JN0-140 题目列表
单选题Which additional configuration must be completed when setting up role restrictions using certificates? ()ASet up a certificate authentication server.BConfigure the authentication realm to remember certificate information.CConfigure the authentication realm to use a certificate server for authentication.DConfigure a role mapping rule requiring certification information to map user to role.
单选题Your company has a mix of employees and contractors. Contractor usernames always begin with"con-"; employee usernames never begin with "con-". You need to give employees access to allresources and give contractors access to a limited set of resources. Employee and contractor roles have been created with the appropriate access privileges, and the realm is set to merge settings for all assigned roles. Which role mapping ruleset would result in the correct access privileges being assigned?()Ausername=* - Employee-role Stop username=con-* - Contractor-roleBusername=* - Employee-role username=con-* - Contractor-role StopCusername=con-* - Contractor-role Stop username=* - Employee-roleDusername=con-* - Contractor-role username=* - Employee-role Stop
单选题A customer has installed UAC in their network. They have both Windows and Linux endpoints andmust choose a deployment method that everyone can use. Which deployment method allows for multiple platforms? ()AIPsec enforcementB802.1X enforcementCSource IP enforcementDOdyssey Access Client
单选题When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()AIPsec RoutingBAccess ControlCIP Address PoolDSource Interface
单选题What will serve as a RADIUS Client to the Infranet Controller for 802.1x authentication? ()Aan ACE serverBa wireless networkCan Ethernet switchDOdyssey Access Client
单选题Which configuration option can be set either in the initial console menu or the Admin UI of the Infranet Controller? ()AVLAN IDBHostnameCDomain nameDAdministrative timeout
多选题Which three statements about dynamic filtering are true? ()ADynamic filtering creates a query statement.BDynamic filtering has an option to save query.CDynamic filtering can select any log field to filter.DDynamic filtering permanently removes other log entries.EDynamic filtering redraws the log when you select a variable link.
单选题Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()AYou do not need to configure a RADIUS client policy.BYou must know the exact model number of the Infranet Enforcer.CYou must specify the NACN password of the device in the RADIUS client policy.DYou do not need to designate a location group to which the Infranet Enforcer will belong.
单选题What happens when Host Checker is configured to perform checks every "0" minutes? ()AHost Checker is disabled.BHost Checker will perform continous checks.CHost Checker will perform checks when user logs out.DHost Checker will perform checks when user first logs in.
多选题Which two methods of authentication are used by the Infranet Controller for IPSec enforcement?()Adial-up VPNBIKE authenticationCXAuth authenticationDshared IKE authentication
多选题If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()AAll roles are evaluated together.BEach role is evaluated separately.CClients must pass all policies to access the role.DClients will pass as long as one policy is accepted.
单选题What must be updated regularly to detect the newest versions of personal firewalls on endpoints? ()AInfranet Enforcer firmwareBInfranet Controller rollback softwareCHost Security Assessment Plug-in (HSAP)DEndpoint Security Assessment Plug-in (ESAP)
单选题What is the primary purpose of creating a Location Group Policy? ()Ato associate more than one realm with an authentication serverBto logically group network access devices and associate them with specific sign-in policiesCto allow or prevent users from accessing resources in specific locations on the networkDto define the URL that users of network access devices can use to access the Infranet Controller
单选题Which log contains information about service restarts, system errors, warnings, and requests to check server connectivity? ()AEvents logBSystem logCUser Access logDAdmin Access log
多选题Which two statements are true about applying Host Checker at the realm level?()AIf Evaluate is checked then the client must pass policy to get the sign-in page.BIf Evaluate is checked then the client can fail policy and still get the sign-in page.CIf Require and Enforce is checked then the client must pass policy to get the sign-in page.DIf Require and Enforce is checked then the client can fail policy and still get the sign-in page.