的命令提示符运行以下命令,netsh advfirewall firewall add rule name="CustomRule" profile=domain protocol=TCP dir=in localport=80 action=allow,做了哪些配置?() A.创建了一个入站规则,只应用在域配置文件中封锁80端口通信B.创建了一个出站规则,只应用在域配置文件中封锁80端口通信C.创建了一个入站规则,只应用在域配置文件中允许80端口通信D.创建了一个出站规则,只应用在域配置文件中允许80端口通信
的命令提示符运行以下命令,netsh advfirewall firewall add rule name="CustomRule" profile=domain protocol=TCP dir=in localport=80 action=allow,做了哪些配置?()
A.创建了一个入站规则,只应用在域配置文件中封锁80端口通信
B.创建了一个出站规则,只应用在域配置文件中封锁80端口通信
C.创建了一个入站规则,只应用在域配置文件中允许80端口通信
D.创建了一个出站规则,只应用在域配置文件中允许80端口通信
相关考题:
Your network contains a server named Server1 that has Windows Server 2008 R2.An administrator runs the following command on Server1: netsh.exe advfirewall reset You discover that you can no longer access Server1 on port 3389.You need to ensure that you can access Server1 on port 3389.Which firewall rule should you enable?()A. File and Printer Sharing (Echo Request ICMPv4-In)B. File and Printer Sharing (SMB-In)C. Remote Desktop (TCP-In)D. Remote Service Management (RPC)
以下命令针对网络服务的端口配置,解释以下配置命令:firewall(config)fixup protocol http 8080(10)firewall(config)no fixup protocol ftp 21(11)
某全国连锁企业的总部和分布在全国各地的30家分公司之间经常需要传输各种内部数据,因此公司决定在总部和各分公司之间建立VPN技术。具体拓扑如下:配置部分只显示了与总部与分公司1的配置。根据拓扑完成问题1-问题3。[问题1](3分):在总部与分公司之间相连的VPN方式是(1),在IPsec工作模式中有传输模式和隧道模式,其中将源IP数据包整体封装后再进行传输的模式是(2).1备选答案:A.站点到站点 B.端到端C.端到站点[问题2](13分):请将相关配置补充完整。总部防火墙firewall1的部分配置如下。 (3)[FIREWALL1] interface(4)[FIREWALL1-GigabitEthernet1/0/2] ip address (5)[FIREWALL1-GigabitEthernet1/0/2] quit[FIREWALL1] interface GigabitEthernet 1/0/1[FIREWALL1-GigabitEthernet1/0/1] ip address 202.1.3.1 24[FIREWALL1-GigabitEthernet1/0/1] quit# 配置接口加入相应的安全区域。[FIREWALL1] firewall zone trust [FIREWALL1-zone-trust] add interface (6)[FIREWALL1-zone-trust] quit[FIREWALL1](7)[FIREWALL1-zone-untrust] add interface GigabitEthernet 1/0/1[FIREWALL1-zone-untrust] quit2. 配置安全策略,允许私网指定网段进行报文交互。# 配置Trust域与Untrust域的安全策略,允许封装前和解封后的报文能通过[FIREWALL1](8)[FIREWALL1-policy-security] rule name 1[FIREWALL1-policy-security-rule-1] source-zone (9)[FIREWALL1-policy-security-rule-1] destination-zone untrust[FIREWALL1-policy-security-rule-1] source-address (10)[FIREWALL1-policy-security-rule-1] destination-address 192.168.200.0 24[FIREWALL1-policy-security-rule-1] action (11)[FIREWALL1-policy-security-rule-1] quit…..# 配置Local域与Untrust域的安全策略,允许IKE协商报文能正常通过FIREWALL1。[FIREWALL1-policy-security] rule name 3[FIREWALL1-policy-security-rule-3] source-zone local[FIREWALL1-policy-security-rule-3] destination-zone untrust[FIREWALL1-policy-security-rule-3] source-address 202.1.3.1 32[FIREWALL1-policy-security-rule-3] destination-address 202.1.5.1 32[FIREWALL1-policy-security-rule-3] action permit[FIREWALL1-policy-security-rule-3] quit…3. 配置IPSec隧道。# 配置访问控制列表,定义需要保护的数据流。[FIREWALL1] (12)[FIREWALL1-acl-adv-3000] rule permit (13)[FIREWALL1-acl-adv-3000] quit# 配置名称为tran1的IPSec安全提议。[FIREWALL1] ipsec proposal tran1[FIREWALL1-ipsec-proposal-tran1] encapsulation-mode (14)[FIREWALL1-ipsec-proposal-tran1] transform esp[FIREWALL1-ipsec-proposal-tran1] esp authentication-algorithm sha2-256[FIREWALL1-ipsec-proposal-tran1] esp encryption-algorithm aes[FIREWALL1-ipsec-proposal-tran1] quit# 配置序号为10的IKE安全提议。[FIREWALL1] (15)[FIREWALL1-ike-proposal-10] authentication-method pre-share[FIREWALL1-ike-proposal-10] authentication-algorithm sha2-256[FIREWALL1-ike-proposal-10] quit# 配置IKE用户信息表。[FIREWALL1] ike user-table 1[FIREWALL1-ike-user-table-1] user id-type ip 202.1.5.1 pre-shared-key Admin@gkys[FIREWALL1-ike-user-table-1] quit# 配置IKE Peer。[FIREWALL1] ike peer b[FIREWALL1-ike-peer-b] ike-proposal 10[FIREWALL1-ike-peer-b] user-table 1[FIREWALL1-ike-peer-b] quit# 配置名称为map_temp序号为1的IPSec安全策略模板。[FIREWALL1] ipsec policy-template map_temp 1[FIREWALL1-ipsec-policy-template-map_temp-1] security acl 3000[FIREWALL1-ipsec-policy-template-map_temp-1] proposal tran1[FIREWALL1-ipsec-policy-template-map_temp-1] ike-peer b[FIREWALL1-ipsec-policy-template-map_temp-1] reverse-route enable[FIREWALL1-ipsec-policy-template-map_temp-1] quit# 在IPSec安全策略map1中引用安全策略模板map_temp。[FIREWALL1] ipsec policy map1 10 isakmp template map_temp# 在接口GigabitEthernet 1/0/1上应用安全策略map1。[FIREWALL1] interface GigabitEthernet 1/0/1[FIREWALL1-GigabitEthernet1/0/1] ipsec policy map1[FIREWALL1-GigabitEthernet1/0/1] quit [问题3]IPsec中,通过一些协议的处理,可以有效的保护分组安全传输。其中能够确保数据完整性,但是不能确保数据机密性的是(17),而技能报数数据传输的机密性又能保证数据完整性的是(18)
某公司在外地新开了一家分公司,现管理员希望在总部与分公司之间通过vpn建立连接。根据拓扑图,完成下列问题。[问题1](3分)该公司所选用的VPn技术为IPSec。它工作在TCP/IP协议栈的(1)层,能为TCP/IP通信提供访问控制机密性、数据源验证、抗重放、数据完整性等多种安全服务。其中能够确保数据完整性,但是不确保数据机密性的协议是(2),既能报数数据传输的机密性又能保证数据完整性的是协议是(3)。[问题2](4分):请将相关配置补充完整。总部防火墙firewall1的部分配置如下。…# 配置Trust域与Untrust域的安全策略,允许封装前和解封后的报文能通过[FIREWALL1] (5)[FIREWALL1-policy-security] rule name 1[FIREWALL1-policy-security-rule-1] source-zone trust[FIREWALL1-policy-security-rule-1] destination-zone untrust[FIREWALL1-policy-security-rule-1] source-address (6)[FIREWALL1-policy-security-rule-1] destination-address(7)[FIREWALL1-policy-security-rule-1] quit[FIREWALL1] acl 3000[FIREWALL1-acl-adv-3000] rule (8)ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255[FIREWALL1-acl-adv-3000] quit…
What is a vaild action for a firewall filter?()A、then dropB、then countC、then allowD、then community add
A Windows Azure application is activated for Windows Azure Connect A corporate policy blocks Internet traffic for local servers. You need to recommend the firewall rule that will allow Windows Azure Connect traffic for local servers. What should you recommend?()A、 Allow TCP port 443 inbound.B、 Allow TCP port 3389 outbound.C、 Allow TCP port 3389 inbound.D、 Allow TCP port 443 outbound.
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. You create and enforce the default AppLocker executable rules. Users report that they can no longer execute a legacy application installed in the root of drive C. You need to ensure that the users can execute the legacy application. What should you do?()A、Modify the action of the existing rulesB、Create a new rule.C、Add an exception to the existing rulesD、Delete an existing rule
客户路由器的接口GigabitEthernet0/0 下连接了局域网主机HostA,其IP 地址为192.168.0.2/24;接口Serial6/0 接口连接远端,目前运行正常。现增加ACL 配置如下: firewall enable firewall default permit acl number 3003 rule 0 permit tcp rule 5 permit icmp acl number 2003 rule 0 deny source 192.168.0.0 0.0.0.255 interface GigabitEthernet0/0 firewall packet-filter 3003 inbound packet-filter 包过滤 firewall packet-filter 2003 outbound ip address 192.168.0.1 255.255.255.0 interface Serial6/0 link-protocol ppp ip address 6.6.6.2 255.255.255.0 假设其他相关配置都正确,那么()A、HostA不能ping通该路由器上的两个接口地址B、HostA不能ping通6.6.6.2,但是可以ping通192.168.0.1C、HostA不能ping通192.168.0.1,但是可以ping通6.6.6.2D、HostA可以Telnet到该路由器上
下面语句中,正确的是()A、public.class.AddAction.implements.Action{...extends.ActionB、mapping.findForward("/ch01/result.jsp");findForward(“name”),new.ActionForward(“/ch01/result.jsp”)C、form.method="get"action="add.do"D、action.name="addAction"path="/add"type="y2ssh.sg.web.action.AddAction"Name指form的名字
以下配置邮件主题过滤关键字错误的是()。A、firewall smtp-filter subject add*B、firewall smtp-filter subject add*hello*C、firewall smtp-filter subject addhel loD、firewall smtp-filter subject add"hel lo"
Two BGP peers connected through a routed firewall are unable to establish a peering relationship. What could be the most likely cause? ()A、 BGP peers must be Layer 2-adjacentB、 EBGP multihop is not configuredC、 The firewall is not configured to allow IP protocol 89D、 The firewall is not configured to allow UDP 179.
You have a server that runs Windows Server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do()A、 From Windows Firewall, add an exceptionB、 From windows Firewall enable the block all incoming connections optionC、 From the Windows Firewall with Advanced Security snap-in, create an inbound ruleD、 From the Windows Firewall with Advanced Security snap-in, create an outbound rule.
You have a server that runs windows server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do?()A、From windows firewall, add an exception.B、From windows firewall enable the block all incoming connections option.C、From the windows firewall with advanced security snap-in, create an inbound rule.D、From the windows firewall with advanced security snap-in, create an outbound rule.
你有一台运行Windows 7的计算机。这台计算机上的IPv6地址是自动配置的。你要识别这台计算机上的IPv6地址,你该怎么做?()A、在命令提示符下,运行 NetstatB、在命令提示符下,运行 Net configC、在“网络连接状态”中,单击“详细信息”D、在“网络连接”属性中,选择Internet Protocol Version 6 (TCP/IPv6) 并单击“属性”
The network at Company Ltd. consists of one Windows NT Server 4.0 domain and 35 Windows 2000Professional computers. The Company network consists of five interconnected TCP/IP subnets. All of thecomputers use TCP/IP as the only network protocol.You are adding 15 Windows 2000 Professional computers to the network. You want to enable theWindows 2000 Professional computers to resolve NetBIOS names to TCP/IP addresses.What should you do? ()A、Install a DHCP server. Configure each computer to use DHCP. B、Install a WINS server. Configure each computer to use WINS. C、Create a Lmhosts.sam file on each computer. Add an entry containing the TCP/IP address and NetBIOS name for each computer on the network. D、Create a Hosts.sam file on each computer. Add an entry containing the TCP/IP address and NetBIOS name for each computer on the network.
Your network contains an Active Directory domain named contoso.com. The domain contains an application server named Server1. Server1 runs Windows Server 2012 R2. You have a client application named App1 that communicates to Server1 by using dynamic TCP ports. On Server1, a technician runs the following command: New-NetFirewallRule -DisplayName AllowDynamic -Direction Outbound -LocalPort 1024- 65535 -Protocol TCP Users report that they can no longer connect to Server1 by using Appl. You need to ensure that App1 can connect to Server1. What should you run on Server1?()A、Set-NetFirewallRule -DisplayName AllowDynamic -Action AllowB、netsh advfirewall firewall set rule name=allowdynamic new action = allowC、Set-NetFirewallRule -DisplayName AllowDynamic -Direction InboundD、netsh advfirewall firewall add rule name=allowdynamic action=allow
Your network contains a server named Server1 that has Windows Server 2008 R2.An administrator runs the following command on Server1: netsh.exe advfirewall reset You discover that you can no longer access Server1 on port 3389.You need to ensure that you can access Server1 on port 3389.Which firewall rule should you enable?()A、File and Printer Sharing (Echo Request ICMPv4-In)B、File and Printer Sharing (SMB-In)C、Remote Desktop (TCP-In)D、Remote Service Management (RPC)
单选题的命令提示符运行以下命令,netsh advfirewall firewall add rule name="CustomRule" profile=domain protocol=TCP dir=in localport=80 action=allow,做了哪些配置?()A创建了一个入站规则,只应用在域配置文件中封锁80端口通信B创建了一个出站规则,只应用在域配置文件中封锁80端口通信C创建了一个入站规则,只应用在域配置文件中允许80端口通信D创建了一个出站规则,只应用在域配置文件中允许80端口通信
单选题You install Windows Server 2008 R2 (Server Core Installation) on a server. You need to be able to remotely manage storage on the server by using Disk Manager. What should you do?()AInstall the Microsoft Remote Server Administration Tools (RSAT).BUse the DISKPART utility to run the attributes volume clear readonly command for each volume.CRun the netsh advfirewall Firewall set rule group=Remote Administration new enable=yes command.DRun the netsh advfirewall Firewall set rule group=Remote Volume Management new enable=yes command.
单选题What is a vaild action for a firewall filter?()Athen dropBthen countCthen allowDthen community add
单选题Your network contains an Active Directory domain named contoso.com. The domain contains an application server named Server1. Server1 runs Windows Server 2012 R2. You have a client application named App1 that communicates to Server1 by using dynamic TCP ports. On Server1, a technician runs the following command: New-NetFirewallRule -DisplayName AllowDynamic -Direction Outbound -LocalPort 1024- 65535 -Protocol TCP Users report that they can no longer connect to Server1 by using Appl. You need to ensure that App1 can connect to Server1. What should you run on Server1?()ASet-NetFirewallRule -DisplayName AllowDynamic -Action AllowBnetsh advfirewall firewall set rule name=allowdynamic new action = allowCSet-NetFirewallRule -DisplayName AllowDynamic -Direction InboundDnetsh advfirewall firewall add rule name=allowdynamic action=allow
单选题You need to prevent a custom application from connecting to the Internet. What should you do?()AFrom Windows Firewall, add a program.BFrom Windows Defender, modify the Allowed items list.CFrom Windows Firewall with Advanced Security, create an inbound rule.DFrom Windows Firewall with Advanced Security, create an outbound rule.
单选题Your network contains an Active Directory domain.The domain contains a member server named Server1. Server1 has a single network connection.You need to log every attempt to connect to Server1 on a restricted port.What should you do?()AChange the settings of the private firewall profile.BChange the settings of the domain firewall profile.CModify the properties of the inbound firewall rules.DModify the properties of the outbound firewall rules.
单选题You have a server that runs Windows Server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do()A From Windows Firewall, add an exceptionB From windows Firewall enable the block all incoming connections optionC From the Windows Firewall with Advanced Security snap-in, create an inbound ruleD From the Windows Firewall with Advanced Security snap-in, create an outbound rule.
单选题您在运行 Windows Server 2008的服务器上安装了Web服务器(IIS)角色。公司默认网站的IP地址是 10.10.0.1。您添加了名为HelpDesk的网站。HelpDesk网站无法启动。您需要配置Helpdesk网站以使其可启动。该怎么做?()A在服务器上运行 iisreset /enable 命令。B将 Helpdesk 网站配置为使用主机头。C 在服务器上运行 appcmd add site /name: HelpDesk /id:2 /physicalPath: c:/HelpDesk /binding:http/*:80:helpdesk 命令。D在服务器上,在 Microsoft Windows PowerShell 工具中运行 set-location Cliteralpath d:/HelpDesk_content HelpDesk ID://2 location port:80 domain:helpdesk 命令。
单选题Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. You create a new inbound rule by using Windows Firewall with Advanced Security. You need to configure the rule to allow Server1 to accept unsolicited inbound packets that are received through a network address translation (NAT) device on the network. Which setting in the rule should you configure?()AEdge traversalBAuthorized computersCInterface typesDRemote IP address
单选题A Windows Azure application is activated for Windows Azure Connect A corporate policy blocks Internet traffic for local servers. You need to recommend the firewall rule that will allow Windows Azure Connect traffic for local servers. What should you recommend?()A Allow TCP port 443 inbound.B Allow TCP port 3389 outbound.C Allow TCP port 3389 inbound.D Allow TCP port 443 outbound.
单选题Two BGP peers connected through a routed firewall are unable to establish a peering relationship. What could be the most likely cause? ()A BGP peers must be Layer 2-adjacentB EBGP multihop is not configuredC The firewall is not configured to allow IP protocol 89D The firewall is not configured to allow UDP 179.