多选题The Company security administrator is concerned with VLAN hopping based attacks. Which two statements about these attacks are true? ()AAttacks are prevented by utilizing the port-security feature.BAn end station attempts to gain access to all VLANs by transmitting Ethernet frames in the 802.1q encapsulation.CConfiguring an interface with the switchport mode dynamic command will prevent VLAN hopping.DAn end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q encapsulation.EConfiguring an interface with the switchport mode access command will prevent VLAN hopping.
多选题
The Company security administrator is concerned with VLAN hopping based attacks. Which two statements about these attacks are true? ()
A
Attacks are prevented by utilizing the port-security feature.
B
An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the 802.1q encapsulation.
C
Configuring an interface with the switchport mode dynamic command will prevent VLAN hopping.
D
An end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q encapsulation.
E
Configuring an interface with the switchport mode access command will prevent VLAN hopping.
参考解析
解析:
暂无解析
相关考题:
如果一台Cisco PIX525防火墙有如下配置Pix525(config)#nameif ethernet0 outside security VLAN1Pix525(config)#nameif ethernet1 inside security VLAN2Pix525(config)#nameif ethernet2 DMZ security VLAN3那么通常VLAN1、VLAN2、VLAN3的取值分别是A、0、50、100B、0、100、50C、100、0、50D、100、50、0
Who is responsible for the development of the ship security plan?________.A.The company security officerB.The classification societyC.The port facility security officerD.The ship security officer
An administrator is unsuccessful in adding VLAN 50 to aswitch. While troubleshooting the problem, the administrator views the output of the show vtp status command, which is displayed in the graphic. What commands must be issued on this switch to add VLAN 50 to the database?()A. Switch(config-if)# switchport access vlan 50B. Switch(vlan)# vtp serverC. Switch(config)# config-revision 20D. Switch(config)# vlan 50 name TechE. Switch(vlan)# vlan 50F. Switch(vlan)# switchport trunk vlan 50
The Company administrator has issue the "show vlan id 5" command. What will this command display? ()A、 Ports in VLAN 5B、 UtilizationC、 VLAN information on port 0/5D、 FiltersE、 MTU and type
The Company security administrator wants to prevent DHCP spoofing. Which statement is true about DHCP spoofing operation?()A、 DHCP spoofing and SPAN cannot be used on the same port of a switch.B、 To prevent a DHCP spoofing, the DHCP server must create a static ARP entry that cannot be updated by a dynamic ARP packet.C、 To prevent a DHCP spoofing, the switch must have DHCP server services disabled and a static entry pointing towards the DHCP server.D、 DHCP spoofing can be prevented by placing all unused ports in an unused VLAN.E、 None of the other alternatives apply.
A network administrator needs to configure port security on a switch.which two statements are true?()A、The network administrator can apply port security to dynamic access portsB、The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.C、The sticky learning feature allows the addition of dynamically learned addresses to the runningconfiguration.D、The network administrator can apply port security to EtherChannels.E、When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.
An administrator is concerned about users utilizing the company's wireless signal with their personal laptops. Which of the following is the BEST method to use to prevent unauthorized devices from using the company's wireless network?()A、Secure VPNB、MAC filteringC、IP filteringD、Static IP addresses
The Company security administrator wants to prevent VLAN hopping on the network. What is one method that can be used to do this? ()A、 Attacks are prevented by utilizing the port-security feature.B、 An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the 802.1q encapsulation.C、 Configuring an interface with the switchport mode dynamic command will prevent VLAN hopping.D、 An end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q encapsulation.E、 Configuring an interface with the "switchport mode access" command will prevent VLAN hopping.
A network administrator needs to configure port security on a switch.which two statements are true?()A、The network administrator can apply port security to dynamic access portsB、The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.C、The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.D、The network administrator can apply port security to EtherChannels.E、When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.
The Company security administrator is concerned with VLAN hopping based attacks. Which two statements about these attacks are true? ()A、 Attacks are prevented by utilizing the port-security feature.B、 An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the 802.1q encapsulation.C、 Configuring an interface with the switchport mode dynamic command will prevent VLAN hopping.D、 An end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q encapsulation.E、 Configuring an interface with the "switchport mode access" command will prevent VLAN hopping.
The Company security administrator is concerned with layer 2 network attacks. Which two statements about these attacks are true? ()A、 ARP spoofing attacks are attempts to redirect traffic to an attacking host by encapsulating a false 802.1Q header on a frame and causing traffic to be delivered to the wrong VLAN.B、 ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP message with a forged identity to a transmitting host.C、 MAC address flooding is an attempt to force a switch to send all information out every port byoverloading the MAC address table.D、 ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP packet that contains the forged address of the next hop router.E、 MAC address flooding is an attempt to redirect traffic to a single port by associating that port with all MAC addresses in the VLAN.
You are the network administrator for your company. All servers run Windows Server 2003. Twenty company employees connect to a terminal server named Server2 to run applications and to gain access to the Internet.The 20 employees report that they receive security messages while browsing Internet Web sites. The employees report that they cannot modify the Internet Explorer security settings on their client computers while connected to Server2.You need to allow these 20 employees to modify the Internet Explorer security settings on their client computers while connected to Server2. What should you do?()A、Log on to Server2 as Administrator and add http:// to the list of trusted sites in Internet Explorer.B、Instruct the 20 employees to add http:// to the list of trusted sites in Internet Explorer on their client computers.C、Instruct the 20 employees to change the Internet Explorer privacy settings on their client computers to Low.D、Uninstall Internet Explorer Enhanced Security Configuration on Server2.
You are the administrator of your company’s network. You use Security Templates to configure a Security Policy on the Windows 2000 Professional Computers in the Sales organizational unit (OU). You notice that the Computers in the Sales OU are not downloading the Security Policy settings. On each computer, the Security Policy appears in the Local Computer Policy, but is not listed as the effective policy. You want all computers in the Sales OU to have the Security Policy listed as the effective policy. How should you accomplish this task? ()A、Use Security Templates to correct the setting and export the security file.B、Use Security Configuration and Analysis to import the security setting. Then create a Group policy object (GPO) for the Sales QU.C、Use Secedit /RefreshPolicy Machine_Policy command.D、Use the Basicwk.inf security file settings, save the security file, and then import the fileto theComputers.
You work as the enterprise exchange administrator at Company.com.The Company.com network consists of a single Active Directory domain named Company.com.Company.com has an Exchange Server 2010 organization.A new Company.com security policy prohibits the employees to send certain words between them.What should you do?()A、The best option is to create an Outlook Protection Rule to comply with the Company.com security policy.B、The best option is to set up a content filtering feature to comply with the Company.com security policy.C、The best option is to create a transport rule to comply with the Company.com security policy.D、The best option is to set up a sender reputation feature to comply with the Company.com security policy.
You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level. Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account. You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers. What should you do?()A、 Create a global distribution group in the forest root domain and name it Company Editors.B、 Create a global security group in the forest root domain and name it Company Editors.C、 Create a universal distribution group in the forest root domain and name it Company Editors. D、 Create a universal security group in the forest root domain and name it Company Editors.
单选题()means the person on board the ship, accountable to the master, designated by the Company as responsible for the security of the ship, including implementation and maintenance of the ship security plan and for liaison with the company security officer and port facility security officers.AShip security officerBCompany security officerCPort facility security officerDPSC officer
多选题A hacker on the Company network is attempting to hop onto a different VLAN. Which two statements about VLAN hopping are true? ()AAn end station attempts to gain access to all VLANs by transmitting Ethernet frames in the 802.1q encapsulation.BConfiguring an interface with the switchport mode dynamic command will prevent VLAN hopping.CAttacks are prevented by utilizing the port-security feature.DConfiguring an interface with the switchport mode access command will prevent VLAN hopping.EAn end station attempts to redirect VLAN traffic by broadcasting multiple ARP requests.
单选题You work as the enterprise exchange administrator at Company.com.The Company.com network consists of a single Active Directory domain named Company.com.Company.com has an Exchange Server 2010 organization.A new Company.com security policy prohibits the employees to send certain words between them.What should you do?()AThe best option is to create an Outlook Protection Rule to comply with the Company.com security policy.BThe best option is to set up a content filtering feature to comply with the Company.com security policy.CThe best option is to create a transport rule to comply with the Company.com security policy.DThe best option is to set up a sender reputation feature to comply with the Company.com security policy.
单选题The voice VLAN feature has been enabled on a new Company Catalyst switch port. What is the effect of this? ()AThe CoS is trusted for 802.1P or 802.1Q tagged traffic.BPortFast is disabled on the port.CPort Security is automatically enabled on a voice VLAN port.DUntagged traffic is sent according to the default CoS priority of the port.ENone of the other alternatives apply
多选题You are the network administrator tasked with designing a switching solution for the Company network. Which of the following statements describing trunk links are INCORRECT?()AThe trunk link belongs to a specific VLAN.BMultiple trunk links are used to connect multiple end user devices.CA trunk link only supports native VLAN.DTrunk links use 802.10 to identify a VLAN.EThe native VLAN of the trunk link is the VLAN that the trunk uses for untagged packets.
单选题()means the person designated as responsible for the development, implementation, revision and maintenance of the port facility security plan and for liaison with the ship security officers and company security officers.AShip security officerBCompany security officerCPort facility security officerDPSC officer
单选题You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level. Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account. You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers. What should you do?()A Create a global distribution group in the forest root domain and name it Company Editors.B Create a global security group in the forest root domain and name it Company Editors.C Create a universal distribution group in the forest root domain and name it Company Editors. D Create a universal security group in the forest root domain and name it Company Editors.
单选题You are a network administrator of a large investor relations company that uses a switchednetwork to carry both data and IP telephony services. Why should you carry voice traffic on aseparate VLAN?()AIP phones require inline power and must be in separate VLAN to receive inline powerBIP telephony applications require prioritization over other traffic as they are more delaysensitiveCIP phones can only receive IP addresses through DHCP if they are in separate VLANDThe CDP frames from the IP phone can only be recognized by the switch if the phone is in anauxiliary vlan
单选题You are the network administrator for Company. Laura is a sales representative for the company. Shetravels on a regular basis and dials into the company network from her Windows 2000 Professionalportable computer. Company recently implemented a new computing security policy that mandates allremote connections be established by a two-way authentication method. You configure a Windows 2000Server computer to run Routing and Remote Access Server for Windows 2000 to meet the requirementsof the new security policy. Laura reports she now cannot initiate a dial-up connection.Laura needs to dial in to the company network. What should you do?()AApply the Hisecws.inf Security Template to Laura’s computer.BApply the Compatws.inf Security Template to Laura’s computer.CInstruct Laura to configure her dial-up connection to use multi-link.DInstruct Laura to configure her dial-up connection to use MS-CHAP v2.EInstruct Laura to configure her dial-up connections to use L2TP.
多选题The Company administrator has issue the "show vlan id 5" command. What will this command display? ()APorts in VLAN 5BUtilizationCVLAN information on port 0/5DFiltersEMTU and type
单选题The ship security assessment is an essential and integral part of the process of developing and updating()Athe ship security planBthe company security planCthe port security planDthe national security plan
单选题You are the desktop administrator for one of your company's branch offices. The network in your branch office contains 100 Windows XP Professional computers. The computers are configured with the Compatws.inf security template. One of the network administrators in the company's main office creates a new security template named CompanySec.inf. The new template is designed to be applied to each of the company's Windows XP Professional computers. The users in your branch office have different security requirements from the users in the main office. You need to find out whether the new security template will violate the security requirements of the users in the branch office. What should you do?()ARun the Secedit.exe command in validation mode and specify the new security template.BRun the Secedit.exe command in configuration mode and specify the new security template. CUse the Security Configuration and Analysis console to import both templates into a security database, and then perform an Analyze operation. DUse the Security Configuration and Analysis console to import both templates into a security database, and then perform a Configure operation.
单选题Under the terms of ISPS Code, shipping companies are required to designate a Company Security Officer for the Company and a()for each of its ships.AShip Security OfficerBDesignated Person AshoreCInternal AuditorDPatrol Team