多选题The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。ASwitch1(config-if)# switchport port-security maximum 1BSwitch1(config)# mac-address-table secureCSwitch1(config)# access-list 10 permit ip hostDSwitch1(config-if)# switchport port-security violation shutdownESwitch1(config-if)# ip access-group 10
多选题
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。
A
Switch1(config-if)# switchport port-security maximum 1
B
Switch1(config)# mac-address-table secure
C
Switch1(config)# access-list 10 permit ip host
D
Switch1(config-if)# switchport port-security violation shutdown
E
Switch1(config-if)# ip access-group 10
参考解析
解析:
暂无解析
相关考题:
a firewall is both policy and the implementation of that policy in terms of (),(),and (), as well as other security measures A、network configurationB、host systemsC、routersD、softwares
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A. Source IP and browserB. Source IP and certificateC. Certificate and Host CheckerD. Host Checker and source IP
Host A opens a Telnet connection to Host B. Host A then opens another Telnet connection to Host B. These connections are the only communication between Host A and Host B. The security policy configuration permits both connections.How many sessions exist between Host A and Host B?()A.1B.2C.3D.4
A network vulnerability scanner is part of which critical element of network and system security?() A. host securityB. perimeter securityC. security monitoringD. policy management
For the following statements, which one is perceived as a drawback of implementing Fibre ChannelAuthentication Protocol (FCAP)?()A、It is restricted in size to only three segmentsB、It requires the use of netBT as the network protocolC、It requires the implementation of IKED、It relies on an underlying Public Key Infrastructure
Which OSPF network type is ideal for partially meshed NBMA networks because it is easy to configure(requires no configuration of neighbor commands), consumes only one IP subnet, and requires no designated router election?
You are developing a Windows Communication Foundation (WCF) service. One of the parameters used with the service operations is a security token. The security token is not sensitive. The monitoring software tracks security tokens and can read tokens in clear text only.The company security policy requires that you validate all clear text data passed over the corporate network.You need to ensure that the service verifies that the security token is not changed during transit. What should you do?()A、For all the security-sensitive members, set the ProtectionLevel parameter of the MessageBodyMember or MessageHeader attribute to EncryptAndSign.B、Implement IEndpointldentityProvider in the message contract class.C、Implement ISecureConversationSession in the message contract class.D、For all the security-sensitive members, set the ProtectionLevel parameter of the MessageBodyMember or MessageHeader attribute to Sign.
Which statement describes the behavior of a security policy?()A、The implicit default security policy permits all traffic.B、Traffic destined to the device itself always requires a security policy.C、Traffic destined to the device’s incoming interface does not require a security policy.D、The factory-default configuration permits all traffic from all interfaces.
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。A、Switch1(config-if)# switchport port-security maximum 1B、Switch1(config)# mac-address-table secureC、Switch1(config)# access-list 10 permit ip hostD、Switch1(config-if)# switchport port-security violation shutdownE、Switch1(config-if)# ip access-group 10
A network vulnerability scanner is part of which critical element of network and system security?()A、host securityB、perimeter securityC、security monitoringD、policy management
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()A、TestKing1(config-if)# switchport port-security maximum 1B、TestKing1(config)# mac-address-table secureC、TestKing1(config)# access-list 10 permit ip hostD、TestKing1(config-if)# switchport port-security violation shutdownE、TestKing1(config-if)# ip access-group 10
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()A、Switch1(config-if)# switchport port-security maximum 1B、Switch1(config)# mac-address-table secureC、Switch1(config)# access-list 10 permit ip hostD、Switch1(config-if)# switchport p ort-security violation shutdownE、Switch1(config-if)# ip access-group 10
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A、Source IP and browserB、Source IP and certificateC、Certificate and Host CheckerD、Host Checker and source IP
Network Access Protection (NAP) is configured for the corporate network.Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.What should you do?()A、Create an IPsec Enforcement Network policy.B、Create an 802.1X Enforcement Network policy.C、Create a Wired Network (IEEE 802.3) Group policy.D、Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.
You are designing a Windows Server 2008 R2 Hyper-V virtualization environment. Your host servers must have the following elements: A dedicated management network adapter.A dedicated virtual network for child iSCSI network traffic.A dedicated virtual network for child network traffic with VLAN tagging. You need to choose adapters that minimize the host server processing. Which adapters should you choose?()A、three network adapters that support 802.1pB、two network adapters that support 802.1q, and one iSCSI host bus adapterC、two network adapters that support 802.1p, and one network adapter that supports TCP ChimneyD、two network adapters that support 802.1q, and one network adapter that supports Jumbo frames
You are a network administrator of an organization. Maria and John are your network assistant. You have grant then the rights to modify the user properties in the computer management. You want to audit the modification in user accounts. What should you do?()A、Turn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.B、Turn on auditing for objects in the Local Security Policy and Select 'Object Access'. C、Use Windows Explorer to turn on auditing for the specific files.D、Have the administrator for domains log you on as an administrator and enable auditing for a specific file.E、Turn on auditing for objects in the Local Security Policy and Select 'Account Management'.F、Allow only one account at a time to log on to your shared folder. Check the event viewer to see who logged on.
多选题You work as a senior administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com. All servers on the ABC.com network have Windows Server 2012 R2 installed. You are running a training exercise for junior administrators. You are currently discussing the Windows Firewall with Advanced Security feature. Which of the following is TRUE with regards to Windows Firewall with Advanced Security?()AIt provides host-based,two-way network traffic filtering for a computer.BIt provides host-based,one-way network traffic filtering for a computer.CIt blocks unauthorized network traffic flowing into or out of the local computer.DIt only blocks unauthorized network traffic flowing into the local computer.EIt only blocks unauthorized network traffic flowing out of the local computer.
问答题Which OSPF network type is ideal for partially meshed NBMA networks because it is easy to configure(requires no configuration of neighbor commands), consumes only one IP subnet, and requires no designated router election?
单选题A network vulnerability scanner is part of which critical element of network and system security?()A host securityB perimeter securityC security monitoringD policy management
单选题You are designing a Windows Server 2008 R2 Hyper-V Virtualization environment. Your host servers must have the following elements: - A dedicated management network adapter. - A dedicated virtual network for child iSCSI network traffic. - A dedicated virtual network for child network traffic with VLAN tagging. You need to choose adapters that minimize the host server processing. Which adapters should you choose?()ATwo network adapters that support 802.1p, and one iSCSI host bus adapterBTwo network adapters that support 802.1p, and one network adapter that supports TCP ChimneyCTwo network adapters that support 802.lq, and one network adapter that supports Jumbo framesDThree network adapters that support 802. 1p
单选题You are developing a Windows Communication Foundation (WCF) service. One of the parameters used with the service operations is a security token. The security token is not sensitive. The monitoring software tracks security tokens and can read tokens in clear text only.The company security policy requires that you validate all clear text data passed over the corporate network.You need to ensure that the service verifies that the security token is not changed during transit. What should you do?()AFor all the security-sensitive members, set the ProtectionLevel parameter of the MessageBodyMember or MessageHeader attribute to EncryptAndSign.BImplement IEndpointldentityProvider in the message contract class.CImplement ISecureConversationSession in the message contract class.DFor all the security-sensitive members, set the ProtectionLevel parameter of the MessageBodyMember or MessageHeader attribute to Sign.
单选题Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()ASource IP and browserBSource IP and certificateCCertificate and Host CheckerDHost Checker and source IP
多选题You administer a network containing SRX Series firewalls. New policy requires that you implement MAG Series devices to provide access control for end users. The policy requires that the SRX Series devices dynamically enforce security policy based on the source IP address of the user. The policy also requires that the users communicate with protected resources using encrypted traffic. Which two statements are true?()AThe endpoints can use agentless access.BEncrypted traffic flows between the endpoint and the enforcer.CEncrypted traffic flows between the endpoint and the protected resourceDThe endpoints can use the Odyssey Access Client.
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The company has an internal network and a perimeter network. The internal network is protected by a firewall. Application servers on the perimeter network are accessible from the Internet. You are deploying 10 Windows Server 2003 computers in application server roles. The servers will be located in theperimeter network and will not be members of the domain. The servers will host only publicly available Web pages. The network design requires that custom security settings must be applied to the application servers. These custom security settings must be automatically refreshed every day to ensure compliance with the design. You create a custom security template named Baseline1.inf for the application servers. You need to comply with the design requirements. What should you do? ()A Import Baseline1.inf into the Default Domain Policy Group Policy object (GPO).B Create a task on each application server that runs Security and Configuration Analysis with Baseline1.inf every day.C Create a task on each application server that runs the secedit command with Baseline1.inf every day.D Create a startup script in the Default Domain Policy Group Policy object (GPO) that runs the secedit command with Baseline1.inf.
多选题The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()ASwitch1(config-if)# switchport port-security maximum 1BSwitch1(config)# mac-address-table secureCSwitch1(config)# access-list 10 permit ip hostDSwitch1(config-if)# switchport p ort-security violation shutdownESwitch1(config-if)# ip access-group 10
单选题Host A opens a Telnet connection to Host B. Host A then opens another Telnet connection to Host B. These connections are the only communication between Host A and Host B. The security policy configuration permits both connections. How many sessions exist between Host A and Host B?()A1B2C3D4
单选题Your network contains an Active Directory domain. All client computers run Windows XP Service Pack 3 (SP3). The domain contains a member server named Server1 that runs Windows Server 2008 R2. On Server1, you create a connection security rule that requires authentication for inbound and outbound connections. You configure the connection security rule to use Kerberos authentication. You need to ensure that the client computers can connect to Server1. The solution must ensure that all connections to Server1 are encrypted. What should you do?()AFrom the Windows Firewall with Advanced Security console, create an inbound rule on Server1.BFrom the Windows Firewall with Advanced Security console, create an outbound rule on Server1.CFrom a Group Policy object (GPO), enable the Client (Respond Only) IPSec policy on all client computers.DFrom a Group Policy object (GPO), configure the Network Security: LDAP client signing requirements policy setting for all client computers.
单选题For the following statements, which one is perceived as a drawback of implementing Fibre ChannelAuthentication Protocol (FCAP)?()AIt is restricted in size to only three segmentsBIt requires the use of netBT as the network protocolCIt requires the implementation of IKEDIt relies on an underlying Public Key Infrastructure