多选题You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()ASelect Require and Enforce for the Host Checker Policy in the realm authentication
题目
Select Require and Enforce for the Host Checker Policy in the realm authentication policy.
Select Evaluate Policies for the Host Checker policy in the realm authentication policy.
Configure the Host Checker policy as a role restriction for the Employee role.
Configure the Host Checker policy as a resource access policy for the Employee role.
相似考题
参考答案和解析
更多“You want to enforce a Host Checker policy so that only users”相关问题
-
第1题:
You want to create a Host Checker policy that looks for a specific antivirus product that is running on your client machines, but the predefined antivirus options do not include the antivirus product version that you use.Which feature should you verify the antivirus product is up to date?()
A. Enhanced Endpoint Security
B. DP signatures
C. Antivirus licensing
D. Endpoint Security Assessment Plug-in
参考答案:D
-
第2题:
Your company runs Remote Desktop Services. You have a Remote Desktop Session Host (RD Session Host) server. You need to ensure that remote desktop users can print only to the printers that are installed on the RD Session Host server. What should you do?()
- A、Enable the Do not allow client printer redirection Group Policy setting.
- B、Disable the Do not allow client printer redirection Group Policy setting.
- C、Enable the Do not set default client printer to be default printer in a session Group Policy setting.
- D、Disable the Do not set default client printer to be default printer in a session Group Policy setting.
正确答案:A -
第3题:
You want to restrict access to a role based on the client machine from which the user is accessing the network.Which two role restrictions accomplish this goal? ()
- A、user name
- B、password length
- C、certificate
- D、Host Checker
正确答案:C,D -
第4题:
You work as the enterprise exchange administrator at Company.com.The Company.com network consists of a single Active Directory domain named Company.com.Company.com has an Exchange Server 2010 organization.A new Company.com policy prohibits the users from changing their password by using Outlook Web App (OWA). What should you do?()
- A、The best option is to set up an Outlook Web App Mailbox policy so that the users comply with the Company.com policy.
- B、The best option is to set up a Group Policy Object so that the users comply with the Company.com policy.
- C、The best option is to change the authentication settings of the OWA virtual directory so that the users comply with the Company.com policy.
- D、The best option is to change the authentication settings of the IISADMPWD virtual directory so that the users comply with the Company.com policy.
正确答案:A -
第5题:
You are the administrator of an Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. A server named Filesrv1 contains confidential data that is only available to users in the human resources (HR) department. You want all computers in the HR department to connect to Filesrv1 by using an IPSec policy. You assign the Server (Request Security) IPSec policy to Filesrv1. Using Network Monitor, you notice that some computers in the HR department connect to Filesrv1 without using the IPSec policy. You need to configure Filesrv1 to ensure that all computers connect to it by using the IPSec policy. What should you do?()
- A、Assign the Secure Server(Require Security) IPSec policy.
- B、Assign the Client (Respond Only)IPSec policy.
- C、Unassign the Server(Request Security IPSec policy.
- D、Restart the IPSec Services service.
正确答案:A -
第6题:
多选题Which two statements are true about applying Host Checker at the realm level?()AIf Evaluate is checked then the client must pass policy to get the sign-in page.
BIf Evaluate is checked then the client can fail policy and still get the sign-in page.
CIf Require and Enforce is checked then the client must pass policy to get the sign-in page.
DIf Require and Enforce is checked then the client can fail policy and still get the sign-in page.
正确答案: B,C解析: 暂无解析 -
第7题:
单选题Your company runs Remote Desktop Services. You have a Remote Desktop Session Host (RD Session Host) server. You need to ensure that remote desktop users can prin t only to the printers that are installed on the RD Session Host server. What should you do?()AEnable the Do not allow client printer redirection Group Policy setting.
BDisable the Do not allow client printer redirection Group Policy setting.
CEnable the Do not set default client printer to be default printer in a session Group Policy setting.
DDisable the Do not set default client printer to be default printer in a session Group Policy setting.
正确答案: D解析: 暂无解析 -
第8题:
多选题You administer a network with Windows-based endpoints that have custom software images. You want to use Host Checker to require that endpoints are running the custom software image.Which two Host Checker policy rules would be used to enforce this requirement?()AIsolate a file name unique to the custom image and create a custom rule-type of File which matches on the file. Select the Required option under the custom rule.
BIdentify the MAC address unique to network cards installed in PCs with the custom image and create a custom rule-type of MAC Address which matches on the appropriate MAC address.
CSelect the Required option under the custom rule Identify the IP address unique to the network cards installed in PCs with the custom image and create a custom rule-type of IP Address which matches on the appropriate IP address. Select the Required option under the custom rule.
DIsolate or create a unique Windows registry key for the custom image and create a custom rule- type of Registry Setting which matches on the name of the registry key.
正确答案: B,C解析: 暂无解析 -
第9题:
单选题You want to provide all users in your corporation with a single agent that provides access to multiple connection types conditionally. For example, you connect to the Junos Pulse Access Control Service if you are connected to the intranet, but you connect to the Junos Pulse Secure Access Service if you are on a remote network. Which agent should you use for this type of connection requirement?()AJunos Pulse should be configured with location awareness rules configured.
BOdyssey Access Client should be installed with Host Checker configured to check the client's location.
CJunos Pulse should be configured with all components installed.
DAgentless access should be enabled so that clients can connect to any service without concern for installing an agent.
正确答案: A解析: 暂无解析 -
第10题:
单选题You want to create a Host Checker policy that looks for a specific antivirus product that is running on your client machines, but the predefined antivirus options do not include the antivirus product version that you use.Which feature should you verify the antivirus product is up to date?()AEnhanced Endpoint Security
BDP signatures
CAntivirus licensing
DEndpoint Security Assessment Plug-in
正确答案: A解析: 暂无解析 -
第11题:
多选题You want to enforce a company’s business policy on several objects by using a single policy function. Which two types of policies can be assigned to the policy_type argument in the dbms_rls.add_policy procedure to achieve the above objective? ()ADBMS_RLS.STATIC
BDBMS_RLS.DYNAMIC
CDBMS_RLS.SHARED_STATIC
DDBMS_RLS.CONTEXT_SENSITIVE
EDBMS_RLS.SHARED_CONTEXT_SENSITIVE
正确答案: E,B解析: 暂无解析 -
第12题:
多选题You need to ensure that the network administrators are able to administer the NewApp database servers. Which two actions should you perform?()ACreate an organizational unit (OU) for all users who log on to any of the NewApp servers.
BCreate an organizational unit (OU) named NewApp Users for the NewApp users.
CCreate an organizational unit (OU) named NewApp Servers for the NewApp servers.
DCreate a Group Policy object (GPO) for the NewApp Users OU to enforce the use of IPSec.
ECreate a global group for all NewApp servers. Add this group to the NewApp Servers OU.
FCreate a Group Policy object (GPO) for the NewApp Servers OU to enforce the use of smart cards.
正确答案: D,A解析: 暂无解析 -
第13题:
Which two statements are true about applying Host Checker at the realm level?()A. If Evaluate is checked then the client must pass policy to get the sign-in page.
B. If Evaluate is checked then the client can fail policy and still get the sign-in page.
C. If Require and Enforce is checked then the client must pass policy to get the sign-in page.
D. If Require and Enforce is checked then the client can fail policy and still get the sign-in page.
参考答案:B, C
-
第14题:
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()
- A、Source IP and browser
- B、Source IP and certificate
- C、Certificate and Host Checker
- D、Host Checker and source IP
正确答案:D -
第15题:
You enabled an audit policy by issuing the following statements: SQL> AUDIT POLICY ORA_DATABASE_PARAMETER BY SCOTT; SQL> AUDIT POLICY ORA_DATABASE_PARAMETER BY SYS, SYSTEM; For which database users and for which executions is the audit policy now active? ()
- A、SYS, SYSTEM
- B、SCOTT
- C、Only for successful executions
- D、Only for failed executions
- E、Both successful and failed executions
正确答案:A,E -
第16题:
You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003, and all client computers run Windows XP Professional. A new management directive states that users can log to the domain only during business hours. Users who remain logged on after business hours must be automatically disconnected from network resources. You need to enforce this directive by using the minimum amount of administrative effort. Which two actions should you perform?() (Each correct answer presents part of the solution. Choose two)
- A、Configure the Default Domain Policy Group Policy object (GPO) to increase scheduling priority for all users.
- B、Configure the Default Domain Policy Group Policy object (GPO) to force users to log off when their logon hours expire.
- C、Select all user accounts. Modify the account properties to restrict logon hours to business hours.
- D、Create a domain user account named Temp. Configure the account properties to restrict logon hours to business hours.
- E、Modify the DACL on the Default Domain Policy Group Policy object (GPO) to assign the Allow - Read permission to the Users group.
正确答案:B,C -
第17题:
单选题You are the administrator of a Junos Pulse Access Control Service implementation. You must restrict authenticated users connected from the branch offices to a few specific resources within the data center. However, when the authenticated users are connected at the corporate office, they are allowed more access to the data center resources. You have created two roles with different levels of access and are trying to determine the best way of controlling when a user is mapped to a specific role. Having the user prompted to manually select their role is possible, but you want to automate the process. Which configuration solves this problem?()AImplement a RADIUS request attribute policy to assist with realm selection and create different role-mapping rules for the user in each realm.
BImplement a directory/attribute server on the realm and set up this server to determine by group membership the proper role to which a user should be mapped.
CReorder the role-mapping rules to allow for the more open role to be mapped first and then enable the stop processing rules when this rule matches function on this role.
DImplement a Host Checker policy on the realm that determines the geographic location of the device and restricts the user based on the results of the policy.
正确答案: D解析: 暂无解析 -
第18题:
单选题You have created a Host Checker policy that contains multiple rules. You want to inform end users which rule specifically has failed.In the admin GUI, which configuration setting would you enable?()AEnable Custom Instructions
BPre-auth notification
CRemediation message
DSend reason strings
正确答案: B解析: 暂无解析 -
第19题:
多选题You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()ASelect Require and Enforce for the Host Checker Policy in the realm authentication policy.
BSelect Evaluate Policies for the Host Checker policy in the realm authentication policy.
CConfigure the Host Checker policy as a role restriction for the Employee role.
DConfigure the Host Checker policy as a resource access policy for the Employee role.
正确答案: B,D解析: 暂无解析 -
第20题:
多选题You are designing a password management solution to meet the business and technical requirements. Which two actions should you perform?hich two actions should you perform?()ADelegate the password management controls to the help desk staff.
BDelegate the password management controls to the Domain Users group.
CConfigure the Default Domain Policy to enforce password expiration settings.
DConfigure the Default Domain Controller Policy to enforce password expiration settings.
正确答案: A,C解析: 暂无解析 -
第21题:
单选题Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()ASource IP and browser
BSource IP and certificate
CCertificate and Host Checker
DHost Checker and source IP
正确答案: B解析: 暂无解析 -
第22题:
多选题You are designing a strategy of enforce the corporate security policy. Which action or actions should you perform?()AConfigure a password policy that requires strong passwords
BConfigure a password policy that requires all users to change their passwords once a month.
CAllow users in the branch offices to log on between the hours of 8:00 AM and 5:00 PM, Monday through Friday.
DAllow users in the retail outlets to log on between the hours of 6:00 AM and 11:00 PM, daily.
EEnable a policy that forces users to log off when their logon hours expire.
正确答案: B,A解析: 暂无解析 -
第23题:
单选题Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. You have a Remote Desktop Session Host (RD Session Host) server an d a Remote Desktop Web Access (RD Web Access) server.You enable several RemoteApp applications on the RD Session Host server.You need to configure access to RemoteApp applications so that RD Web Access users see only applications to which they have been granted access. What should you do?()AUse the RemoteApp Wizard to add to the RemoteApp Programs list setting.
BAssign domain users and domain security groups to each RemoteApp application.
CUse the RemoteApp Wizard to configure the RemoteApp program is a vailable through RD Web Access setting.
DSpecify custom menu locations on the RD Session Host server for each domain security group by using a Group Policy object (GPO).
正确答案: D解析: 暂无解析 -
第24题:
单选题You administer a Windows 2000 Professional computer that is shared by multiple users. You receive a phone call from one of the users of the shared computer that tells you that the computer is reporting a kernel stop error. You notice that a user has tried to install video drivers that have caused the computer to become unstable. You want to ensure that users can install only the drivers that are approved by the manufacturer. What should you do? ()AConfigure File signature verification to block driver installation, and set driver signing as a system default.
BRemove all users from the Power User group.
CCreate a Local Computer Policy to prevent users from installing drivers.
DCreate a Local Computer Policy to enable Windows File Protection.
正确答案: C解析: 暂无解析