Which of the following documents should always be kept up-to-date after any major changes aremade to a network backbone?（）A、Network diagramB、Performance baselineC、Network security procedureD、Company policy

第1题：

第2题：

A company wants to secure access to its internal wireless network. The company wants to use themost secure means to access the network. Which of the following is the BEST choice for wireless security in this situation?（）

• A、WEP encryption
• B、Channel rotation
• C、Disable SSID
• D、WPA encryption

第3题：

A company’s wireless network is called FOO and it is not publicly visible. In a wirelessconfiguration wizard, in which of the following locations should the technician put FOO?（）

• A、SSID
• B、WPA Passphrase
• C、WEP Key
• D、Network Path

第4题：

Which should be the key driver for a company security policy’s creation， implementation and enforcement？（）

• A、 the business knowledge of the IT staff
• B、 the technical knowledge of the IT staff
• C、 the company’s business objectives
• D、 the company’s network topology
• E、 the IT future directions

第5题：

An administrator replaces the network card in a web server. After replacing the network card some users can access the server but others cannot.  Which of the following is the FIRST thing the administrator should check？（）

• A、 Default gateway
• B、 The ports on the switch
• C、 Port security on the servers switch port
• D、 Ethernet cable

第6题：

An administrator replaces the network card in a web server. After replacing the network card some users can access the server but others cannot. Which of the following is the FIRST thing the administrator should check?（）

• A、Default gateway
• B、The ports on the switch
• C、Port security on the server's switch port
• D、Ethernet cable

第7题：

The warranty expiration date of each server should be recorded in which of the following documents？（）

• A、Asset management
• B、Network diagram
• C、Server baseline
• D、List of vendors

第8题：

All client computers on your company network run Windows 7 and are members of an Active Directory Domain Services domain. Employees using portable computers report that they get connected to a coffee shop wireless network from the company conference room. You need to ensure that the employees connect to the company wireless network by default from anywhere within the company premises. What should you do?（）

• A、Configure the Network authentication (Shared mode) setting.
• B、Apply a Wireless Network Policy to set the network type to WPA-PSK.
• C、Apply a Wireless Network Policy to automatically connect to the company wireless network.
• D、Apply a Wireless Network Policy to set the company wireless network as the preferred network.

第9题：

第10题：

第11题：

第12题：

第13题：

Which of the following statements is true about the 80/20 rule （Select all that apply）？（）

• A、20 percent of the traffic on a network segment should be local.
• B、no more than 20 percent of the network traffic should be able to move across a backbone.
• C、no more than 80 percent of the network traffic should be able to move across a backbone.
• D、80 percent of the traffic on a network segment should be local.

第14题：

An administrator has completed the installation of a new WLAN. Which of the following configuration management documents needs to be updated?（）

• A、Logical network diagram
• B、History logs
• C、Baseline configurations
• D、Wiring schematics

第15题：

A network vulnerability scanner is part of which critical element of network and system security?（）

• A、host security
• B、perimeter security
• C、security monitoring
• D、policy management

第16题：

During which phase of the steps to success methodology for Cisco SMB Security Solutions would the Network Readiness Assessment be used to assess the readiness of an existing network infrastructure and determine which，if any modification should be prior to implementation？（）

• A、Prepare
• B、Design
• C、Position
• D、Develop
• E、Plan
• F、Perform

第17题：

An administrator wants to be alerted when a network-based attack is underway, but the company policy prohibits blocking or dropping network connections. Which of the following MUST be deployed?（）

• A、IDS
• B、IPS
• C、Firewall
• D、Managed PKI

第18题：

Which of the following protocols should be used to monitor network performance?（）

• A、SNTP
• B、SMTP
• C、HTTP
• D、SNMP

第19题：

Multiple users call from the same location saying that they have no network connectivity. The administrator is unable to ping the main switch at that IDF. Which of the following configuration management documents would the administrator MOST likely consult to troubleshoot the issue?（）

• A、Baseline configuration
• B、Security policy
• C、Performance and transaction logs
• D、Physical network diagram

第20题：

You are a security administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. All servers run Windows Server 2003. All computers on the network are members of the domain.    Traffic on the network is encrypted by IPSec. The domain contains a custom IPSec policy named Lan Security that applies to all computers in the domain. The Lan Security policy does not allow unsecured communication with non-lPSec-aware computers. The company’s written security policy states that the configuration of the domain and the configuration of the Lan Security policy must not be changed. The domain contains a multihomed server named Server1. Server1 isconnected to the company network， and Server1 is also connected to a test network. Currently， the Lan Security IPSec policy applies to network traffic on both network adapters in Server1. You need to configure Server1 so that it communicates on the test network without IPSec security. Server1 must still use the Lan Security policy when it communicates on the company network.  How should you configure Server1？（）

• A、 Configure a packet filter for the network adapter on the test network to block the Internet Key Exchange （IKE） port.
• B、 Configure the network adapter on the test network to disable IEEE 802.1x authentication.
• C、 Configure the network adapter on the test network to enable TCP/IP filtering， and then permit all traffic.
• D、 Use the netsh command to assign a persistent IPSec policy that permits all traffic on the network adapter on the test.
• E、 Assign an IPSec policy in the local computer policy that permits all traffic on the network adapter on the test.

第21题：

第22题：

第23题：