网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in the Untrust zone. How do you create this policy?()
A
Specify the IP address (172.19.1.1/32) as the destination address in the policy.
B
Specify the DNS entry (hostb.example.com.) as the destination address in the policy.
C
Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.
D
Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy
参考答案
参考解析
解析:
暂无解析
更多 “单选题You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in the Untrust zone. How do you create this policy?()A Specify the IP address (172.19.1.1/32) as the destination address in the policy.B Specify the DNS entry (hostb.example.com.) as the destination address in the policy.C Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.D Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy” 相关考题
考题
Your network contains an Active Directory domain. All client computers run Windows XP Service Pack 3 (SP3). The domain contains a member server named Server1 that runs Windows Server 2008 R2. On Server1, you create a connection security rule that requires authentication for inbound and outbound connections. You configure the connection security rule to use Kerberos authentication. You need to ensure that the client computers can connect to Server1. The solution must ensure that all connections to Server1 are encrypted. What should you do?()A. From the Windows Firewall with Advanced Security console, create an inbound rule on Server1.B. From the Windows Firewall with Advanced Security console, create an outbound rule on Server1.C. From a Group Policy object (GPO), enable the Client (Respond Only) IPSec policy on all client computers.D. From a Group Policy object (GPO), configure the Network Security: LDAP client signing requirements policy setting for all client computers.
考题
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 hosts a custom application named App1. App1 is accessible on TCP port 5000.You need to encrypt App1 data on the network.What should you do?()A. From the Local Security Policy console, configure the Security Options.B. From the Local Security Policy console, configure the Application Control Policies.C. From the Windows Firewall with Advanced Security console, create an inbound rule.D. From the Windows Firewall with Advanced Security console, create a connection security rule.
考题
You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com (172.19.1.1) in the Untrust zone.How do you create this policy?()
A. Specify the IP address (172.19.1.1/32) as the destination address in the policy.B. Specify the DNS entry (hostb.example.com) as the destination address in the policy.C. Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.D. Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.
考题
You are installing a MAG Series device for access control using an SRX Series device as the firewall enforcer. The MAG Series device resides in the same security zone as users. However, the users reside in different subnets and use the SRX Series device as an IP gateway.Which statement is true?()A. You must configure a security policy on the SRX Series device to allow traffic to flow from the user devices to the MAG Series device.B. No security policy is necessary on the SRX Series device to allow traffic to flow from the user devices to the MAG Series device.C. You must configure host-inbound traffic on the SRX Series device to allow SSL traffic between the MAG Series device and the user devices.D. You must configure host-inbound traffic on the SRX Series device to allow EAP traffic between the MAG Series device and the user devices.
考题
You want to create a policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in theUntrust zone. How do you do create this policy? ()A、Specify the IP address (172.19.1.1/32) as the destination address in the policy.B、Specify the DNS entry (hostb.example.com.) as the destination address in the policy.C、Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.D、Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.
考题
Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering. You need to create a password policy for the engineering department that is different from your domain password policy. What should you do()A、Create a new GPO. Link the GPO to the Engineering OU.B、Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the Engineering OU.C、Create a global security group and add all the user accounts for the engineering department to the group. Create a new Password Policy Object (PSO) and apply it to the group.D、Create a domain local security group and add all the user accounts for the engineering department to the group. From the Active Directory Users and Computer console, select the group and run the Delegation of Control Wizard.
考题
You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service. What must you add to complete the security policy configuration?()A、The intranet-auth authentication optionB、The redirect-portal application serviceC、The uac-policy application serviceD、The ipsec-vpn tunnel
考题
Which statement describes the behavior of a security policy?()A、The implicit default security policy permits all traffic.B、Traffic destined to the device itself always requires a security policy.C、Traffic destined to the device’s incoming interface does not require a security policy.D、The factory-default configuration permits all traffic from all interfaces.
考题
Your network consists of a single Active Directory domain. The functional level of the forest is Windows Server 2008 R2. You need to create multiple password policies for users in your domain. What should you do()A、From the Active Directory Schema snap-in, create multiple class schema objects.B、From the ADSI Edit snap-in, create multiple Password Setting objects.C、From the Security Configuration Wizard, create multiple security policies.D、From the Group Policy Management snap-in, create multiple Group Policy objects.
考题
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)A、Traffic is permitted from the trust zone to the untrust zone.B、Intrazone traffic in the trust zone is permitted.C、All traffic through the device is denied.D、The policy is matched only when no other matching policies are found.
考题
Your company uses SQL Server 2005. You are implementing a series of views that are used in ad hoc queries. The views are used to enforce your companys security policy of abstracting data. Some of these views perform slowly. You create indexes on those views to increase performance, while still maintaining the companys security policy. One of the views returns the current date as one of the columns. The view returns the current date by using the GETDATE( ) function. This view does not allow you to create an index. You need to create an index on the view. Which two actions should you perform?()A、 Remove all deterministic function calls from within the view. B、 Remove all nondeterministic function calls from within the view. C、 Schema-bind all functions that are called from within the view. D、 Create the view and specify the WITH CHECK OPTION clause.
考题
Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering. You need to create a password policy for the engineering department that is different from your domain password policy. What should you do()A、Create a new GPO. Link the GPO to the Engineering OU.B、Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the Engineering OUC、Create a global security group and add all the user accounts for the engineering department to the group. Create aD、Create a domain local security group and add all the user accounts for the engineering department to the group. Fr
考题
You need to design an audit strategy for Southbridge Video. Your solution must meet business requirements.What should you do?()A、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO, and link it to the domain. Import the new security template into the new GPOB、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO, and link it to the Domain Controllers OU. Import the new security template into the new GPOC、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO, and link it to the Domain Controllers OU. Import the new security template into the new GPOD、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO, and link it to the domain. Import the new security template into the new GPO
考题
You are the administrator of your company's network. You want to configure a Security Policy for the Windows 2000 Professional Computers that are in the sales department. On one of the computers, you use Security Templates to configure the Security Policy based on the desired security settings. You then export those settings to an .inf file that will be used on all of the Computers in the sales department. You want to configure each Computer to have a customized Security Policy. What steps should you follow in order to achieve your goal?()A、Use Secedit.exe to import the security settings from the .inf file to the computers in the sales department.B、Use a text editor to change the default security settings to the desired security settings. Then export those settings to the Computers in the sales department.C、Create an organizational unit (OU) named Sales. Add the users in the sales department to the Sales OU. Then apply the security template to the users in the Sales OU.D、Create an organizational unit (OU) named Sales. Add the computers in the sales department to the Sales OU. Then apply the security template to computers in the Sales OU.
考题
Your network contains a DNS server that has a reverse lookup zone for all of your network segments. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). An IP security policy is assigned to Server1. You verify IPSec traffic and see that the current security associations display only by IP address. You need to view the fully qualified domain names for all security associations. What should you do?()A、From the DNS console, add Server1 as a name server.B、From the DNS console, change dynamic updates to Secure only.C、From IP Security Monitor on Server1, enable DNS name resolution.D、From IP Security Monitor on Server1, create a new taskpad view.
考题
You are the administrator of your company’s network. Ten Windows 2000 Professional computers are located in the Research department. The computers contain highly confidential information. You want the 10 computers to be able to communicate with other Windows 2000 Professional computers on the network. However, you do not want them to communicate with computers that are not running Windows 2000, including those that are running Windows 95, Windows 98 and Windows NT. You want to configure a security policy on each computer to ensure that the confidential information is secure. What should you do?()A、Use Security Configuration and Analysis to import the Hisecws.inf security template file to modify the default security settings.B、Use security templates to create a security template file and import the security settings to modify the default security settings.C、Use the local computer policy to disable the access to this computer from the network option.D、Use Secedit.exe to reconfigure the computers’ default security settings to not allow anonymous access to the computers.
考题
You have a combined Windows 2000 and Windows 98 network that contain sensitive data. You want to utilize as many new Windows 2000 security features as possible. You want to customize a security policy on each computer to ensure that data is kept confidential and secured. Allcomputers must still be able to communicate with each other over the network. What should you do?()A、Use the security configuration and analysis console to improve the HISECWS security template file.B、Use the local computer policy to disable the access this computer from the network option.C、Use SECEDIT to reconfigure the computer default security settings to not allow anonymous access to the computer.D、Create a policy that excludes write access to the windows 2000 computers then apply the policy to all non-windows 2000 computers.E、None of the above, Windows 9X systems cannot be secured using security template files.
考题
You are the administrator of your company’s network. You use Security Templates to configure a Security Policy on the Windows 2000 Professional Computers in the Sales organizational unit (OU). You notice that the Computers in the Sales OU are not downloading the Security Policy settings. On each computer, the Security Policy appears in the Local Computer Policy, but is not listed as the effective policy. You want all computers in the Sales OU to have the Security Policy listed as the effective policy. How should you accomplish this task? ()A、Use Security Templates to correct the setting and export the security file.B、Use Security Configuration and Analysis to import the security setting. Then create a Group policy object (GPO) for the Sales QU.C、Use Secedit /RefreshPolicy Machine_Policy command.D、Use the Basicwk.inf security file settings, save the security file, and then import the fileto theComputers.
考题
You have a file server that runs Windows Server 2003 Service Pack 2 (SP2). You need to track the amount of disk space used by each user on the server. What should you do? ()A、From Performance console, create a counter log.B、From the properties of each volume, enable quotas.C、From the Event Viewer console, create a new log view.D、From the Local Security Policy, enable auditing for object access.
考题
Your network consists of a single Active Directory domain. The functional level of the forest is Windows Server 2008. You need to create multiple password policies for users in your domain. What should you do()A、From the Schema snap-in, create multiple class schema objects.B、From the ADSI Edit snap-in, create multiple Password Setting objects.C、From the Security Configuration Wizard, create multiple security policies.D、From the Group Policy Management snap-in, create multiple Group Policy objects.
考题
单选题You want to create a policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in theUntrust zone. How do you do create this policy? ()A
Specify the IP address (172.19.1.1/32) as the destination address in the policy.B
Specify the DNS entry (hostb.example.com.) as the destination address in the policy.C
Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.D
Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.
考题
多选题You want to create a security policy on an SRX240 that redirects unauthenticated users back to the Junos Pulse Access Control Service.Which two steps must you take to accomplish this task?()AConfigure a captive-portal service that redirects all traffic back to the Junos Pulse Access Control Service.BConfigure a security policy that references the unified-access-control captive-portal service.CConfigure a captive-portal service that redirects unauthenticated traffic back to the Junos Pulse Access Control Service.DConfigure a security policy that references the unified-access-control intranet-controller service.
考题
单选题You have a combined Windows 2000 and Windows 98 network that contain sensitive data. You want to utilize as many new Windows 2000 security features as possible. You want to customize a security policy on each computer to ensure that data is kept confidential and secured. Allcomputers must still be able to communicate with each other over the network. What should you do?()A
Use the security configuration and analysis console to improve the HISECWS security template file.B
Use the local computer policy to disable the access this computer from the network option.C
Use SECEDIT to reconfigure the computer default security settings to not allow anonymous access to the computer.D
Create a policy that excludes write access to the windows 2000 computers then apply the policy to all non-windows 2000 computers.E
None of the above, Windows 9X systems cannot be secured using security template files.
考题
单选题You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service. What must you add to complete the security policy configuration?()A
The intranet-auth authentication optionB
The redirect-portal application serviceC
The uac-policy application serviceD
The ipsec-vpn tunnel
考题
单选题You are the administrator of your company's network. You want to configure a Security Policy for the Windows 2000 Professional Computers that are in the sales department. On one of the computers, you use Security Templates to configure the Security Policy based on the desired security settings. You then export those settings to an .inf file that will be used on all of the Computers in the sales department. You want to configure each Computer to have a customized Security Policy. What steps should you follow in order to achieve your goal?()A
Use Secedit.exe to import the security settings from the .inf file to the computers in the sales department.B
Use a text editor to change the default security settings to the desired security settings. Then export those settings to the Computers in the sales department.C
Create an organizational unit (OU) named Sales. Add the users in the sales department to the Sales OU. Then apply the security template to the users in the Sales OU.D
Create an organizational unit (OU) named Sales. Add the computers in the sales department to the Sales OU. Then apply the security template to computers in the Sales OU.
考题
单选题Which statement describes the behavior of a security policy?()A
The implicit default security policy permits all traffic.B
Traffic destined to the device itself always requires a security policy.C
Traffic destined to the device’s incoming interface does not require a security policy.D
The factory-default configuration permits all traffic from all interfaces.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory forest. The forest consists of 19 Active Directory domains. Fifteen of the domains contain Windows Server 2003 domain controllers. The functional level of all the domains is Windows 2000 native. The network also consists of a single Microsoft Exchange 2000 Server organization. You need to create groups that can be used only to send e-mail messages to user accounts throughout the company. You want to achieve this goal by using the minimum amount of replication traffic and minimizing the size of the Active Directory database. You need to create a plan for creating e-mail groups for your company. What should you do?()A
Create global distribution groups in each domain. Make the appropriate users from each domain members of the global distribution group in the same domain. Create universal distribution groups. Make the global distribution groups in each domain members of the universal distribution groups.B
Create global security groups in each domain. Make the appropriate users from each domain members of the security group in the same domain. Create universal security groups. Make the global security groups in each domain members of the universal security groups.C
Create universal distribution groups. Make the appropriate users from each domain members of a universal distribution group.D
Create universal security groups. Make the appropriate users from each domain members of a universal security group.
热门标签
最新试卷
