网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
Which additional configuration must be completed when setting up role restrictions using certificates? ()
A
Set up a certificate authentication server.
B
Configure the authentication realm to remember certificate information.
C
Configure the authentication realm to use a certificate server for authentication.
D
Configure a role mapping rule requiring certification information to map user to role.
参考答案
参考解析
解析:
暂无解析
更多 “单选题Which additional configuration must be completed when setting up role restrictions using certificates? ()A Set up a certificate authentication server.B Configure the authentication realm to remember certificate information.C Configure the authentication realm to use a certificate server for authentication.D Configure a role mapping rule requiring certification information to map user to role.” 相关考题
考题
What are two steps to configure user authentication for a Junos Pulse Access Control Service?()
A. Configure an authentication policy as part of the user role definitions.B. Configure a Sign-in Policy.C. Configure authentication agents as part of the user role definitionsD. Configure an authentication policy as part of the authentication realm definition.
考题
When using RADIUS as an external authentication method for 802.1X authentication for the Junos Pulse Access Control Service, what must you do to ensure that the RADIUS authentication works properly?()
A. Configure IP helper to forward the authentication requests from the clients to the external RADIUS serverB. Configure the supplicant as anexternal authentication serverC. Configure RADIUS proxy on the realmD. Specify the correct RADIUS port 389 on the Junos Pulse Access Control Service
考题
Which action is optional when adding an authentication realm for use on an Infranet Controller? ()
A. Modify sign-in policy.B. Configure role mapping.C. Assign authentication server.D. Configure authentication policy.
考题
Which additional configuration must be completed when setting up role restrictions using certificates? ()
A. Set up a certificate authentication server.B. Configure the authentication realm to remember certificate information.C. Configure the authentication realm to use a certificate server for authentication.D. Configure a role mapping rule requiring certification information to map user to role.
考题
Which additional configuration step is necessary in order to connect to an access point that has SSID broadcasting disabled?()A、Set the SSID value in the client software to public.B、Configure open authentication on the AP and the client.C、Set the SSID value on the client to the SSID configured on the APD、Configure MAC address filtering to permit the client to connect to the AP
考题
What are two steps to configure user authentication for a Junos Pulse Access Control Service?()A、Configure an authentication policy as part of the user role definitions.B、Configure a Sign-in Policy.C、Configure authentication agents as part of the user role definitionsD、Configure an authentication policy as part of the authentication realm definition.
考题
Using an LDAP authentication server, what do you configure to validate certificate attributes?()A、Use the "is exactly" or "contains" operators.B、Create a user filter matching thedn of the certificate.C、Verify that the certificate is issued by a publicly trusted cs.D、Match the certificate type and value with an attribute from theldap server.
考题
When using RADIUS as an external authentication method for 802.1X authentication for the Junos Pulse Access Control Service, what must you do to ensure that the RADIUS authentication works properly?()A、Configure IP helper to forward the authentication requests from the clients to the external RADIUS serverB、Configure the supplicant as anexternal authentication serverC、Configure RADIUS proxy on the realmD、Specify the correct RADIUS port 389 on the Junos Pulse Access Control Service
考题
You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()A、Select "Require and Enforce" for the Host Checker Policy in the realm authentication policy.B、Select "Evaluate Policies" for the Host Checker policy in the realm authentication policy.C、Configure the Host Checker policy as a role restriction for the Employee role.D、Configure the Host Checker policy as a resource access policy for the Employee role.
考题
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A、Source IP and browserB、Source IP and certificateC、Certificate and Host CheckerD、Host Checker and source IP
考题
Which action is optional when adding an authentication realm for use on an Infranet Controller? ()A、Modify sign-in policy.B、Configure role mapping.C、Assign authentication server.D、Configure authentication policy.
考题
Which additional configuration must be completed when setting up role restrictions using certificates? ()A、Set up a certificate authentication server.B、Configure the authentication realm to remember certificate information.C、Configure the authentication realm to use a certificate server for authentication.D、Configure a role mapping rule requiring certification information to map user to role.
考题
You need to design a remote access solution for the mobile sales users in the litwareinc.com domain. Which two actions should you perform?()A、Configure autoenrollment for user certificates and computer certificatesB、Configure Web enrollment for user certificates and computer certificatesC、Configure a Certificate Services hierarchy in the litwareinc.com domainD、Configure qualified subordination between the litwareinc.com and the contoso.com domainsE、Configure PEAP authentication on the remote access servers
考题
You need to design an access control solution for customer information. Your solution must meet security requirements.What should you do?()A、Configure the Web site to require SSL connections. Configure the Web site to require client certificates. Enable and configure client certificate mapping on the Web siteB、Configure the Web site to require SSL connections. Disable anonymous access to the Web site.Assign the Allow – Read permission to the customer user accounts for the folder that contains the Web site filesC、Configure the Web site to use only Microsoft .NET Passport authentication. Specify the den.corp.woodgrovebank.com domain as the default domain for .NET Passport authentication.Configure a custom local IPSec policy on the Web servers to require IPSec communicationsD、Configure the Web site to use only Windows Integrated authentication. Configure a custom local IPSec policy on the Web servers to require IPSec communications. Configure the IPSec policy to use certificate-based authentication and encryption
考题
You have a Windows Server 2008 R2 Enterprise Root CA . Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA . You need to allow users to request certificates from a Web interface. You install the Active Directory Certificate Services (AD CS) server role. What should you do next()A、Configure the Online Responder Role Service on a member server.B、Configure the Online Responder Role Service on a domain controller.C、Configure the Certificate Enrollment Web Service role service on a member server.D、Configure the Certificate Enrollment Web Service role service on a domain controller.
考题
You manage a server named Server2 that runs Windows Server 2008. You install and test the Terminal Services role on Server2. You publish an application by using Terminal Services. All users must connect to the Terminal Services application by using the Remote Desktop Protocol. You install and configure the Terminal Services Gateway (TS Gateway) role service on Server2. You configure a default domain policy to enable the Enable Connection through TS Gateway setting. Users report that they cannot connect to the Terminal Services application. You need to ensure that users can access the Terminal Services application on the intranet and from the Internet. What should you do?()A、Configure the Enable Connection through TS Gateway Group Policy setting to Disabled.B、Configure the Set TS Gateway server address Group Policy and configure the IP address of the TSGateway server. Link the GPO to the domain.C、Configure Server Authentication on the Remote Desktop Connection client to Always connect, even if server authentication fails for all users.D、Enable the Set TS Gateway server authentication method Group Policy to the Ask for credential, use NTLM protocol setting. Link the GPO to the domain.
考题
You are designing an authentication solution to meet the security needs of the network administrators. You install an enterprise certification authority (CA). Which three additional actions should you take?()A、Enroll each administrative account for a smart card authentication certificate.B、Configure autoenrollment for computer authentication certificates. C、Install a smart card reader on each server computer. D、Install a smart card reader on each network administrator’s computer. E、Configure each administrative account to require a smart card for interactive logon.F、Configure the Default Domain Policy GPO to require smart cards for interactive login.
考题
You are the administrator of your company’s network. The dial-up server on your network is configured to support certificate authentication. A user named Tom wants to use smart card authentication on his Windows 2000 Professional portable computer. You that Tom’s computer has a PC Card smart card reader and the appropriate drivers installed. You give Tom a smart card to use. What else should you do to enable smart card authentication on Tom’s computer? ()A、Configure a dial-up connection to use EAP. Select the smart card device for authentication. B、Configure a dial-up connection to use SPAP. Select the smart card device for authentication.C、Configure a dial-up connection to use certificate authentication. Enable the usercredentials for authentication.D、Configure a dial-up connection to connect to a private network through the Internet. Enable L2TP be create a virtual private network (VPN) tunnel.
考题
You are a network administrator for your company. The network consists of two Active Directory domains. You are responsible for administering one domain, which contains users who work in the sales department. User objects for the users in the sales department are stored in an organizational unit (OU) named Sales in your domain. Users in the sales department use a public key infrastructure (PKI) enabled application that requires users to present client authentication certificates before they are granted access. You install Certificate Services on two member servers running Windows Server 2003. You configure one server as an enterprise subordinate certification authority (CA) and the other server as a stand-alone root CA. You need to issue certificates that support client authentication to sales users only. You need to achieve this goal by using the minimum amount of administrative effort. What should you do? ()A、 Create a duplicate of the User certificate template and configure it to support autoenrollment. Configure the enterprise subordinate CA to issue certificates based on the template. Configure the Default Domain Policy Group Policy object (GPO) to autoenroll users for certificates.B、 Create a duplicate of the Computer certificate template and configure it to support autoenrollment. Configure the enterprise subordinate CA to issue certificates based on the template. Configure the Default Domain Policy Group Policy object (GPO) to autoenroll computers for certificates.C、 Create a duplicate of the User certificate template and configure it to support autoenrollment. Configure the enterprise subordinate CA to issue certificates based on the template. Create a new Group Policy object (GPO) and link it to the Sales OU. Configure the GPO to autoenroll sales users for certificates.D、 Create a duplicate of the Computer certificate template and configure it to support autoenrollment. Configure the enterprise subordinate CA to issue certificates based on the template. Create a new Group Policy object (GPO) and link it to the Sales OU. Configure the GPO to autoenroll sales client computers for certificates.
考题
You manage a server that runs Windows Server 2008. The server has the Web Server (IIS) role installed. The server hosts an Internet-accessible Web site that has a virtual directory named /orders/. A Web server certificate is installed and an SSL listener has been configured for the Web site. The /orders/ virtual directory must meet the following company policy requirements: Be accessible to authenticated users only. Allow authentication types to support all browsers. Encrypt all authentication traffic by using HTTPS. All other directories of the Web site must be accessible to anonymous users and be available withoutSSL. You need to configure the /orders/ virtual directory to meet the company policy requirements. Which two actions should you perform?()A、Configure the Web site to the Require SSL setting.B、Configure the /orders/ virtual directory to the Require SSL setting.C、Configure the Digest Authentication setting to Enabled for the /orders/ virtual directory.D、Configure the Basic Authentication setting to Enabled and the Anonymous Authentication setting to Disabled for the Web site.E、Configure the Basic Authentication setting to Enabled and the Anonymous Authentication setting to Disabled for the /orders/ virtual directory.
考题
多选题You manage a server that runs Windows Server 2008. The server has the Web Server (IIS) role installed. The server hosts an Internet-accessible Web site that has a virtual directory named /orders/. A Web server certificate is installed and an SSL listener has been configured for the Web site. The /orders/ virtual directory must meet the following company policy requirements: Be accessible to authenticated users only. Allow authentication types to support all browsers. Encrypt all authentication traffic by using HTTPS. All other directories of the Web site must be accessible to anonymous users and be available withoutSSL. You need to configure the /orders/ virtual directory to meet the company policy requirements. Which two actions should you perform?()AConfigure the Web site to the Require SSL setting.BConfigure the /orders/ virtual directory to the Require SSL setting.CConfigure the Digest Authentication setting to Enabled for the /orders/ virtual directory.DConfigure the Basic Authentication setting to Enabled and the Anonymous Authentication setting to Disabled for the Web site.EConfigure the Basic Authentication setting to Enabled and the Anonymous Authentication setting to Disabled for the /orders/ virtual directory.
考题
多选题What are two steps to configure user authentication for a Junos Pulse Access Control Service?()AConfigure an authentication policy as part of the user role definitions.BConfigure a Sign-in Policy.CConfigure authentication agents as part of the user role definitionsDConfigure an authentication policy as part of the authentication realm definition.
考题
单选题Using an LDAP authentication server, what do you configure to validate certificate attributes?()A
Use the is exactly or contains operators.B
Create a user filter matching thedn of the certificate.C
Verify that the certificate is issued by a publicly trusted cs.D
Match the certificate type and value with an attribute from theldap server.
考题
单选题Which additional configuration must be completed when setting up role restrictions using certificates? ()A
Set up a certificate authentication server.B
Configure the authentication realm to remember certificate information.C
Configure the authentication realm to use a certificate server for authentication.D
Configure a role mapping rule requiring certification information to map user to role.
考题
多选题You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()ASelect Require and Enforce for the Host Checker Policy in the realm authentication policy.BSelect Evaluate Policies for the Host Checker policy in the realm authentication policy.CConfigure the Host Checker policy as a role restriction for the Employee role.DConfigure the Host Checker policy as a resource access policy for the Employee role.
考题
单选题You need to design an access control solution for customer information. Your solution must meet security requirements.What should you do?()A
Configure the Web site to require SSL connections. Configure the Web site to require client certificates. Enable and configure client certificate mapping on the Web siteB
Configure the Web site to require SSL connections. Disable anonymous access to the Web site.Assign the Allow – Read permission to the customer user accounts for the folder that contains the Web site filesC
Configure the Web site to use only Microsoft .NET Passport authentication. Specify the den.corp.woodgrovebank.com domain as the default domain for .NET Passport authentication.Configure a custom local IPSec policy on the Web servers to require IPSec communicationsD
Configure the Web site to use only Windows Integrated authentication. Configure a custom local IPSec policy on the Web servers to require IPSec communications. Configure the IPSec policy to use certificate-based authentication and encryption
考题
单选题Company.com network consists of a single Active Directory domain named Company.com.Company.com has an Exchange Server 2010 organization.The Company.com employees use Microsoft Office Outlook 2007 to connect to their mailboxes.RPC over HTTP and Auto discover are configured on Microsoft Office Outlook 2007. A new Company.com security policy requires that the employees connected to the domain does not need authentication when using Outlook Anywhere.However, those not connected t the domain needs to be authentication when using Outlook Anywhere.The employees need to comply with the new Company.com security policy. What should you do?()A
You should consider using Basic authentication on Outlook Anywhere and set up only Basic authentication on the RPC virtual directory.B
You should consider using NTLM authentication on Outlook Anywhere and set up Basic authentication and NTLM authentication on the RPC virtual directory.C
You should consider using NTLM authentication on Outlook Anywhere and set up only Basic authentication on the RPC virtual directory.D
You should consider using Basic authentication on Outlook Anywhere and set up Basic authentication and NTLM authentication on the RPC virtual directory.
考题
单选题You are a network administrator for your company. The network consists of two Active Directory domains. You are responsible for administering one domain, which contains users who work in the sales department. User objects for the users in the sales department are stored in an organizational unit (OU) named Sales in your domain. Users in the sales department use a public key infrastructure (PKI) enabled application that requires users to present client authentication certificates before they are granted access. You install Certificate Services on two member servers running Windows Server 2003. You configure one server as an enterprise subordinate certification authority (CA) and the other server as a stand-alone root CA. You need to issue certificates that support client authentication to sales users only. You need to achieve this goal by using the minimum amount of administrative effort. What should you do? ()A
Create a duplicate of the User certificate template and configure it to support autoenrollment. Configure the enterprise subordinate CA to issue certificates based on the template. Configure the Default Domain Policy Group Policy object (GPO) to autoenroll users for certificates.B
Create a duplicate of the Computer certificate template and configure it to support autoenrollment. Configure the enterprise subordinate CA to issue certificates based on the template. Configure the Default Domain Policy Group Policy object (GPO) to autoenroll computers for certificates.C
Create a duplicate of the User certificate template and configure it to support autoenrollment. Configure the enterprise subordinate CA to issue certificates based on the template. Create a new Group Policy object (GPO) and link it to the Sales OU. Configure the GPO to autoenroll sales users for certificates.D
Create a duplicate of the Computer certificate template and configure it to support autoenrollment. Configure the enterprise subordinate CA to issue certificates based on the template. Create a new Group Policy object (GPO) and link it to the Sales OU. Configure the GPO to autoenroll sales client computers for certificates.
热门标签
最新试卷
