The network security policy for Ezonexam requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should be automatically disabled. Which two commands must the Ezonexam network administrator configure on the 2950 Catalyst switch to meet this policy? (Choose two)
A.SWEzonexam1(config-if)# switchport port-security maximum 1
B.SWEzonexam1(config)# mac-address-table secure
C.SWEzonexam1(config)# access-list 10 permit ip host
D.SWEzonexam1(config-if)# switchport port-security violation shutdown
E.SWEzonexam1(config-if)# ip access-group 10
第1题:
A. Traffic is permitted from the trust zone to the untrust zone.
B. Intrazone traffic in the trust zone is permitted.
C. All traffic through the device is denied.
D. The policy is matched only when no other matching policies are found.
第2题:
A. Telnet is not being permitted by self policy.
B. Telnet is not being permitted by security policy.
C. Telnet is not allowed because it is not considered secure.
D. Telnet is not enabled as a host-inbound service on the zone.
第3题:
A. host security
B. perimeter security
C. security monitoring
D. policy management
第4题:
Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true?() [edit security policies from-zone HR to-zone trust] user@host# show policy one { match { source-address any; destination-address any; application [ junos-http junos-ftp ]; } then { permit; } } policy two { match { source-address host_a; destination-address host_b; application [ junos-http junos-smtp ]; } then { deny; } }
第5题:
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。
第6题:
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()
第7题:
You are not able to telnet to the interface IP address of your device from a PC on the same subnet. What iscausing the problem?()
第8题:
Network Access Protection (NAP) is configured for the corporate network.Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.What should you do?()
第9题:
It provides host-based,two-way network traffic filtering for a computer.
It provides host-based,one-way network traffic filtering for a computer.
It blocks unauthorized network traffic flowing into or out of the local computer.
It only blocks unauthorized network traffic flowing into the local computer.
It only blocks unauthorized network traffic flowing out of the local computer.
第10题:
host security
perimeter security
security monitoring
policy management
第11题:
Source IP and browser
Source IP and certificate
Certificate and Host Checker
Host Checker and source IP
第12题:
1
2
3
4
第13题:
Host A opens a Telnet connection to Host B. Host A then opens another Telnet connection to Host B. These connections are the only communication between Host A and Host B. The security policy configuration permits both connections.How many sessions exist between Host A and Host B?()
A.1
B.2
C.3
D.4
第14题:
You are the domain administrator for Ezonexam.com. The network contains a Windows 2000 domain and two Windows NT domains. The Windows 2000 domain trusts each of the Windows NT domains, and the Windows NT domains trust the Windows 2000 domain.
You are required to configure one of the Windows 2000 domain controllers named Ezonexam4 to support several legacy applications that are not Windows 2000 certified.
What should you do? (Select two. Each answer specifies a complete solution).
A. On Ezonexam4, type secedit /configure /db secedit.sdb /cfg
C:\winnt\security\templates\hisecdc.inf /overwrite.
B. On Ezonexam4, type secedit /configure /db secedit.sdb /cfg
C:\winnt\security\templatescompatws.inf /overwrite.
C. On Ezonexam4, use the Security Configuration and Analysis snap-in to apply the Compatws.inf security template.
D. On Ezonexam4, use the Security Configuration and Analysis snap-in to apply the Hisecdc.inf
E. On Ezonexam4, use the Security Templates snap-in to open the Compatws.inf security template.
F. On Ezonexam4, use the Security Templates snap-in to open the Hisecdc.inf security template.
第15题:
Which OSPF network type is ideal for partially meshed NBMA networks because it is easy to configure(requires no configuration of neighbor commands), consumes only one IP subnet, and requires no designated router election?
第16题:
You are developing a Windows Communication Foundation (WCF) service. One of the parameters used with the service operations is a security token. The security token is not sensitive. The monitoring software tracks security tokens and can read tokens in clear text only.The company security policy requires that you validate all clear text data passed over the corporate network.You need to ensure that the service verifies that the security token is not changed during transit. What should you do?()
第17题:
A network vulnerability scanner is part of which critical element of network and system security?()
第18题:
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()
第19题:
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)
第20题:
DNS traffic is denied.
HTTP traffic is denied.
FTP traffic is permitted.
SMTP traffic is permitted.
第21题:
第22题:
Telnet is not being permitted by self policy.
Telnet is not being permitted by security policy.
Telnet is not allowed because it is not considered secure.
Telnet is not enabled as a host-inbound service on the zone.
第23题:
Import Baseline1.inf into the Default Domain Policy Group Policy object (GPO).
Create a task on each application server that runs Security and Configuration Analysis with Baseline1.inf every day.
Create a task on each application server that runs the secedit command with Baseline1.inf every day.
Create a startup script in the Default Domain Policy Group Policy object (GPO) that runs the secedit command with Baseline1.inf.