单选题What is the function of Host Checker?（）A To allow clientless access to the networkB To restrict access to protected resources on the networkC To scan an endpointfor compliance with security policiesD To push a firewall policy to the endpoint's local fi

第1题：

第2题：

第3题：

What would you use to enforce security-policy compliance on all devices that seek to access the network？（）

• A、 VLAN
• B、 NAC
• C、 EAP
• D、 WLAN

第4题：

“本地网”的英文写法是“（）”。

• A、telex network
• B、local telephone network
• C、telephone network
• D、access network

第5题：

Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?（）

• A、Source IP and browser
• B、Source IP and certificate
• C、Certificate and Host Checker
• D、Host Checker and source IP

第6题：

You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?（）

• A、Resource access policy on the MAG Series device
• B、IPsec routing policy on the MAG Series device
• C、General traffic policy blocking access through the firewall enforcer
• D、Auth table entry on the firewall enforcer

第7题：

What is the function of Host Checker?（）

• A、To allow clientless access to the network
• B、To restrict access to protected resources on the network
• C、To scan an endpointfor compliance with security policies
• D、To push a firewall policy to the endpoint's local firewall application

第8题：

You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?（）

• A、resource access policies
• B、Host Enforcer policies
• C、source IP enforcement policies
• D、IPsec enforcement policies

第9题：

Your environment includes multiple Windows Server 2008 R2 Hyper-V servers. You are designing an administrative strategy for virtual machines （VMs）. You need to ensure that members of the Security Compliance Active Directory Domain Services （AD DS） security group can monitor failed logon events on the VMs. What should you do？（）

• A、Add the Security Compliance group to the local administrators group of each VM
• B、Add the Security Compliance group to the local administrators group of each Hyper-V server
• C、In the InitialStore.xml file of each VM， define an access policy for the Security Compliance group
• D、in the InitialStore.xml file of each Hyper-V server， define an access policy for the Security Compliance group

第10题：

第11题：

第12题：

第13题：

第14题：

What are two recommended ways of protecting network device configuration files from outside network security threats (Choose two.)（）。

• A、Allow unrestricted access to the console or VTY ports
• B、Use a firewall to restrict access from the outside to the network devices
• C、Always use Telnet to access the device command line because its data is automatically encrypted
• D、Use SSH or another encrypted and authenticated transport to access device configurations
• E、Prevent the loss of passwords by disabling password encryption

第15题：

What is true about the operation of the Infranet Enforcer? （）

• A、It assigns users a set of roles.
• B、It allows access based on auth table entries.
• C、It verifies whether an endpoint meets security requirements.
• D、It configures the UAC agent to allow or deny access to resources.

第16题：

You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?（）

• A、Select "Require and Enforce" for the Host Checker Policy in the realm authentication policy.
• B、Select "Evaluate Policies" for the Host Checker policy in the realm authentication policy.
• C、Configure the Host Checker policy as a role restriction for the Employee role.
• D、Configure the Host Checker policy as a resource access policy for the Employee role.

第17题：

You are receiving reports of possible unauthorized access to resources protected by a firewall enforcer running the Junos OS. You want to verity which users are currently accessing resources through the enforcer.Which command should you use to verify user access on the enforcer?（）

• A、show services unified-access-control authentication-table
• B、show auth table
• C、show services unified-access-control policies
• D、show services unified-access-control captive-portal

第18题：

What are three elements the Junos Pulse Access Control Service uses to establish endpoint access to protected resources?（）

• A、sign-in policy
• B、authentication realms
• C、role restrictions
• D、policy realms
• E、routing policy

第19题：

You administer a network containing SRX Series firewalls. New policy requires that you implement MAG Series devices to provide access control for end users. The policy requires that the SRX Series devices dynamically enforce security policy based on the source IP address of the user. The policy also requires that the users communicate with protected resources using encrypted traffic. Which two statements are true?（）

• A、The endpoints can use agentless access.
• B、Encrypted traffic flows between the endpoint and the enforcer.
• C、Encrypted traffic flows between the endpoint and the protected resource
• D、The endpoints can use the Odyssey Access Client.

第20题：

Which statements describe the capabilities of the DBMS_NETWORK_ACL_ADMIN package?（）

• A、It can be used to allow the access privilege settings for users but not roles.
• B、It can be used to allow the access privilege settings for users as well as roles.
• C、It can be used to control the time interval for which the access privilege is available to a user.
• D、It can be used to selectively restrict the access for each user in a database to different host computers.
• E、It can be used to selectively restrict a user's access to different applications in a specific host computer.

第21题：

第22题：

第23题：

第24题：