、TestKing1(config)# access-list 10 permit ip host
- D、TestKing1(config-if)# switchport port-security violation shutdown
- E、TestKing1(config-if)# ip access-group 10
正确答案:A,D -
第5题:
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()
- A、Source IP and browser
- B、Source IP and certificate
- C、Certificate and Host Checker
- D、Host Checker and source IP
正确答案:D -
第6题:
You are designing a Windows Server 2008 R2 Hyper-V virtualization environment. Your host servers must have the following elements: A dedicated management network adapter.A dedicated virtual network for child iSCSI network traffic.A dedicated virtual network for child network traffic with VLAN tagging. You need to choose adapters that minimize the host server processing. Which adapters should you choose?()
- A、three network adapters that support 802.1p
- B、two network adapters that support 802.1q, and one iSCSI host bus adapter
- C、two network adapters that support 802.1p, and one network adapter that supports TCP Chimney
- D、two network adapters that support 802.1q, and one network adapter that supports Jumbo frames
正确答案:D -
第7题:
多选题You work as a senior administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com. All servers on the ABC.com network have Windows Server 2012 R2 installed. You are running a training exercise for junior administrators. You are currently discussing the Windows Firewall with Advanced Security feature. Which of the following is TRUE with regards to Windows Firewall with Advanced Security?()AIt provides host-based,two-way network traffic filtering for a computer.
BIt provides host-based,one-way network traffic filtering for a computer.
CIt blocks unauthorized network traffic flowing into or out of the local computer.
DIt only blocks unauthorized network traffic flowing into the local computer.
EIt only blocks unauthorized network traffic flowing out of the local computer.
正确答案: C,D解析: 暂无解析 -
第8题:
单选题A network vulnerability scanner is part of which critical element of network and system security?()Ahost security
Bperimeter security
Csecurity monitoring
Dpolicy management
正确答案: B解析: 暂无解析 -
第9题:
单选题You are developing a Windows Communication Foundation (WCF) service. One of the parameters used with the service operations is a security token. The security token is not sensitive. The monitoring software tracks security tokens and can read tokens in clear text only.The company security policy requires that you validate all clear text data passed over the corporate network.You need to ensure that the service verifies that the security token is not changed during transit. What should you do?()AFor all the security-sensitive members, set the ProtectionLevel parameter of the MessageBodyMember or MessageHeader attribute to EncryptAndSign.
BImplement IEndpointldentityProvider in the message contract class.
CImplement ISecureConversationSession in the message contract class.
DFor all the security-sensitive members, set the ProtectionLevel parameter of the MessageBodyMember or MessageHeader attribute to Sign.
正确答案: B解析: 暂无解析 -
第10题:
多选题You administer a network containing SRX Series firewalls. New policy requires that you implement MAG Series devices to provide access control for end users. The policy requires that the SRX Series devices dynamically enforce security policy based on the source IP address of the user. The policy also requires that the users communicate with protected resources using encrypted traffic. Which two statements are true?()AThe endpoints can use agentless access.
BEncrypted traffic flows between the endpoint and the enforcer.
CEncrypted traffic flows between the endpoint and the protected resource
DThe endpoints can use the Odyssey Access Client.
正确答案: B,D解析: 暂无解析 -
第11题:
单选题Host A opens a Telnet connection to Host B. Host A then opens another Telnet connection to Host B. These connections are the only communication between Host A and Host B. The security policy configuration permits both connections. How many sessions exist between Host A and Host B?()A1
B2
C3
D4
正确答案: D解析: 暂无解析 -
第12题:
单选题For the following statements, which one is perceived as a drawback of implementing Fibre ChannelAuthentication Protocol (FCAP)?()AIt is restricted in size to only three segments
BIt requires the use of netBT as the network protocol
CIt requires the implementation of IKE
DIt relies on an underlying Public Key Infrastructure
正确答案: B解析: 暂无解析 -
第13题:
Which OSPF network type is ideal for partially meshed NBMA networks because it is easy to configure(requires no configuration of neighbor commands), consumes only one IP subnet, and requires no designated router election?
正确答案:Point-to-multipoint. -
第14题:
Which statement describes the behavior of a security policy?()
- A、The implicit default security policy permits all traffic.
- B、Traffic destined to the device itself always requires a security policy.
- C、Traffic destined to the device’s incoming interface does not require a security policy.
- D、The factory-default configuration permits all traffic from all interfaces.
正确答案:C -
第15题:
A network vulnerability scanner is part of which critical element of network and system security?()
- A、host security
- B、perimeter security
- C、security monitoring
- D、policy management
正确答案:C -
第16题:
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()
- A、Switch1(config-if)# switchport port-security maximum 1
- B、Switch1(config)# mac-address-table secure
- C、Switch1(config)# access-list 10 permit ip host
- D、Switch1(config-if)# switchport p ort-security violation shutdown
- E、Switch1(config-if)# ip access-group 10
正确答案:A,D -
第17题:
Network Access Protection (NAP) is configured for the corporate network.Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.What should you do?()
- A、Create an IPsec Enforcement Network policy.
- B、Create an 802.1X Enforcement Network policy.
- C、Create a Wired Network (IEEE 802.3) Group policy.
- D、Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.
正确答案:A -
第18题:
You are a network administrator of an organization. Maria and John are your network assistant. You have grant then the rights to modify the user properties in the computer management. You want to audit the modification in user accounts. What should you do?()
- A、Turn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.
- B、Turn on auditing for objects in the Local Security Policy and Select 'Object Access'.
- C、Use Windows Explorer to turn on auditing for the specific files.
- D、Have the administrator for domains log you on as an administrator and enable auditing for a specific file.
- E、Turn on auditing for objects in the Local Security Policy and Select 'Account Management'.
- F、Allow only one account at a time to log on to your shared folder. Check the event viewer to see who logged on.
正确答案:E -
第19题:
问答题Which OSPF network type is ideal for partially meshed NBMA networks because it is easy to configure(requires no configuration of neighbor commands), consumes only one IP subnet, and requires no designated router election?正确答案: Point-to-multipoint.解析: 暂无解析 -
第20题:
单选题You are designing a Windows Server 2008 R2 Hyper-V Virtualization environment. Your host servers must have the following elements: - A dedicated management network adapter. - A dedicated virtual network for child iSCSI network traffic. - A dedicated virtual network for child network traffic with VLAN tagging. You need to choose adapters that minimize the host server processing. Which adapters should you choose?()ATwo network adapters that support 802.1p, and one iSCSI host bus adapter
BTwo network adapters that support 802.1p, and one network adapter that supports TCP Chimney
CTwo network adapters that support 802.lq, and one network adapter that supports Jumbo frames
DThree network adapters that support 802. 1p
正确答案: A解析: 暂无解析 -
第21题:
单选题Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()ASource IP and browser
BSource IP and certificate
CCertificate and Host Checker
DHost Checker and source IP
正确答案: B解析: 暂无解析 -
第22题:
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The company has an internal network and a perimeter network. The internal network is protected by a firewall. Application servers on the perimeter network are accessible from the Internet. You are deploying 10 Windows Server 2003 computers in application server roles. The servers will be located in theperimeter network and will not be members of the domain. The servers will host only publicly available Web pages. The network design requires that custom security settings must be applied to the application servers. These custom security settings must be automatically refreshed every day to ensure compliance with the design. You create a custom security template named Baseline1.inf for the application servers. You need to comply with the design requirements. What should you do? ()AImport Baseline1.inf into the Default Domain Policy Group Policy object (GPO).
BCreate a task on each application server that runs Security and Configuration Analysis with Baseline1.inf every day.
CCreate a task on each application server that runs the secedit command with Baseline1.inf every day.
DCreate a startup script in the Default Domain Policy Group Policy object (GPO) that runs the secedit command with Baseline1.inf.
正确答案: C解析: 暂无解析 -
第23题:
单选题Your network contains an Active Directory domain. All client computers run Windows XP Service Pack 3 (SP3). The domain contains a member server named Server1 that runs Windows Server 2008 R2. On Server1, you create a connection security rule that requires authentication for inbound and outbound connections. You configure the connection security rule to use Kerberos authentication. You need to ensure that the client computers can connect to Server1. The solution must ensure that all connections to Server1 are encrypted. What should you do?()AFrom the Windows Firewall with Advanced Security console, create an inbound rule on Server1.
BFrom the Windows Firewall with Advanced Security console, create an outbound rule on Server1.
CFrom a Group Policy object (GPO), enable the Client (Respond Only) IPSec policy on all client computers.
DFrom a Group Policy object (GPO), configure the Network Security: LDAP client signing requirements policy setting for all client computers.
正确答案: A解析: 暂无解析