单选题When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()AIPsec RoutingBAccess ControlCIP Address PoolDSource Interface
单选题
When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()
A
IPsec Routing
B
Access Control
C
IP Address Pool
D
Source Interface
参考解析
解析:
暂无解析
相关考题:
In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?() A. to specify the destination addresses to which access is permittedB. to specify the source address permitted to access the resourceC. to specify the services to which access is permittedD. to inform the enforcer to expect policy information from the Junos Pulse Access Control Service
You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service.What must you add to complete the security policy configuration?()A. The intranet-auth authentication optionB. The redirect-portal application serviceC. The uac-policy application serviceD. The ipsec-vpn tunnel
You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()A. resource access policiesB. Host Enforcer policiesC. source IP enforcement policiesD. IPsec enforcement policies
You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()A. Resource access policy on the MAG Series deviceB. IPsec routing policy on the MAG Series deviceC. General traffic policy blocking access through the firewall enforcerD. Auth table entry on the firewall enforcer
Which two methods of authentication are used by the Infranet Controller for IPSec enforcement?() A. dial-up VPNB. IKE authenticationC. XAuth authenticationD. shared IKE authentication
When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? () A. IPsec RoutingB. Access ControlC. IP Address PoolD. Source Interface
Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? () A. You do not need to configure a RADIUS client policy.B. You must know the exact model number of the Infranet Enforcer.C. You must specify the NACN password of the device in the RADIUS client policy.D. You do not need to designate a location group to which the Infranet Enforcer will belong.
You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()A、The crypto ACL numberB、The IPSEC mode (tunnel or transport)C、The GRE tunnel interface IP addressD、The GRE tunnel source interface or IP address, and tunnel destination IP addressE、The MTU size of the GRE tunnel interface
When using the Cisco SDM Quick Setup Siteto-Site VPN wizard, which three parameters do you configure?()A、Source interface where encrypted traffic originatesB、IP address for the remote peerC、Transform set for the IPsec tunnelD、Interface for the VPN connection
The LAN-side of the Teleworker router is assigned private IP address space (RFC1918), and the VPN topology is IPSec-only (no GRE protocol). When is it required to configure NAT/pNAT on the Teleworker router?()A、when all access to the Internet is through the IPSec tunnelB、when there is direct Internet access via split-tunnelingC、when there is no Internet access configured through the Teleworker routerD、whenever you have IOS-Firewall (CBAC) configured
Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()A、You do not need to configure a RADIUS client policy.B、You must know the exact model number of the Infranet Enforcer.C、You must specify the NACN password of the device in the RADIUS client policy.D、You do not need to designate a location group to which the Infranet Enforcer will belong.
You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service. What must you add to complete the security policy configuration?()A、The intranet-auth authentication optionB、The redirect-portal application serviceC、The uac-policy application serviceD、The ipsec-vpn tunnel
Which two methods of authentication are used by the Infranet Controller for IPSec enforcement?()A、dial-up VPNB、IKE authenticationC、XAuth authenticationD、shared IKE authentication
In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()A、to specify the destination addresses to which access is permittedB、to specify the source address permitted to access the resourceC、to specify the services to which access is permittedD、to inform the enforcer to expect policy information from the Junos Pulse Access Control Service
When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()A、IPsec RoutingB、Access ControlC、IP Address PoolD、Source Interface
You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()A、Resource access policy on the MAG Series deviceB、IPsec routing policy on the MAG Series deviceC、General traffic policy blocking access through the firewall enforcerD、Auth table entry on the firewall enforcer
An IPsec tunnel is established on an SRX Series Gateway on an interface whose IP address was obtained using DHCP.Which two statements are true? ()(Choose two.)A、Only main mode can be used for IKE negotiationB、A local-identity must be definedC、It must be the initiator for IKED、A remote-identity must be defined
You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI). To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer?()A、CLIB、WebUIC、NSMD、Junos Pulse Access Control Service
You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()A、resource access policiesB、Host Enforcer policiesC、source IP enforcement policiesD、IPsec enforcement policies
You work as the enterprise exchange administrator at Xxx .Xxx is using Microsoft Exchange Server 2010 as their messaging solution.What actions must you take to change the Exchange-specific cost for a site link?()A、You must configure the host (A) resource records.B、You must add and configure an IPSec Enforcement Network policy.C、You must create an Outlook Web App Mailbox policy.D、You must use the Set-ADSiteLink cmdlet.
单选题You want to configure your Windows 2000 Professional computer to remotely access your company’s Windows 2000 routing and remote access server. You configure a VPN connection. For security purposes, you configure the VPN connection to use MS-CHAP v2 only and to require encryption. You also configure TCP/IP to obtain an IP address automatically, to enable IPSec, and to set IPSec to secure server. When you try to connect, you receive the following error message, “The encryption attempt failed because no valid certificate was found.” What should you do to connect to the server? ()AEnable the VPN connection to use MS-CHAP.BChange the data encryption setting to Optional Encryption.CSpecify a TCP/IP address in the network properties.DChange the IPSec policy setting to Client.
单选题Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()AYou do not need to configure a RADIUS client policy.BYou must know the exact model number of the Infranet Enforcer.CYou must specify the NACN password of the device in the RADIUS client policy.DYou do not need to designate a location group to which the Infranet Enforcer will belong.
单选题You work as the enterprise exchange administrator at Xxx .Xxx is using Microsoft Exchange Server 2010 as their messaging solution.What actions must you take to change the Exchange-specific cost for a site link?()AYou must configure the host (A) resource records.BYou must add and configure an IPSec Enforcement Network policy.CYou must create an Outlook Web App Mailbox policy.DYou must use the Set-ADSiteLink cmdlet.
多选题You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()AThe crypto ACL numberBThe IPSEC mode (tunnel or transport)CThe GRE tunnel interface IP addressDThe GRE tunnel source interface or IP address, and tunnel destination IP addressEThe MTU size of the GRE tunnel interface
单选题You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service. What must you add to complete the security policy configuration?()AThe intranet-auth authentication optionBThe redirect-portal application serviceCThe uac-policy application serviceDThe ipsec-vpn tunnel
单选题In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()Ato specify the destination addresses to which access is permittedBto specify the source address permitted to access the resourceCto specify the services to which access is permittedDto inform the enforcer to expect policy information from the Junos Pulse Access Control Service
单选题You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()ADesign a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computersBDesign a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersCDesign a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersDDesign a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers
单选题When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()AIPsec RoutingBAccess ControlCIP Address PoolDSource Interface