多选题You want to restrict access to a role based on the client machine from which the user is accessing the network.Which two role restrictions accomplish this goal? （）Auser nameBpassword lengthCcertificateDHost Checker

第1题：

第2题：

On the Junos Pulse Access Control Service, you have created a role called Secret that you only want to provide to users who present a certificate.Using the admin GUI, which two features would you configure to satisfy this requirement?（）

• A、Sign-in Policy
• B、Role Mapping Rule
• C、Role Restrictions
• D、Trusted Server CA

第3题：

An administrator has created three different Odyssey Access Client preconfiguration files and assigned them to three different roles in the same realm.Which action should the administrator take to ensure that users get the correct Odyssey Access Client preconfiguration file?（）

• A、Configure each user account in the auth server with the appropriate Odyssey Access Client preconfiguration files.
• B、Configure the role-mapping rules with the appropriate Odyssey Access Client preconfiguration files.
• C、Ensure that merge roles is selected in the role-mapping rules.
• D、Ensure that the first role a user is mapped to is the role with the appropriate Odyssey Access Client preconfiguration file.

第4题：

Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?（）

• A、Source IP and browser
• B、Source IP and certificate
• C、Certificate and Host Checker
• D、Host Checker and source IP

第5题：

You want to create a role to meet these requirements：  1：The role is to be protected from unauthorized usage.  2：The password of the role is not to be embedded in the application source code or stored in a table.  Which method would you use to restrict enabling of such roles（）

• A、Create the role with global authentication.
• B、Create the role with external authentication.
• C、Create the role as a secure application role.
• D、Create the role as a password-protected role.
• E、Create a role and use Fine-Grained Access Control （FGAC） to secure the role.

第6题：

Which two statements accurately describe a role?（）

• A、A role can be given to a maximum of 1000 users.
• B、A user can have access to a maximum of 10 roles.
• C、A role can have a maximum of 100 privileges contained in it.
• D、Privileges are given to a role by using the CREATE ROLE statement.
• E、A role is a named group of related privileges that can be granted to the user.
• F、A user can have access to several roles, and several users can be assigned the same role.

第7题：

Your network consists of an Active Directory forest that contains two sites named Site1 and Site2. From the Internet， users can only access servers in Site1. You have an Exchange Server 2007 organization.  Each site contains servers that run the Client Access server role， the Mailbox server role， and the HubTransport server role.  You plan to transition the organization to Exchange Server 2010.  You need to recommend the server role that you must transition first to Exchange Server 2010. Your solution must provide the least amount of downtime for users in the organization.  Which servers should you transition first？（）

• A、the Client Access servers in Site1
• B、the Client Access servers in Site2
• C、the Hub Transport servers in Site1
• D、the Hub Transport servers in Site2

第8题：

第9题：

第10题：

第11题：

第12题：

A user calls the help desk and explains that they just purchased a Macintosh computer. When they log into the network, the Odyssey Access Client is not automatically downloaded as it was when the user used their Windows PC.How do you resolve this issue?（）

• A、Download the Macintosh installer from the Junos Pulse Access Control Service and manually install the Odyssey Access Client.
• B、Provide the user with the sign-in URL you set up for Macintosh users; this will push the Odyssey Access Client to the user's machine.
• C、Assist the user to configure the Macintosh native supplicant and provide the AppleScnptto expose the EAP-JUAC inner authentication protocol.
• D、Configure the user's role to install the Java agent, which is a requirement to allow the Junos Pulse Access Control Service to deploy the Odyssey Access Client.

第13题：

A system administrator wants to configure 802.1X on an Ethernet switch to enable access to specific parts of the network based on group memberships.How can the administrator accomplish this goal?（）

• A、Configure roles based on departments and assign access based on source IP address.
• B、Configure roles based on the user's manager and assign access based on the user's MAC address
• C、Configure roles based on group memberships and assign a specific VLAN to the role.
• D、Configure roles based on RADIUS request attribute and assign a specific VLAN to the role.

第14题：

You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?（）

• A、Select "Require and Enforce" for the Host Checker Policy in the realm authentication policy.
• B、Select "Evaluate Policies" for the Host Checker policy in the realm authentication policy.
• C、Configure the Host Checker policy as a role restriction for the Employee role.
• D、Configure the Host Checker policy as a resource access policy for the Employee role.

第15题：

You want to restrict access to a role based on the client machine from which the user is accessing the network.Which two role restrictions accomplish this goal? （）

• A、user name
• B、password length
• C、certificate
• D、Host Checker

第16题：

You want to create a role to meet these requirements： 1. The role is to be protected from unauthorized usage. 2. The password of the role is not to be embedded in the application source code or stored in a table. method would you use to restrict enabling of such roles（）

• A、Create the role with external authentication.
• B、Create the role as a secure application role.
• C、Create the role as a password-protected role.
• D、Create a role and use Fine-Grained Access Control （FGAC） to secure the role

第17题：

You are employed as the enterprise exchange administrator at TestKing.com. The TestKing.com networkconsits of a single Active Directory site. TestKing.com makes use of Microsoft Exchange Servermessaging solution. You are in the process of planning the deployment of Exchange Server 2010. The CIO provides you withthe set criteria needed to deploy the Exchange Server 2010 servers. TestKing.com wants you to ensurethat： * The Mailbox servers belong to the database availability group （DAG）. * The users are able to send and receive e-mail in the event of a single server failure. * The minimization of the amount of servers deployed. * The load balancing of MAPI connections form Outlook Clients using hardware load balancer.You need to plan the deployment to the Exchange Server 2010 servers to meet the above criteria. What should you do？（）

• A、Your plan should include deploying four servers.The Mailbox server role as well as the Hub Transport server role should be configured on two serversand the Client Access server role on the remaining two.Therafter a Client Access server array should be configured.
• B、Your plan should include deploying two servers.The Mailbox server role， the Client Access server role as well as the Hub Transport server role shouldbe configured on the two servers there after a Client Access server array should be configured.
• C、Your plan should include deploying four servers.The Mailbox server role should be deployed on two servers and the Client Access server role and theHub Transport server role on the remaining two.Therafter Outlook Anywhere should be enabled on both Client  Accessservers.
• D、Your plan should include deploying two servers.The Mailbox serve role， the Client Access server role as well as the Hub Transport server role shouldbe deployed on the two servers.Thereafter Outlook Anywhere should be enabled on both Client Access Servers.

第18题：

Your network consists of a single Active Directory site. You plan to deploy Exchange Server 2010.  You need to plan the deployment of Exchange Server 2010 servers to meet the following requirements：.All Mailbox servers must belong to a database availability group （DAG） .MAPI connections from Outlook clients must be load balanced by using a hardware load balancer .If a single server fails， users must continue to send and receive e-mail .The plan must minimize the number of servers deployed  What should you include in the plan？（）

• A、Deploy two servers. On the two servers， deploy the Mailbox server role， the Client Access server role， and the HubTransport server role. Configure a Client Access server array.
• B、Deploy two servers. On the two servers， deploy the Mailbox server role， the Client Access Server role， and the HubTransport server role. Enable Outlook Anywhere on both Client Access servers.
• C、Deploy four servers. On two of the servers， deploy the Mailbox server role and the Hub Transport server role. On the other two servers， deploy the Client Access server role. Configure a Client Access server array.
• D、Deploy four servers. On two of the servers， deploy the Mailbox server role. On the other two servers，deploy the Client Access server role and the Hub Transport server role. Enable Outlook Anywhere on both Client Access servers.

第19题：

第20题：

第21题：

第22题：