Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?()A、The new sessions matching the policy are denied. The existing sessions are dropped.B、The new sessions matching the policy are denied. The existingsessions, not being allowed tocarry any traffic, simply timeout.C、The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.D、The new sessions matching the policy are denied. The existing sessions continue until they are completed or their time.
Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?()
- A、The new sessions matching the policy are denied. The existing sessions are dropped.
- B、The new sessions matching the policy are denied. The existingsessions, not being allowed tocarry any traffic, simply timeout.
- C、The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.
- D、The new sessions matching the policy are denied. The existing sessions continue until they are completed or their time.
相关考题:
Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?() A. The new sessions matching the policy are denied. The existing sessions are dropped.B. The new sessions matching the policy are denied. The existingsessions, not being allowed tocarry any traffic, simply timeout.C. The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.D. The new sessions matching the policy are denied. The existing sessions continue until they are completed or their time.
Enabling jumbo frame support on a Cisco Nexus 5500 Switch can be done through which method?() A、 changing the default policy map from a default MTU of 1500 to 9216B、 using the command system jumbomtu 9216C、 using the command interface MTU 9216D、 configuring the default Ethernet system class to an MTU of 9216 with a new network QoS policy map
Which three packet interception methods are configurable in WX devices?() (Choose three.)A、OSPFB、WCCPC、policy based routingD、route injection using RIPv1E、route injection using RIPv2
The number of packets (or flows) dropped because they do not conform to the ASA/PIX security policy can be viewed using what command? ()A、 show asp dropB、 show counters dropC、 show security-policyD、 show policy-map
Which three protocols should be explicitly managed by using a CoPP policy on an Internet border router?()A、SMTPB、ICMPC、BGPD、SSHE、RTPF、BitTorrentG、VTP
When determining a customer’s security requirements using the security site survey from the steps for success methodology, which three of theses should be included in the customer’s security policy and procedures?()A、Third-party due diligence policy reviewB、Remote Access PolicyC、Encryption PolicyD、Application change control policyE、Security Personnel policy
You want to enforce a company’s business policy on several objects by using a single policy function. Which two types of policies can be assigned to the policy_type argument in the dbms_rls.add_policy procedure to achieve the above objective? ()A、 DBMS_RLS.STATICB、 DBMS_RLS.DYNAMICC、 DBMS_RLS.SHARED_STATICD、 DBMS_RLS.CONTEXT_SENSITIVEE、 DBMS_RLS.SHARED_CONTEXT_SENSITIVE
You need to design desktop and security settings for the client computers in the Seattle call center. Your solution must be implemented by using the minimum amount of administrative effort.Which two actions should you perform?()A、On each client computer in the call center, configure a local policy that lists only authorized programs in the Allowed Windows Programs listB、Using NTFS permissions, assign the Deny – Read permission for all unauthorized executable files to the client computer domain accountsC、Design a Group Policy object (GPO) that enforces a software restriction policy on all client computers in the call centerD、Design a Group Policy object (GPO) that implements an IPSec policy on all client computers in the call center. Ensure that the IPSec policy rejects connections to any Web servers that the company does not operate
Your corporate network has a member server named RAS1 that runs Windows Server 2008 R2. You configure RAS1 to use the Routing and Remote Access Services (RRAS).The companys remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees.You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection.What should you do?()A、Install the Network Policy Server (NPS) server role on RAS1.B、Create a remote access policy that requires users to authenticate by using SPAP.C、Create a remote access policy that requires users to authenticate by using EAP-TLS.D、Create a remote access policy that requires users to authenticate by using MS-CHAP v2.
Your corporate network has a member server named RAS1 that runs Windows Server 2008. You configure RAS1 to use the Routing and Remote Access Service (RRAS) The companys remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees. You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection. What should you do?()A、 Install the Network Policy Server (NPS) on the RAS1 serverB、 Create a remote access policy that requires users to authenticate by using SPAPC、 Create a remote access policy that requires users to authenticate by using EAP-TLSD、 Create a remote access policy that requires users to authenticate by using MS-CHAP v2
You are the administrator of an Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. A server named Filesrv1 contains confidential data that is only available to users in the human resources (HR) department. You want all computers in the HR department to connect to Filesrv1 by using an IPSec policy. You assign the Server (Request Security) IPSec policy to Filesrv1. Using Network Monitor, you notice that some computers in the HR department connect to Filesrv1 without using the IPSec policy. You need to configure Filesrv1 to ensure that all computers connect to it by using the IPSec policy. What should you do?()A、Assign the Secure Server(Require Security) IPSec policy.B、Assign the Client (Respond Only)IPSec policy.C、Unassign the Server(Request Security IPSec policy.D、Restart the IPSec Services service.
You need to recommend a solution for deploying and managing App2. What should you recommend?() A、Publish App2 as a RemoteApp program.B、Deploy App2 by using a Group Policy logon script.C、Assign App2 by using Group Policy software distribution.D、Publish App2 by using Group Policy software distribution.
You need to recommend a solution for managing administrative rights for the branch office client computers. The solution must meet the companys technical requirements.What should you recommend configuring?()A、Account Policies by using GPOsB、Local Users and Groups by using Group Policy preferencesC、Restricted Groups by using GPOsD、Security Options by using Group Policy preferences
单选题Enabling jumbo frame support on a Cisco Nexus 5500 Switch can be done through which method?()A changing the default policy map from a default MTU of 1500 to 9216B using the command system jumbomtu 9216C using the command interface MTU 9216D configuring the default Ethernet system class to an MTU of 9216 with a new network QoS policy map
单选题You have a Windows 7 computer that is a member of a workgroup. You need to prevent members of a localgroup from starting a specific application. You must achieve this goal by using the minimum amount ofadministrative effort. What should you create?()Aadministrative template.Bapplication control policy.CIPSec policy.Dsoftware restriction policy.
单选题You need to recommend a deployment strategy for App1. What should you recommend?()AAssign App1 to users by using a Group Policy.BPublish App1 to users by using a Group Policy.CDeploy App1 as a RemoteApp program by using an MSI file.DDeploy App1 as a RemoteApp program by using an RDP file.
单选题You need to design a software usage policy for the employees of Southbridge Video. The policy must meet business requirements. What should you do?()AConfigure the software restriction policy in the Default Domain Policy Group Policy object (GPO)BCreate a new connection object by using the Connection Manager Administration Kit (CMAK), and install the new connection object on all client computersCCreate and configure a local security policy on both of the ISA server computersDConfigure the Internet Explorer settings in the Default Domain Policy Group Policy object (GPO)
多选题Which three protocols should be explicitly managed by using a CoPP policy on an Internet border router?()ASMTPBICMPCBGPDSSHERTPFBitTorrentGVTP
单选题Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessionswhen you change the policy action from permit to deny? ()AThe new sessions matching the policy are denied. The existing sessions are dropped.BThe new sessions matching the policy are denied. The existing sessions, not being allowed to carry any traffic, simply timeout.CThe new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.DThe new sessions matching the policy are denied. The existing sessions continue until they are completed or their timeout is reached.
多选题You want to enforce a company’s business policy on several objects by using a single policy function. Which two types of policies can be assigned to the policy_type argument in the dbms_rls.add_policy procedure to achieve the above objective? ()ADBMS_RLS.STATICBDBMS_RLS.DYNAMICCDBMS_RLS.SHARED_STATICDDBMS_RLS.CONTEXT_SENSITIVEEDBMS_RLS.SHARED_CONTEXT_SENSITIVE
单选题Your network consists of a single Active Directory domain named Contoso.com. All servers on the network run Windows Server 2003 Service Pack 2 (SP2). All client computers on the network run Windows XP Professional Service Pack 3 (SP3). All computers run a custom application named App1. App1 requires domain authentication. App1 does not support smart card authentication. Your company implements a new security policy that states that all users must log on to their computers by using a smart card. You need to ensure that all users can use App1 whilemeeting the new security policy. What should you do?()AConfigure the Smart Card service to start automatically on all computers by using a Group Policy object (GPO).BFrom the properties of all user accounts, enable the Store password using reversible encryption setting.CFrom the properties of all user accounts, enable the Require smart cards for interactive logon setting.DEnable the Require smart cards for interactive logon policy setting on all computers by using a Group Policy object (GPO).
单选题Which statement regarding the implementation of an IDP policy template is true?()AIDP policy templates are automatically installed as the active IDP policy.BIDP policy templates are enabled using a commit script.CIDP policy templates can be downloaded without an IDP license.DIDP policy templates are included in the factory-default configuration.
单选题The number of packets (or flows) dropped because they do not conform to the ASA/PIX security policy can be viewed using what command? ()A show asp dropB show counters dropC show security-policyD show policy-map