通过内容安全策略(Content Security Policy,简称CSP),开发者可以指定自己页面上的图片可以来自哪些网站,网页中可以加载哪些网址的JavaScript代码。
通过内容安全策略(Content Security Policy,简称CSP),开发者可以指定自己页面上的图片可以来自哪些网站,网页中可以加载哪些网址的JavaScript代码。
相关考题:
A firewall is an approach to security; it helps implement a larger security policy that defines the services and access to be permitted.
Which CLI command provides a summary of what the content-filtering engine has blocked?() A. show security utm content-filtering statisticsB. show security flow sessionC. show security flow statisticsD. show security utm content-filtering summary
在信息安全策略体系中,下面哪一项属于计算机或信息安全的强制性规则? A.标准(Standard)B.安全策略(Security policy)C.方针(Guideline)D.流程(Procedure)
某全国连锁企业的总部和分布在全国各地的30家分公司之间经常需要传输各种内部数据,因此公司决定在总部和各分公司之间建立VPN技术。具体拓扑如下:配置部分只显示了与总部与分公司1的配置。根据拓扑完成问题1-问题3。[问题1](3分):在总部与分公司之间相连的VPN方式是(1),在IPsec工作模式中有传输模式和隧道模式,其中将源IP数据包整体封装后再进行传输的模式是(2).1备选答案:A.站点到站点 B.端到端C.端到站点[问题2](13分):请将相关配置补充完整。总部防火墙firewall1的部分配置如下。 (3)[FIREWALL1] interface(4)[FIREWALL1-GigabitEthernet1/0/2] ip address (5)[FIREWALL1-GigabitEthernet1/0/2] quit[FIREWALL1] interface GigabitEthernet 1/0/1[FIREWALL1-GigabitEthernet1/0/1] ip address 202.1.3.1 24[FIREWALL1-GigabitEthernet1/0/1] quit# 配置接口加入相应的安全区域。[FIREWALL1] firewall zone trust [FIREWALL1-zone-trust] add interface (6)[FIREWALL1-zone-trust] quit[FIREWALL1](7)[FIREWALL1-zone-untrust] add interface GigabitEthernet 1/0/1[FIREWALL1-zone-untrust] quit2. 配置安全策略,允许私网指定网段进行报文交互。# 配置Trust域与Untrust域的安全策略,允许封装前和解封后的报文能通过[FIREWALL1](8)[FIREWALL1-policy-security] rule name 1[FIREWALL1-policy-security-rule-1] source-zone (9)[FIREWALL1-policy-security-rule-1] destination-zone untrust[FIREWALL1-policy-security-rule-1] source-address (10)[FIREWALL1-policy-security-rule-1] destination-address 192.168.200.0 24[FIREWALL1-policy-security-rule-1] action (11)[FIREWALL1-policy-security-rule-1] quit…..# 配置Local域与Untrust域的安全策略,允许IKE协商报文能正常通过FIREWALL1。[FIREWALL1-policy-security] rule name 3[FIREWALL1-policy-security-rule-3] source-zone local[FIREWALL1-policy-security-rule-3] destination-zone untrust[FIREWALL1-policy-security-rule-3] source-address 202.1.3.1 32[FIREWALL1-policy-security-rule-3] destination-address 202.1.5.1 32[FIREWALL1-policy-security-rule-3] action permit[FIREWALL1-policy-security-rule-3] quit…3. 配置IPSec隧道。# 配置访问控制列表,定义需要保护的数据流。[FIREWALL1] (12)[FIREWALL1-acl-adv-3000] rule permit (13)[FIREWALL1-acl-adv-3000] quit# 配置名称为tran1的IPSec安全提议。[FIREWALL1] ipsec proposal tran1[FIREWALL1-ipsec-proposal-tran1] encapsulation-mode (14)[FIREWALL1-ipsec-proposal-tran1] transform esp[FIREWALL1-ipsec-proposal-tran1] esp authentication-algorithm sha2-256[FIREWALL1-ipsec-proposal-tran1] esp encryption-algorithm aes[FIREWALL1-ipsec-proposal-tran1] quit# 配置序号为10的IKE安全提议。[FIREWALL1] (15)[FIREWALL1-ike-proposal-10] authentication-method pre-share[FIREWALL1-ike-proposal-10] authentication-algorithm sha2-256[FIREWALL1-ike-proposal-10] quit# 配置IKE用户信息表。[FIREWALL1] ike user-table 1[FIREWALL1-ike-user-table-1] user id-type ip 202.1.5.1 pre-shared-key Admin@gkys[FIREWALL1-ike-user-table-1] quit# 配置IKE Peer。[FIREWALL1] ike peer b[FIREWALL1-ike-peer-b] ike-proposal 10[FIREWALL1-ike-peer-b] user-table 1[FIREWALL1-ike-peer-b] quit# 配置名称为map_temp序号为1的IPSec安全策略模板。[FIREWALL1] ipsec policy-template map_temp 1[FIREWALL1-ipsec-policy-template-map_temp-1] security acl 3000[FIREWALL1-ipsec-policy-template-map_temp-1] proposal tran1[FIREWALL1-ipsec-policy-template-map_temp-1] ike-peer b[FIREWALL1-ipsec-policy-template-map_temp-1] reverse-route enable[FIREWALL1-ipsec-policy-template-map_temp-1] quit# 在IPSec安全策略map1中引用安全策略模板map_temp。[FIREWALL1] ipsec policy map1 10 isakmp template map_temp# 在接口GigabitEthernet 1/0/1上应用安全策略map1。[FIREWALL1] interface GigabitEthernet 1/0/1[FIREWALL1-GigabitEthernet1/0/1] ipsec policy map1[FIREWALL1-GigabitEthernet1/0/1] quit [问题3]IPsec中,通过一些协议的处理,可以有效的保护分组安全传输。其中能够确保数据完整性,但是不能确保数据机密性的是(17),而技能报数数据传输的机密性又能保证数据完整性的是(18)
在信息安全策略体系中,下面哪一项属于计算机或信息安全的强制性规则?()A、标准(Standard)B、安全策略(Security policy)C、方针(Guideline)D、流程(Procedure)
What is a "system high" security policy?什么是一个“系统高”的安全策略?()A、A system where all users are cleared to view the most highly classified data on the system.系统上的所有用户被许可查看最高级别的数据B、A system that contains only data of one security classification.只包含一个安全级别的数据C、A system with data that contains only data of the highest security classification.只包含最高安全级别的数据D、A system that uses a Multi-Level Security Policy to separate the highly classified data from the other data residing on the system.使用多级安全策略去划分高级别数据和其他数据。
Which two configuration elements are required for a policy-based VPN?()A、IKE gatewayB、secure tunnel interfaceC、security policy to permit the IKE trafficD、security policy referencing the IPsec VPN tunnel
Which statement describes the behavior of a security policy?()A、The implicit default security policy permits all traffic.B、Traffic destined to the device itself always requires a security policy.C、Traffic destined to the device’s incoming interface does not require a security policy.D、The factory-default configuration permits all traffic from all interfaces.
TippingPoint IPS对应用保护的过滤器分为哪几类?()A、Attack Pretection,Reconnaissance,Security Policy,InformationalB、Attack Pretection,Scan,Security Policy,InformationalC、Attack Pretection,Reconnaissance,MisuserAbuse,InformationalD、Attack Pretectio,Scan,Security Policy,MisuserAbuse
When determining a customer’s security requirements using the security site survey from the steps for success methodology, which three of theses should be included in the customer’s security policy and procedures?()A、Third-party due diligence policy reviewB、Remote Access PolicyC、Encryption PolicyD、Application change control policyE、Security Personnel policy
在信息安全策略体系中,下面哪一项属于计算机或信息安全的强制性规则?()A、标准(StandarD.B、安全策略(Security policy)C、方针(GuidelinE.D、流程(ProecdurE.
You need to design a method to implement account policies that meets the requirements in the written security policy. What should you do?()A、Create a GPO and link it to the New York OU, to the Denver OU, and to the Dallas OU.Configure the GPO with the required account policy settingsB、On all computers in the domain, configure the Local Security Policy7 with the required account policy settingsC、Configure the Default Domain Policy GPO with the required account policy settingsD、Configure the Default Domain Controllers Policy GPO with the required account policy settings
You are the administrator of your company’s network. You use Security Templates to configure a Security Policy on the Windows 2000 Professional Computers in the Sales organizational unit (OU). You notice that the Computers in the Sales OU are not downloading the Security Policy settings. On each computer, the Security Policy appears in the Local Computer Policy, but is not listed as the effective policy. You want all computers in the Sales OU to have the Security Policy listed as the effective policy. How should you accomplish this task? ()A、Use Security Templates to correct the setting and export the security file.B、Use Security Configuration and Analysis to import the security setting. Then create a Group policy object (GPO) for the Sales QU.C、Use Secedit /RefreshPolicy Machine_Policy command.D、Use the Basicwk.inf security file settings, save the security file, and then import the fileto theComputers.
You work as the enterprise exchange administrator at Company.com.The Company.com network consists of a single Active Directory domain named Company.com.Company.com has an Exchange Server 2010 organization.A new Company.com security policy prohibits the employees to send certain words between them.What should you do?()A、The best option is to create an Outlook Protection Rule to comply with the Company.com security policy.B、The best option is to set up a content filtering feature to comply with the Company.com security policy.C、The best option is to create a transport rule to comply with the Company.com security policy.D、The best option is to set up a sender reputation feature to comply with the Company.com security policy.
You upgrade your computer from Windows NT Workstation to a Windows 2000 Professional computer. Your computer is a member of justtalks.com domain. Prior to this upgrade your computer was configured by a system policy to require at-least a 12 alphanumeric character password. After the upgrade your computer will not apply security policy. What should you do?()A、Use secedit.exe to refresh the security policy.B、Use the local computer policy to configure the local security policy.C、Use security configuration and analysis to support the security files as a .pol file.D、Use computer management to configure the security policy setting.
多选题When determining a customer’s security requirements using the security site survey from the steps for success methodology, which three of theses should be included in the customer’s security policy and procedures?()AThird-party due diligence policy reviewBRemote Access PolicyCEncryption PolicyDApplication change control policyESecurity Personnel policy
单选题You have a standalone computer that runs Windows 7. Multiple users share the computer. You need toensure that you can read the content of all encrypted files on the computer. What should you do?()ARun the Certificates Enrollment wizard and then run Certutil.exe importpfx.BRun the Certificates Enrollment wizard and then run Certutil.exe installcert.CRun Cipher.exe /r and then add a data recovery agent from the local security policy.DRun Cipher.exe /rekey and then import a security template from the local security policy.
单选题You work as the enterprise exchange administrator at Company.com.The Company.com network consists of a single Active Directory domain named Company.com.Company.com has an Exchange Server 2010 organization.A new Company.com security policy prohibits the employees to send certain words between them.What should you do?()AThe best option is to create an Outlook Protection Rule to comply with the Company.com security policy.BThe best option is to set up a content filtering feature to comply with the Company.com security policy.CThe best option is to create a transport rule to comply with the Company.com security policy.DThe best option is to set up a sender reputation feature to comply with the Company.com security policy.
单选题你用VisualStudio.NET创建了一个应用程序,你使用TestKing公司的内部网部署应用程序到客户计算机上。你的应用程序使用的是企业级安全策略。病毒的攻击使TestKing公司的IT管理员采用更加严格的安全策略,采用计算机级安全策略。用户报告说现在不能执行你的应用程序,你该怎样处理这个问题?()A通过使用Permview.exe工具(Permission View tool),在企业级内部代码组策略中包含LevelFinal属性。B通过使用Permview.exe工具(Permission View tool),在企业级内部代码组策略中包含Exclusive属性。C通过使用Caspol.exe工具(Code Access Security Policy tool),在企业级内部代码组策略中包含LevelFinal属性。D通过使用Caspol.exe工具(Code Access Security Policy tool),在企业级内部代码组策略中包含Exclusive属性。
单选题How do you apply UTM enforcement to security policies on the branch SRX series?()AUTM profiles are applied on a security policy by policy basis.BUTM profiles are applied at the global policy level.CIndividual UTM features like anti-spam or anti-virus are applied directly on a security policy by policy basis.DIndividual UTM features like anti-spam or anti-virus are applied directly at the global policy level.
单选题Which statement describes the behavior of a security policy?()AThe implicit default security policy permits all traffic.BTraffic destined to the device itself always requires a security policy.CTraffic destined to the device’s incoming interface does not require a security policy.DThe factory-default configuration permits all traffic from all interfaces.
单选题Which Cisco product family can simultaneously implement firewall, VPN, content security, network access control, virtualization, anD content filtering?()Acatalyst switchesBadaptive security appliancesCintrusion prevention systemsDprotect link gateway
单选题A deviation from an organization-wide security policy requires which of the following?从组织范围的安全策略偏离需要下列哪项?()ARisk Reduction降低风险BRisk Containment风险控制CRisk acceptance风险接受DRisk Assignment风险分配
单选题在信息安全策略体系中,下面哪一项属于计算机或信息安全的强制性规则?()A标准(StandarD.B安全策略(Security policy)C方针(GuidelinE.D流程(ProecdurE.
单选题Which CLI command provides a summary of what the content-filtering engine has blocked?()Ashow security utm content-filtering statisticsBshow security flow sessionCshow security flow statisticsDshow security utm content-filtering summary
判断题通过内容安全策略(Content Security Policy,简称CSP),开发者可以指定自己页面上的图片可以来自哪些网站,网页中可以加载哪些网址的JavaScript代码。A对B错