网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
When creating a role in a Cisco Nexus 7000 Series Switch, rules are used to define the type of operations that a role will allow the user to perform. Which two of these parameters cannot be applied as a rule? ()
- A、 port-profile
- B、 command
- C、 access-list
- D、 feature-group
- E、 OID
参考答案
更多 “When creating a role in a Cisco Nexus 7000 Series Switch, rules are used to define the type of operations that a role will allow the user to perform. Which two of these parameters cannot be applied as a rule? () A、 port-profileB、 commandC、 access-listD、 feature-groupE、 OID” 相关考题
考题
In your multitenant container database (CDB) containing same pluggable databases (PDBs), you execute the following commands in the root container:Which two statements are true?()
A. The C # # ROLE1 role is created in the root database and all the PDBs.B. The C # # ROLE1 role is created only in the root database because the container clause is not used.C. Privileges are granted to the C##A_ADMIN user only in the root database.D. Privileges are granted to the C##A_ADMIN user in the root database and all PDBs.E. The statement for granting a role to a user fails because the CONTAINER clause is not used.
考题
You are the administrator of a Junos Pulse Access Control Service implementation. You must restrict authenticated users connected from the branch offices to a few specific resources within the data center. However, when the authenticated users are connected at the corporate office, they are allowed more access to the data center resources.You have created two roles with different levels of access and are trying to determine the best way of controlling when a user is mapped to a specific role. Having the user prompted to manually select their role is possible, but you want to automate the process.Which configuration solves this problem?()A. Implement a RADIUS request attribute policy to assist with realm selection and create different role-mapping rules for the user in each realm.B. Implement a directory/attribute server on the realm and set up this server to determine by group membership the proper role to which a user should be mapped.C. Reorder the role-mapping rules to allow for the more open role to be mapped first and then enable the stop processing rules when this rule matches function on this role.D. Implement a Host Checker policy on the realm that determines the geographic location of the device and restricts the user based on the results of the policy.
考题
A user logs in and is mapped to two roles. The first role has a maximum timeout value of 600 minutes and the default Juniper Networks logo on the user interface page. The second role has a maximum timeout value of 1200 minutes and a custom logo on the user interface page.Based on the merging of these two roles, which two will be applied?()A. A custom logo on the user interface pageB. A maximum timeout value of 600 minutesC. A maximum time out value of 1200 minutesD. A default Juniper Networks logo on the user interface page
考题
Which three authentication server types are supported for retrieving user attributes used in role- mapping rules?()
A. LDAPB. S/KeyC. TACACS+D. RADIUSE. SiteMinder
考题
From the DX WebUI Dashboard, which steps are used for creating a new admin user? ()
A. Click Admin Users. Enter username, password, role, account status, and email.B. Click Admin Users. Enter username, password, role, account status, and user class.C. Click Users Manage Users. Enter username, password, role, account status, and user class.D. Click Users Manage Users. Enter username, password, ActiveDirectory domain, account status, and role.
考题
Which additional configuration must be completed when setting up role restrictions using certificates? ()
A. Set up a certificate authentication server.B. Configure the authentication realm to remember certificate information.C. Configure the authentication realm to use a certificate server for authentication.D. Configure a role mapping rule requiring certification information to map user to role.
考题
If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()
A. All roles are evaluated together.B. Each role is evaluated separately.C. Clients must pass all policies to access the role.D. Clients will pass as long as one policy is accepted.
考题
Which two are benefits of using remote AAA services for Cisco Nexus products? ()A、 They make it easier to manage user logins and passwords across devices.B、 They enable automated configuration backup for devices.C、 They centrally manage user attributes and permissions.D、 Local console access is never included in AAA and can be used for access when the AAA servers are down.
考题
Which three statements describe user authentication in Cisco DCNM-LAN? ()A、 Cisco DCNM-LAN server users are local to the Cisco DCNM-LAN server. Creating, changing, and removing Cisco DCNM-LAN server users has no effect on user accounts on managed devices.B、 A Cisco DCNM-LAN server user that has Administrator privileges can push out changes to managed devices even if the Cisco NX-OS role that is used on the discovered device has the network operator role.C、 Cisco DCNM-LAN user roles restrict the ability of users to make changes to Cisco DCNM-LAN server settings. Cisco NX-OS user roles enforce read/write privileges on the discovered devices.D、 Cisco DCNM-LAN allows you to configure unique credentials for each discovered device or use default credentials when you do not configure unique credentials for a device.E、 Cisco DCNM-LAN can use AAA servers to authenticate users. Only TACACS servers are supported.
考题
Which attribute is used to pass the user role back to the Nexus when remote AAA is enabled?()A、 Cisco AV-pairB、 TACACS+ or RADIUS ack frame role attributeC、 DH-CHAP challenge attributeD、 privilege level attribute
考题
A user logs in and is mapped to two roles. The first role has a maximum timeout value of 600 minutes and the default Juniper Networks logo on the user interface page. The second role has a maximum timeout value of 1200 minutes and a custom logo on the user interface page. Based on the merging of these two roles, which two will be applied?()A、A custom logo on the user interface pageB、A maximum timeout value of 600 minutesC、A maximum time out value of 1200 minutesD、A default Juniper Networks logo on the user interface page
考题
Which statement about Cisco Unified Fabric switches is correct? () A、 The Nexus 5000 family of switches does not support vPC when running in either NPV or FCoE NPV mode.B、 The MDS 9100 family of switches is an excellent design choice as a Unified Fabric edge switch. C、 The Nexus 7000 Series Switches can support the NPIV mode of operation, but cannot function as a complete Fibre Channel Forwarder.D、 The Nexus 7000 Series Switches cannot support advanced Cisco Fibre Channel features such as IVR.E、 The MDS family of Cisco Unified Fabric switches supports both the Fibre Channel Forwarder and Fibre Channel Bridge functions.
考题
When configuring IOS firewall (CBAC) operations on Cisco routers, the "inspection rule" could be applied at which two locations? ()A、 at the untrusted interfacein the inbound directionB、 atthe untrusted interface in theoutbounddirectionC、 at thetrusted interface inthe inbound directionD、 at the trusted interface in the outbound directionE、 at the trusted and untrusted interfaces in the inbound directionF、 at the trusted and untrusted interfaces in the outbounddirection
考题
From the DX WebUI Dashboard, which steps are used for creating a new admin user? ()A、Click Admin Users. Enter username, password, role, account status, and email.B、Click Admin Users. Enter username, password, role, account status, and user class.C、Click Users Manage Users. Enter username, password, role, account status, and user class.D、Click Users Manage Users. Enter username, password, ActiveDirectory domain, account status, and role.
考题
Which three authentication server types are supported for retrieving user attributes used in role- mapping rules?()A、LDAPB、S/KeyC、TACACS+D、RADIUSE、SiteMinder
考题
Your manager has informed you that only specific users can have access to the Preferred Members role, and that these users are restricted to the Preferred Members role. The Preferred Members role-mapping rule is currently set as the last rule in your role-mapping rules and is based on username. Currently all users are assigned to the Preferred Members role-mapping rule. Which three changes in the admin GUI will enforce your managers change request?()A、Move the Preferred Members role-mapping rule to the top of the list.B、Remove the Preferred Members role from the role-mapping rule.C、Edit the Preferred Members role-mapping rule so that the username is equal to *.D、Edit the Preferred Members role-mapping rule so that only the select users are assigned to the role-mapping rule.E、Edit the Preferred Members role-mapping rule and select "Stop processing rules when this rule matches".
考题
Which additional configuration must be completed when setting up role restrictions using certificates? ()A、Set up a certificate authentication server.B、Configure the authentication realm to remember certificate information.C、Configure the authentication realm to use a certificate server for authentication.D、Configure a role mapping rule requiring certification information to map user to role.
考题
You want to restrict access to a role based on the client machine from which the user is accessing the network.Which two role restrictions accomplish this goal? ()A、user nameB、password lengthC、certificateD、Host Checker
考题
Which two statements in a source NAT configuration are true regarding addresses, rule-sets, or rules that overlap?()(Choose two.)A、Addresses used for NAT pools should never overlap.B、If more than one rule-set matches traffic, the rule-set with the most specific context takes precedence.C、If traffic matches two rules within the same rule-set, both rules listed in the configuration are applied.D、Dynamic source NAT rules take precedence over static source NAT rules.
考题
View the Exhibit to observe the roles assigned to the SL_REP user. Which statement is true about theassignment of the SELECT_CATALOG_ROLE role to the SL_REP user()A、The user must enable the role explicitly.B、The user can grant the role to other users.C、The user cannot use the role until the DBA enables it explicitly.D、The user can start using the role immediately without any changes
考题
Which two statements are true about the roles in the Oracle database?()A、A role can be granted to itself.B、Roles are owned by the SYS user.C、Roles can be granted to other roles.D、A role cannot be assigned external authentication.E、A role can contain both system and object privileges.
考题
多选题When creating a role in a Cisco Nexus 7000 Series Switch, rules are used to define the type of operations that a role will allow the user to perform. Which two of these parameters cannot be applied as a rule? ()Aport-profileBcommandCaccess-listDfeature-groupEOID
考题
单选题View the Exhibit to observe the roles assigned to the SL_REP user. Which statement is true about theassignment of the SELECT_CATALOG_ROLE role to the SL_REP user()A
The user must enable the role explicitly.B
The user can grant the role to other users.C
The user cannot use the role until the DBA enables it explicitly.D
The user can start using the role immediately without any changes
考题
多选题Which three authentication server types are supported for retrieving user attributes used in role- mapping rules?()ALDAPBS/KeyCTACACS+DRADIUSESiteMinder
考题
多选题When configuring IOS firewall (CBAC) operations on Cisco routers, the "inspection rule" could be applied at which two locations? ()Aat the untrusted interfacein the inbound directionBatthe untrusted interface in theoutbounddirectionCat thetrusted interface inthe inbound directionDat the trusted interface in the outbound directionEat the trusted and untrusted interfaces in the inbound directionFat the trusted and untrusted interfaces in the outbounddirection
考题
单选题Which attribute is used to pass the user role back to the Nexus when remote AAA is enabled?()A
Cisco AV-pairB
TACACS+ or RADIUS ack frame role attributeC
DH-CHAP challenge attributeD
privilege level attribute
考题
多选题Which two statements are true about the roles in the Oracle database?()AA role can be granted to itself.BRoles are owned by the SYS user.CRoles can be granted to other roles.DA role cannot be assigned external authentication.EA role can contain both system and object privileges.
热门标签
最新试卷
