多选题What are two valid configurations for user-driven remediation when a Windows-based endpoint fails a Host Checker policy?()AKill a running process on the endpoint, based on executable name and MD5 checksum.BDelete a file on the endpoint's file system.CDownload and run a remediation executable from the local software distribution server.DAlter registry entries to prevent future execution of an executable, based on executable name and full path.
多选题
What are two valid configurations for user-driven remediation when a Windows-based endpoint fails a Host Checker policy?()
A
Kill a running process on the endpoint, based on executable name and MD5 checksum.
B
Delete a file on the endpoint's file system.
C
Download and run a remediation executable from the local software distribution server.
D
Alter registry entries to prevent future execution of an executable, based on executable name and full path.
参考解析
解析:
暂无解析
相关考题:
You are developing a Windows Communication Foundation (WCF) service that must be discoverable.You need to ensure that the ServiceHost instance supports multiple discovery versions.What should you do?()A. - Specify a unique DiscoveryVersion parameter for each endpoint constructor. - Use the same value for the Address property of each endpoint.B. - Use the endpoint constructor without the DiscoveryVersion parameter. - Use a unique value for the Address property of each endpoint.C. - Specify a unique DiscoveryVersion parameter for each endpoint constructor. - Use a unique value for the Address property of each endpoint.D. - Use the endpoint constructor without the DiscoveryVersion parameter. - Use the same value for the Address property of each endpoint.
You are developing a Windows Communication Foundation (WCF) service. The service needs to access out-of-process resources.You need to ensure that the service accesses these resources on behalf of the originating caller. What should you do?()A. Set the value of ServiceSecurityContext.Current.WindowsIdentity.ImpersonationLevel to TokenlmpersonationLevel.ImpersonationB. Set the value of ServiceSecurityContext.Current.Windowsldentity.ImpersonationLevel to TokenlmpersonationLevel.DelegationC. Set the PrincipalPermissionAttribute on the service contract and update the binding attribute in the endpoint element of the configuration file to wsHttpBindingD. Set the PnncipalPermissionAttribute on the service contract and update the bindingConfiguration attribute in the endpoint element of the configuration file to wsHttpBinding
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A. Source IP and browserB. Source IP and certificateC. Certificate and Host CheckerD. Host Checker and source IP
What is a Host Enforcer policy?() A. A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.B. A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.C. A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.D. A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.
Your company has deployed the Junos Pulse Access Control Service. The system administrator notices that the Host Checker policies are not being applied and enforced. You have verified that the controllers configuration is correct.Which two conditions are causing this issue?()A. The endpoint is using EAP-PEAP with EAP-GTC as the inner protocol,B. The endpoint is using EAP-TTLS with EAP-JUAC as the inner protocol.C. The endpoint is using EAP-FAST with EAP-GTC as the inner protocol,D. The endpoint is using EAP-PEAP with EAP-JUAC as the inner protocol.
In a Junos Pulse Access Control Service active/active clustered environment, which statement is true about VIPs?() A. VIP is not required when using only agentless access for all endpoint platforms.B. VIP is not required when using Junos Pulse or Odyssey Access Client for all endpoint platforms.C. VIP is not required when using Junos Pulse and agentless access for all endpoint platforms.D. VIP is not required when using Odyssey Access Client and agentless access for all endpoint platforms.
You want to create a Host Checker policy that looks for a specific antivirus product that is running on your client machines, but the predefined antivirus options do not include the antivirus product version that you use.Which feature should you verify the antivirus product is up to date?()A. Enhanced Endpoint SecurityB. DP signaturesC. Antivirus licensingD. Endpoint Security Assessment Plug-in
Refertotheexhibit.Whichstatementistrueaboutwheretrustboundariesshouldbeestablishedinanetwork?() A.Endpoints2and3areoptimalplacestoestablishatrustboundary.Endpoint1isanacceptableplacetoestablishatrustboundary.B.Endpoint2istheoptimalplacetoestablishatrustboundary.Endpoints1and3areacceptableplacestoestablishatrustboundary.C.Endpoint2istheonlyacceptableplacetoestablishatrustboundary.D.Endpoint1istheonlyacceptableplacetoestablishatrustboundary.E.Endpoints1and2areoptimalplacestoestablishatrustboundary.Endpoint3isanacceptableplacetoestablishatrustboundary.F.Endpoint1istheoptimalplacetoestablishatrustboundary.Endpoints2and3areacceptableplacestoestablishatrustboundary.
What is a Host Enforcer policy?()A、A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.B、A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.C、A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.D、A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.
You want to create a Host Checker policy that looks for a specific antivirus product that is running on your client machines, but the predefined antivirus options do not include the antivirus product version that you use.Which feature should you verify the antivirus product is up to date?()A、Enhanced Endpoint SecurityB、DP signaturesC、Antivirus licensingD、Endpoint Security Assessment Plug-in
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A、Source IP and browserB、Source IP and certificateC、Certificate and Host CheckerD、Host Checker and source IP
What are two valid configurations for user-driven remediation when a Windows-based endpoint fails a Host Checker policy?()A、Kill a running process on the endpoint, based on executable name and MD5 checksum.B、Delete a file on the endpoint's file system.C、Download and run a remediation executable from the local software distribution server.D、Alter registry entries to prevent future execution of an executable, based on executable name and full path.
You administer a network with Windows-based endpoints that have custom software images. You want to use Host Checker to require that endpoints are running the custom software image.Which two Host Checker policy rules would be used to enforce this requirement?()A、Isolate a file name unique to the custom image and create a custom rule-type of "File" which matches on the file. Select the "Required" option under the custom rule.B、Identify the MAC address unique to network cards installed in PCs with the custom image and create a custom rule-type of "MAC Address" which matches on the appropriate MAC address.C、Select the "Required" option under the custom rule Identify the IP address unique to the network cards installed in PCs with the custom image and create a custom rule-type of "IP Address" which matches on the appropriate IP address. Select the "Required" option under the custom rule.D、Isolate or create a unique Windows registry key for the custom image and create a custom rule- type of "Registry Setting" which matches on the name of the registry key.
What is the function of Host Checker?()A、To allow clientless access to the networkB、To restrict access to protected resources on the networkC、To scan an endpointfor compliance with security policiesD、To push a firewall policy to the endpoint's local firewall application
Your company has deployed the Junos Pulse Access Control Service. The system administrator notices that the Host Checker policies are not being applied and enforced. You have verified that the controllers configuration is correct.Which two conditions are causing this issue?()A、The endpoint is using EAP-PEAP with EAP-GTC as the inner protocol,B、The endpoint is using EAP-TTLS with EAP-JUAC as the inner protocol.C、The endpoint is using EAP-FAST with EAP-GTC as the inner protocol,D、The endpoint is using EAP-PEAP with EAP-JUAC as the inner protocol.
You are designing a Windows Azure application that will include two web roles. The web roles will communicate with on-premise development computers and on-premise databases. Web Role 1 must connect to development computers and databases. Web Role 2 must connect to only databases. What should you recommend?()A、 Create one endpoint group that contains the development computers and one endpoint group that contains the databases. Connect Web Role 1 to both endpoint groups. Connect Web Role 2 to only the database endpoint group.B、 Create one endpoint group that contains the development computers and databases. Connect Web Role 1 and Web Role 2 to the endpoint group.C、 Create one endpoint group that contains the development computers and one endpoint group that contains the databases. Connect the endpoint groups. Connect Web Role 1 and Web Role 2 to the development computer group.D、 Create one endpoint group that contains the development computers and databases, and connectit to Web Role 1. Create one endpoint group that contains only the databases, and connect it to Web Role 2.
You are developing a Windows Communication Foundation (WCF) service. The service needs to access out-of-process resources.You need to ensure that the service accesses these resources on behalf of the originating caller. What should you do?()A、Set the value of ServiceSecurityContext.Current.WindowsIdentity.ImpersonationLevel to TokenlmpersonationLevel.ImpersonationB、Set the value of ServiceSecurityContext.Current.Windowsldentity.ImpersonationLevel to TokenlmpersonationLevel.DelegationC、Set the PrincipalPermissionAttribute on the service contract and update the binding attribute in the endpoint element of the configuration file to wsHttpBindingD、Set the PnncipalPermissionAttribute on the service contract and update the bindingConfiguration attribute in the endpoint element of the configuration file to wsHttpBinding
You need to implement an authentication method on SQL4. The TravelOnline database will be accessed through a Web services application. You need to make the authentication method as secure as possible.What should you do?()A、Create an HTTP endpoint with NTLM authentication, and create a service principal name (SPN).B、Create an HTTP endpoint with digest authentication, and create a service principal name (SPN).C、Create an HTTP endpoint with integrated authentication, and create a service principal name (SPN).D、Create an HTTP endpoint with Kerberos authentication.
You have an existing Windows Communication Foundation (WCF) service that exposes a service contract over HTTP. You need to expose that contract over HTTP and TCP. What should you do?()A、Add a net.tcp base address to the host.B、Add an endpoint configured with a netTcpBinding.C、Add an endpoint behavior named netTcpBehavior to the existing endpoint.D、Add a binding configuration to the existing endpoint named netTcpBinding.
多选题What are three elements the Junos Pulse Access Control Service uses to establish endpoint access to protected resources?()Asign-in policyBauthentication realmsCrole restrictionsDpolicy realmsErouting policy
单选题What is the function of Host Checker?()ATo allow clientless access to the networkBTo restrict access to protected resources on the networkCTo scan an endpointfor compliance with security policiesDTo push a firewall policy to the endpoint's local firewall application
单选题What is a Host Enforcer policy?()AA policy that is defined on the endpoint that permits or denies inbound or outbound traffic.BA policy that is sent to the endpoint that permits or denies inbound or outbound traffic.CA policy that is sent to the protected resource that permits or denies inbound or outbound traffic.DA policy that is defined on the protected resource that permits or denies inbound or outbound traffic.
多选题You administer a network with Windows-based endpoints that have custom software images. You want to use Host Checker to require that endpoints are running the custom software image.Which two Host Checker policy rules would be used to enforce this requirement?()AIsolate a file name unique to the custom image and create a custom rule-type of File which matches on the file. Select the Required option under the custom rule.BIdentify the MAC address unique to network cards installed in PCs with the custom image and create a custom rule-type of MAC Address which matches on the appropriate MAC address.CSelect the Required option under the custom rule Identify the IP address unique to the network cards installed in PCs with the custom image and create a custom rule-type of IP Address which matches on the appropriate IP address. Select the Required option under the custom rule.DIsolate or create a unique Windows registry key for the custom image and create a custom rule- type of Registry Setting which matches on the name of the registry key.
单选题Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()ASource IP and browserBSource IP and certificateCCertificate and Host CheckerDHost Checker and source IP
多选题You administer a network containing SRX Series firewalls. New policy requires that you implement MAG Series devices to provide access control for end users. The policy requires that the SRX Series devices dynamically enforce security policy based on the source IP address of the user. The policy also requires that the users communicate with protected resources using encrypted traffic. Which two statements are true?()AThe endpoints can use agentless access.BEncrypted traffic flows between the endpoint and the enforcer.CEncrypted traffic flows between the endpoint and the protected resourceDThe endpoints can use the Odyssey Access Client.
单选题You want to create a Host Checker policy that looks for a specific antivirus product that is running on your client machines, but the predefined antivirus options do not include the antivirus product version that you use.Which feature should you verify the antivirus product is up to date?()AEnhanced Endpoint SecurityBDP signaturesCAntivirus licensingDEndpoint Security Assessment Plug-in
多选题Your company has deployed the Junos Pulse Access Control Service. The system administrator notices that the Host Checker policies are not being applied and enforced. You have verified that the controllers configuration is correct.Which two conditions are causing this issue?()AThe endpoint is using EAP-PEAP with EAP-GTC as the inner protocol,BThe endpoint is using EAP-TTLS with EAP-JUAC as the inner protocol.CThe endpoint is using EAP-FAST with EAP-GTC as the inner protocol,DThe endpoint is using EAP-PEAP with EAP-JUAC as the inner protocol.