单选题Context-Based Access Control (CBAC) is the algorithm of the Cisco IOS firewall feature. How does CBAC improve Teleworker security?()AInbound packets are permitted only if they are part of a legitimate data flow initiated by a device on the Teleworker home network.BAll packets are checked for integrity by analyzing their checksum.CEvery packet is checked to see if it was sent through the VPN tunnel.DEvery packet is inspected to see if any disallowed URLs are included. URLs are forwarded to the security cache engine for authorization.
单选题
Context-Based Access Control (CBAC) is the algorithm of the Cisco IOS firewall feature. How does CBAC improve Teleworker security?()
A
Inbound packets are permitted only if they are part of a legitimate data flow initiated by a device on the Teleworker home network.
B
All packets are checked for integrity by analyzing their checksum.
C
Every packet is checked to see if it was sent through the VPN tunnel.
D
Every packet is inspected to see if any disallowed URLs are included. URLs are forwarded to the security cache engine for authorization.
参考解析
解析:
暂无解析
相关考题:
Which Junos Pulse Access Control Service client provides a built-in viewer to access local logs?() A. Odyssey Access ClientB. Junos PulseC. Java agentD. Agent less access
Which three types of policies must you configure to allow remote users transparent access to protected resources using IF-MAP Federation between a Junos Pulse Secure Access Service and a Junos Pulse Access Control Service?()A. Session-Export policies on the Junos Pulse Secure Access ServiceB. Session-Export policies on the Junos Pulse Access Control ServiceC. Session-Import policies on the Junos Pulse Secure Access ServiceD. Session-Import policies on the Junos Pulse Access Control ServiceE. Resource access policies on the Junos Pulse Access Control Service
You are receiving reports of possible unauthorized access to resources protected by a firewall enforcer running the Junos OS. You want to verity which users are currently accessing resources through the enforcer.Which command should you use to verify user access on the enforcer?()A. show services unified-access-control authentication-tableB. show auth tableC. show services unified-access-control policiesD. show services unified-access-control captive-portal
In the fields of physical security and information security,access control is the selective restriction of access to a place or other resource.The act of accessing may mean consuming,entering,or using.Permission to access a resource is called authorization(授权).An access control mechanism(71)between a user(or a process executing on behalf of a user)and system resources,such as applications,operating systems,firewalls,routers,files,and databases.The system must first authenticate(验证)a user seeking access.Typically the authentication function determines whether the user is(72)to access the system at all.Then the access control function determines if the specific requested access by this user is permitted.A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user.The access control function consults this database to determine whether to(73)access.An auditing function monitors and keeps a record of user accesses to system resources.In practice,a number of(74)may cooperatively share the access control function.All operating systems have at least a rudimentary(基本的),and in many cases a quite robust,access control component.Add-on security packages can add to the(75)access control capabilities of the OS.Particular applications or utilities,such as a database management system,also incorporate access control functions.External devices,such as firewalls,can also provide access control services.A.cooperatesB.coordinatesC.connectsD.mediates
You are a technician at TestKing. Your assistant applied an IP access control list to Router TK1. You want to check the placement and direction of the access control list.Which command should you use?()A. show access-listB. show ip access-listC. show ip interfaceD. show interfaceE. show interface list
在通信专业中,MAC 的英文全称是(),调制的英文通常翻译为()。A、Media access control B、media access concect C、medtiple access control D、multiple access connect A、adjust B、medies C、modulation D、modulator
System and application access control is to prevent( )access to systems and applications.Access to information and application system functions shall be restricted in accordance with the access control policy.A.physicalB.specialC.authorizedD.unauthorized
A corporation is not concerned about wireless use by Teleworkers. Authentication for any application first requires access via a web browser to a protected site. Given these requirements, choose the appropriate security feature to use to enforce the security policy.()A、Authentication ProxyB、802.1X C、Context-Based Access ControlD、Intrusion Detection SystemE、Stateful firewall
You are a technician at TestKing. Your assistant applied an IP access control list to Router TK1. You want to check the placement and direction of the access control list.Which command should you use?()A、show access-listB、show ip access-listC、show ip interfaceD、show interfaceE、show interface list
A site administrator is configuring Resource-level access control. Which of the following statements about Resource-level access control are true? Resource-level access control policies:()A、are optionalB、are used to protect data beansC、provide coarse-grained access controlD、never specify a relationship
SDCCH全拼是()A、Traffic ChannelB、Broadcast Control ChannelC、Stand-Alone Dedicated Control ChannelD、Access Granted Channel
一个部门经理有访问下属员工薪水的权限,但不能访问其他部门人员的薪水数据,实现这种的安全策略的数据安全机制实现的是下面哪种机制:()A、基于内容的访问控制(Content-dependent access control)B、基于属主的访问控制(Ownership-based access control)C、最小权限访问控制(Leastprivileges access control)D、基于内容上下文的访问控制(Context-dependent access control)
A site administrator is configuring Command-level access control. Which of the following statements about Command-level access control are true? Command level access control policies: ()A、are mandatoryB、specify action group ExecuteCommandActionGroup for Controller commandsC、specify action group ViewCommandActionGroup for View commandsD、specify resource group ControllerCommandResourceGroup for Controller commandsE、specify resource group ViewCommandResourceGroup for View commands
In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()A、to specify the destination addresses to which access is permittedB、to specify the source address permitted to access the resourceC、to specify the services to which access is permittedD、to inform the enforcer to expect policy information from the Junos Pulse Access Control Service
单选题You are validating the configuration of your SRX Series device and see the output shown below. What does this indicate?()A The SRX Series device has been configured correctly, the Junos Pulse Access Control Service is reachable on the network, and the SRX Series device is waiting to receive the initial connection from the Junos Pulse Access Control Service.B The SRX Series device has confirmed that the Junos Pulse Access Control Service is configured and is reachable on the network, the SRX Series device is waiting to receive the connection from the Junos Pulse Access Control Service, and all that remains to be accomplished is to configure the SRX Series device.C The SRX Series device is configured correctly and connected to the Junos Pulse Access Control Service. All that remains to be done to complete the configuration is to configure the SRX Series device on the Junos Pulse Access Control Service.D Both the Junos Pulse Access Control Service and the SRX Series device are configured correctly and communicating with each other.
多选题A customer has purchased a new Junos Pulse Access Control Service and wants to install it in an existing cluster.After initial configuration, the customer finds that the firmware version running on the Junos Pulse Access Control Service is 4.1 r5, but the existing cluster is running firmware version 4.1 r3. Which two actions must be performed to allow the new Junos Pulse Access Control Service to load the older version of firmware?()AInstall a valid license on the new Junos Pulse Access Control Service.BWhen loading the older firmware, delete all the existing data on the Junos Pulse Access Control Service.CAdd the new Junos Pulse Access Control Service to the existing cluster.DDownload the 4.1 r3 version firmware from the Juniper support website.
多选题You want to create a security policy on an SRX240 that redirects unauthenticated users back to the Junos Pulse Access Control Service.Which two steps must you take to accomplish this task?()AConfigure a captive-portal service that redirects all traffic back to the Junos Pulse Access Control Service.BConfigure a security policy that references the unified-access-control captive-portal service.CConfigure a captive-portal service that redirects unauthenticated traffic back to the Junos Pulse Access Control Service.DConfigure a security policy that references the unified-access-control intranet-controller service.
单选题You are deploying a Junos Pulse Access Control Service cluster in active/passive mode. How do you configure the IP address on the SRX Series devices?()AConfigure a single Junos Pulse Access Control Service instance on the enforcer, specifying the VIP as the IP address the instance.BConfigure multiple Junos Pulse Access Control Service instances on the enforcer, specifying the specific IP address each device in a separate instance.CConfigure a single Junos Pulse Access Control Service instance on the enforcer, specifying the VIP and active node address in the instance.DConfigure a single Junos Pulse Access Control Service instance on the enforcer, specifying the VIP and passive node address in the instance.
多选题A customer has purchased a third-party switch to use for Layer 2 access with their Junos Pulse Access Controe Service. When configuring the switch on the Junos Pulse Access Control Service, the customer does not find a make/model entry for it . Which two actions should the customer take to make the switch work with the Junos Pulse Access Control Service?()AAdd the switch to the Junos Pulse Access Control Service as a standard RADIUS.BAdd the switch to the Junos Pulse Access Control Service using the Any make/model.CAdd the switch as a firewall enforcer.DObtain and configure the RADIUS dictionary for the switch and use that vendor listing for the make/model.
多选题Which three types of policies must you configure to allow remote users transparent access to protected resources using IF-MAP Federation between a Junos Pulse Secure Access Service and a Junos Pulse Access Control Service?()ASession-Export policies on the Junos Pulse Secure Access ServiceBSession-Export policies on the Junos Pulse Access Control ServiceCSession-Import policies on the Junos Pulse Secure Access ServiceDSession-Import policies on the Junos Pulse Access Control ServiceEResource access policies on the Junos Pulse Access Control Service
多选题A site administrator is configuring Resource-level access control. Which of the following statements about Resource-level access control are true? Resource-level access control policies:()Aare optionalBare used to protect data beansCprovide coarse-grained access controlDnever specify a relationship
多选题What are two use cases enabled by IF-MAP Federation?()AUsers authenticated to one Junos Pulse Access Control Service can transparently access resources protected by another Junos Pulse Access Control Service.BUsers authenticated to a Junos Pulse Access Control Service can transparently access resources protected by a Junos Pulse Secure Access Service.CRemote access users authenticated to a Junos Pulse Secure Access Service can transparently access resources protected by a Junos Pulse Access Control Service.DRemote access users authenticated to one Junos Pulse Secure Access Service can transparently access resources protected by another Junos Pulse Secure Access Service.
单选题You are receiving reports of possible unauthorized access to resources protected by a firewall enforcer running the Junos OS. You want to verity which users are currently accessing resources through the enforcer.Which command should you use to verify user access on the enforcer?()Ashow services unified-access-control authentication-tableBshow auth tableCshow services unified-access-control policiesDshow services unified-access-control captive-portal
多选题You have three classes of users on your network: employee, contractor, and IT administrator. You configure the Junos Pulse Access Control Service to assign roles to each user class and require that a specific wireless SSID be preconfigured for the Odyssey Access Client based on the role. Which configuration method should you use to satisfy this scenario?()ACreate a Settings Update file in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under User Roles Agent Odyssey Settings Preconfigured Installer.BConfigure a wired adapter and assign the required SSID under User Roles Agent Odyssey Settings.CCreate a script in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under User Roles Agent Odyssey Settings Preconfigured Installer.DCreate a Preconfiguration file in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under User Roles Agent Odyssey Settings Preconfigured Installer.
单选题In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()Ato specify the destination addresses to which access is permittedBto specify the source address permitted to access the resourceCto specify the services to which access is permittedDto inform the enforcer to expect policy information from the Junos Pulse Access Control Service
单选题You are a technician at TestKing. Your assistant applied an IP access control list to Router TK1. You want to check the placement and direction of the access control list.Which command should you use?()Ashow access-listBshow ip access-listCshow ip interfaceDshow interfaceEshow interface list
单选题Which Junos Pulse Access Control Service client provides a built-in viewer to access local logs?()AOdyssey Access ClientBJunos PulseCJava agentDAgent less access