网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
What is a Host Enforcer policy?()
- A、A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.
- B、A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.
- C、A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.
- D、A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.
参考答案
更多 “What is a Host Enforcer policy?()A、A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.B、A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.C、A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.D、A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.” 相关考题
考题
What is a Host Enforcer policy?()
A. A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.B. A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.C. A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.D. A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.
考题
You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()A. resource access policiesB. Host Enforcer policiesC. source IP enforcement policiesD. IPsec enforcement policies
考题
A network administrator has configured source NAT, translating to an address that is on a locally connected subnet.The administrator sees the translation working, but traffic does not appear to come back.What is causing the problem?()A. The host needs to open the telnet port.B. The host needs a route for the translated address.C. The administrator must use a proxy-arp policy for the translated address.D. The administrator must use a security policy, which will allow communication between the zones.
考题
You have an SRX Series Layer 2 enforcer providing 802.1X authentication for connected endpoints. Your security policy requires that users who fail their authentication be placed in a specific VLAN.On the Layer 2 enforcer, at the [edit protocols dot1x authenticator interface] hierarchy for each participating interface, what provides this functionality?()A. guest-vlanB. auth-fail-vlanC. server-reject-vlanD. server-fail-vlan
考题
You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()A. Resource access policy on the MAG Series deviceB. IPsec routing policy on the MAG Series deviceC. General traffic policy blocking access through the firewall enforcerD. Auth table entry on the firewall enforcer
考题
What must be updated regularly to detect the newest versions of personal firewalls on endpoints? ()
A. Infranet Enforcer firmwareB. Infranet Controller rollback softwareC. Host Security Assessment Plug-in (HSAP)D. Endpoint Security Assessment Plug-in (ESAP)
考题
Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()
A. You do not need to configure a RADIUS client policy.B. You must know the exact model number of the Infranet Enforcer.C. You must specify the NACN password of the device in the RADIUS client policy.D. You do not need to designate a location group to which the Infranet Enforcer will belong.
考题
Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()A、You do not need to configure a RADIUS client policy.B、You must know the exact model number of the Infranet Enforcer.C、You must specify the NACN password of the device in the RADIUS client policy.D、You do not need to designate a location group to which the Infranet Enforcer will belong.
考题
Your company runs Remote Desktop Services. You have a Remote Desktop Session Host (RD Session Host) server. You need to ensure that remote desktop users can print only to the printers that are installed on the RD Session Host server. What should you do?()A、Enable the Do not allow client printer redirection Group Policy setting.B、Disable the Do not allow client printer redirection Group Policy setting.C、Enable the Do not set default client printer to be default printer in a session Group Policy setting.D、Disable the Do not set default client printer to be default printer in a session Group Policy setting.
考题
In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()A、to specify the destination addresses to which access is permittedB、to specify the source address permitted to access the resourceC、to specify the services to which access is permittedD、to inform the enforcer to expect policy information from the Junos Pulse Access Control Service
考题
What must be updated regularly to detect the newest versions of personal firewalls on endpoints? ()A、Infranet Enforcer firmwareB、Infranet Controller rollback softwareC、Host Security Assessment Plug-in (HSAP)D、Endpoint Security Assessment Plug-in (ESAP)
考题
You navigate to "UAC" "Infranet Enforcer" "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()A、Dynamic auth table mapping is not enabled.B、A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.C、To create a static auth table mapping, you must delete the default policy.D、The default policy applies only to the factory-default role User.
考题
What is the function of Host Checker?()A、To allow clientless access to the networkB、To restrict access to protected resources on the networkC、To scan an endpointfor compliance with security policiesD、To push a firewall policy to the endpoint's local firewall application
考题
You are not able to telnet to the interface IP address of your device from a PC on the same subnet. What iscausing the problem?()A、Telnet is not being permitted by self policy.B、Telnet is not being permitted by security policy.C、Telnet is not allowed because it is not considered secure.D、Telnet is not enabled as a host-inbound service on the zone
考题
You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()A、resource access policiesB、Host Enforcer policiesC、source IP enforcement policiesD、IPsec enforcement policies
考题
Your company has an Active Directory Domain Services (AD DS) domain. All client computers run Windows 7. You have a Remote Desktop Session Host (RD Session Host) server. You have the following requirements: H Local devices from remote desktop clients must be redirected to the RD Session Host server . H USB devices from remote desktop clients must not be redirected to the RD Session Host server. What should you do?()A、Disable drive redirection on the remote desktop clients.B、Disable drive redirection on the RD Session Host server.C、Enable the Prevent installation of removable devices Group Policy setting on the remote desktop clients.D、Enable the Prevent installation of removable devices Group Policy setting on the RD Session Host server.
考题
单选题Your company has a load-balanced Remote Desktop Session Host (RD Session Host) cluster. You need to track user session information for the load-balanced RD Session Host cluster. What should you do?()A
Create a Remote Desktop resource authorization policy (RD RAP).B
Create a Remote Desktop connection authorization policy (RD CAP).C
Install and configure the Remote Desktop Licensing role service.D
Install and configure the Remote Desktop Connection Broker role service.
考题
单选题What is the function of Host Checker?()A
To allow clientless access to the networkB
To restrict access to protected resources on the networkC
To scan an endpointfor compliance with security policiesD
To push a firewall policy to the endpoint's local firewall application
考题
单选题What is a Host Enforcer policy?()A
A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.B
A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.C
A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.D
A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.
考题
单选题You have an SRX Series Layer 2 enforcer providing 802.1X authentication for connected endpoints. Your security policy requires that users who fail their authentication be placed in a specific VLAN.On the Layer 2 enforcer, at the [edit protocols dot1x authenticator interface] hierarchy for each participating interface, what provides this functionality?()A
guest-vlanB
auth-fail-vlanC
server-reject-vlanD
server-fail-vlan
考题
单选题Your company runs Remote Desktop Services. You have a Remote Desktop Session Host (RD Session Host) server. You need to ensure that remote desktop users can prin t only to the printers that are installed on the RD Session Host server. What should you do?()A
Enable the Do not allow client printer redirection Group Policy setting.B
Disable the Do not allow client printer redirection Group Policy setting.C
Enable the Do not set default client printer to be default printer in a session Group Policy setting.D
Disable the Do not set default client printer to be default printer in a session Group Policy setting.
考题
多选题You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()ASelect Require and Enforce for the Host Checker Policy in the realm authentication policy.BSelect Evaluate Policies for the Host Checker policy in the realm authentication policy.CConfigure the Host Checker policy as a role restriction for the Employee role.DConfigure the Host Checker policy as a resource access policy for the Employee role.
考题
单选题You are not able to telnet to the interface IP of your JUNOS software with enhanced services devicefrom a PC on the same subnet. What is causing the problem? ()A
Telnet is not being permitted by self policy.B
Telnet is not being permitted by security policy.C
Telnet is not allowed because it is not considered secure.D
Telnet is not enabled as a host-inbound service on the zone.
考题
单选题A network administrator has configured source NAT, translating to an address that is on a locally connected subnet.The administrator sees the translation working, but traffic does not appear to come back. What is causing the problem?()A
The host needs to open the telnet port.B
The host needs a route for the translated address.C
The administrator must use a proxy-arp policy for the translated address.D
The administrator must use a security policy, which will allow communication between the zones.
考题
多选题You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()AResource access policy on the MAG Series deviceBIPsec routing policy on the MAG Series deviceCGeneral traffic policy blocking access through the firewall enforcerDAuth table entry on the firewall enforcer
考题
单选题You navigate to "UAC" "Infranet Enforcer" "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()A
Dynamic auth table mapping is not enabled.B
A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.C
To create a static auth table mapping, you must delete the default policy.D
The default policy applies only to the factory-default role User.
考题
单选题In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()A
to specify the destination addresses to which access is permittedB
to specify the source address permitted to access the resourceC
to specify the services to which access is permittedD
to inform the enforcer to expect policy information from the Junos Pulse Access Control Service
热门标签
最新试卷
