A system administrator wants to configure 802.1X on an Ethernet switch to enable access to specific parts of the network based on group memberships.How can the administrator accomplish this goal?()A、Configure roles based on departments and assign access b

题目

A system administrator wants to configure 802.1X on an Ethernet switch to enable access to specific parts of the network based on group memberships.How can the administrator accomplish this goal?()

  • A、Configure roles based on departments and assign access based on source IP address.
  • B、Configure roles based on the user's manager and assign access based on the user's MAC address
  • C、Configure roles based on group memberships and assign a specific VLAN to the role.
  • D、Configure roles based on RADIUS request attribute and assign a specific VLAN to the role.
相似考题

1.Your network contains an Active Directory domain. The domain contains a member server that runs Windows Server 2008 R2.You have a folder named Data that is located on the C drive. The folder has the default NTFS permissions configured.A support technician shares C:\Data by using the File Sharing Wizard and specifies the default settings.Users report that they cannot access the shared folder.You need to ensure that all domain users can access the share.What should you do?()A. Enable access-based enumeration (ABE) on the share.B. Assign the Read NTFS permission to the Domain Users group.C. From the Network and Sharing Center, enable public folder sharing.D. From the File Sharing Wizard, configure the Read permission level for the Domain Users group.

2.A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?A. BPDUB. Port securityC. RSTPD. STPE. VTPF. Blocking mode

3.A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1?()A. Configure port Fa0/1 to accept connections only from the static IP address of the server.B. Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.C. Configure the MAC address of the server as a static entry associated with port Fa0/1.D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.E. Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.F. Configure an access list on the switch to deny server traffic from entering any port other than Fa0/1.

4.The network administrator has configured port security on a Ezonexam switch. Why would a network administrator configure port security on this Ezonexam device?A.To prevent unauthorized hosts from getting access to the LANB.To limit the number of Layer 2 broadcasts on a particular switch portC.To prevent unauthorized Telnet or SSH access to a switch portD.To prevent the IP and MAC address of the switch and associated portsE.None of the above

参考答案和解析
正确答案:C
更多“A system administrator wants to configure 802.1X on an Ethernet switch to enable access to specific parts of the network based on group memberships.How can the administrator accomplish this goal?()A、Configure roles based on departments and assign access b”相关问题

  • 第1题:

    A network administrator needs to configure port security on a switch.which two statements are true? ()

    A.The network administrator can apply port security to dynamic access ports

    B.The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.

    C.The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.

    D.The network administrator can apply port security to EtherChannels.

    E.When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.


    参考答案:C, E

  • 第2题:

    Why would a network administrator configure port security on a switch?()

    • A、to prevent unauthorized Telnet access to a switch port
    • B、to limit the number of Layer 2 broadcasts on a particular switch port
    • C、to prevent unauthorized hosts from accessing the LAN
    • D、to protect the IP and MAC address of the switch and associated ports
    • E、to block unauthorized access to the switch management interfaces over common TCP ports

    正确答案:C

  • 第3题:

    A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?()

    • A、BPDU
    • B、Port security
    • C、RSTP
    • D、STP
    • E、VTP
    • F、Blocking mode

    正确答案:B

  • 第4题:

    When implementing 802.1X on Teleworker routers and using separate DHCP address pools for Teleworker and Home-user devices, traffic between devices can be restricted. How can you best accomplish this?()

    • A、Access Lists between the inside interface and loopback interface
    • B、Context Based Access Control
    • C、Dynamic Host Configuration Protocol
    • D、Network Address translation

    正确答案:A

  • 第5题:

    An administrator replaces the network card in a web server. After replacing the network card some users can access the server but others cannot.  Which of the following is the FIRST thing the administrator should check?()

    • A、 Default gateway
    • B、 The ports on the switch
    • C、 Port security on the servers switch port
    • D、 Ethernet cable

    正确答案:A

  • 第6题:

    A system administrator wants to control the HMC from their workstation. Microsoft Windows 2000 is running and the HMC graphical user interface is being used remotely. Which of the following actions will accomplish this task?()

    • A、Use any Windows 2000 to graphically access the HMC
    • B、Load, install, and configure WebSM on the workstation
    • C、Telnet to the HMC using Exceed or a GUI emulator product from the workstation
    • D、Load, install, and configure OpenSSH or SSH on the workstation and access the HMC through the GUI interface

    正确答案:B

  • 第7题:

    Your company has Active Directory Certificate Services (AD CS) and Network Access Protection (NAP)  deployed on the network. You need to ensure that NAP policies are enforced on portable computers taht  use a wireless connection to access the network. What should you do?()

    • A、 Configure all access points to use 802.1X authentication
    • B、 Configure all protable computers to use MS-CHAP v2 authentication
    • C、 Use the Group Policy Management Console to access the wireless group policy settings, and enable the Prevent connections to ad-hoc networks option.
    • D、 Use the Group Policy Management Console to access the wireless group policy settings, and disable the Prevent connections to infrastructure networks option.

    正确答案:A

  • 第8题:

    You are the administrator of a Windows 2000 network. You need to store secured files for your company’s Accounting and Legal departments on a Windows 2000 Professional computer. You want to accomplish the following goals:  • Enable users in both departments to access their own files from the network  • Enable users in the Accounting department to view the Legal department’s documents  • Prevent users in the Legal department from being able to view the Accounting department’s    documents  • Enable managers within the company to access and modify both the Accounting and the Legal   department’s files You take the following actions:   • Create two shared folders named Accounting and Legal  • Create three groups named Accounting, Legal, and Management  • Allow the Accounting group Modify permission on the Accounting folder  • Allow the Accounting group Read permissions on the Legal folders.  • Allow the Management group Modify permission on both the Accounting and Legal folders.   Which result or results do these actions produce?()

    • A、Users in both departments can access to their own files from the network.
    • B、Users in the Accounting department can view the Legal department’s documents.
    • C、Users in the Legal department cannot view the Accounting department’s documents.
    • D、Company managers can access and modify both departments’ files.

    正确答案:B,C,D

  • 第9题:

    单选题
    Your company has Active Directory Certificate Services (AD CS) and Network Access Protection (NAP)  deployed on the network. You need to ensure that NAP policies are enforced on portable computers taht  use a wireless connection to access the network. What should you do?()
    A

     Configure all access points to use 802.1X authentication

    B

     Configure all protable computers to use MS-CHAP v2 authentication

    C

     Use the Group Policy Management Console to access the wireless group policy settings, and enable the Prevent connections to ad-hoc networks option.

    D

     Use the Group Policy Management Console to access the wireless group policy settings, and disable the Prevent connections to infrastructure networks option.


    正确答案: B
    解析: 暂无解析

  • 第10题:

    单选题
    An administrator replaces the network card in a web server. After replacing the network card some users can access the server but others cannot.  Which of the following is the FIRST thing the administrator should check?()
    A

     Default gateway

    B

     The ports on the switch

    C

     Port security on the servers switch port

    D

     Ethernet cable


    正确答案: D
    解析: 暂无解析

  • 第11题:

    单选题
    A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?()
    A

    BPDU

    B

    Port security

    C

    RSTP

    D

    STP

    E

    VTP

    F

    Blocking mode


    正确答案: B
    解析: 暂无解析

  • 第12题:

    多选题
    You have three classes of users on your network: employee, contractor, and IT administrator. You configure the Junos Pulse Access Control Service to assign roles to each user class and require that a specific wireless SSID be preconfigured for the Odyssey Access Client based on the role. Which configuration method should you use to satisfy this scenario?()
    A

    Create a Settings Update file in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under User Roles > Agent > Odyssey Settings > Preconfigured Installer.

    B

    Configure a wired adapter and assign the required SSID under User Roles > Agent > Odyssey Settings.

    C

    Create a script in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under User Roles > Agent > Odyssey Settings > Preconfigured Installer.

    D

    Create a Preconfiguration file in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under User Roles > Agent > Odyssey Settings > Preconfigured Installer.


    正确答案: C,A
    解析: 暂无解析

  • 第13题:

    You are the network administrator of a small Layer 2 network with 50 users. Lately, users have been complaining that the network is very slow. While troubleshooting, you notice that the CAM table of your switch is full, although it supports up to 12,000 MAC addresses. How can you solve this issue and prevent it from happening in the future?()

    • A、Upgrade the switches
    • B、Configure BPDU guard
    • C、Configure VLAN access lists
    • D、Configure port security
    • E、Configure Dynamic ARP inspection

    正确答案:D

  • 第14题:

    A network administrator needs to configure port security on a switch.which two statements are true?()

    • A、The network administrator can apply port security to dynamic access ports
    • B、The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.
    • C、The sticky learning feature allows the addition of dynamically learned addresses to the runningconfiguration.
    • D、The network administrator can apply port security to EtherChannels.
    • E、When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.

    正确答案:C,E

  • 第15题:

    The network administrator wants to enable an EtherChannel between two switches in "on" mode. The administrator connects the cables and enables the interfaces, but while configuring the EtherChannel in the first switch,a spanning-tree loop was detected. Which two of these procedures can avoid this problem?()

    • A、Configure the EtherChannel as "desirable" first.
    • B、Assign all interfaces to the same VLAN.
    • C、Disable PortFast on the interfaces in the EtherChannels.
    • D、Disable all interfaces first.
    • E、Fast Ethernet and Gigabit Ethernet ports cannot be assigned to the same EtherChannel.
    • F、Fix cabling problems.

    正确答案:A,D

  • 第16题:

    You work as a network administrator at, You have been asked to configure 802.1x port-based authentication. You notice that the client workstation is not compatible with 802.1x port-based authentication.  What supported authentication server should be chosen?()

    • A、TACACS with LEAP extensions
    • B、RADIUS with EAP extensions
    • C、TACACS+
    • D、LDAP

    正确答案:B

  • 第17题:

    An administrator replaces the network card in a web server. After replacing the network card some users can access the server but others cannot. Which of the following is the FIRST thing the administrator should check?()

    • A、Default gateway
    • B、The ports on the switch
    • C、Port security on the server's switch port
    • D、Ethernet cable

    正确答案:A

  • 第18题:

    You have three classes of users on your network: employee, contractor, and IT administrator. You configure the Junos Pulse Access Control Service to assign roles to each user class and require that a specific wireless SSID be preconfigured for the Odyssey Access Client based on the role. Which configuration method should you use to satisfy this scenario?()

    • A、Create a "Settings Update file" in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".
    • B、Configure a wired adapter and assign the required SSID under "User Roles" > "Agent" > "Odyssey Settings".
    • C、Create a script in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".
    • D、Create a "Preconfiguration file" in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".

    正确答案:A,B,D

  • 第19题:

    Your company has Active Directory Certificate Services (AD CS) and Network Access Protection (NAP) deployed on the network.You need to ensure that NAP policies are enforced on portable computers that use a wireless connection to access the network.  What should you do?()

    • A、Configure all access points to use 802.1X authentication.
    • B、Configure all portable computers to use MS-CHAP v2 authentication.
    • C、Use the Group Policy Management Console to access the wireless Group Policy settings, and enable the Prevent connections to ad-hoc networks option.
    • D、Use the Group Policy Management Console to access the wireless Group Policy settings, and disable the Prevent connections to infrastructure networks option.

    正确答案:A

  • 第20题:

    Your company has active directory certificate services (AD CS) and network access protection (NAP) deployed on the network. You need to ensure that NAP policies are enforced on portable computers that use a wireless connection to access the network. What should you do?()

    • A、Configure all access points to use 802.1x authentication.
    • B、Configure all protable computers to use MS-CHAP v2 authentication.
    • C、Use the group policy management console to access the wireless group policy settings, and enable the prevent connections to ad-hoc network option.
    • D、Use the group policy management console to access the wireless group policy settings, and disable the prevent connections to infrastructure networks option.

    正确答案:A

  • 第21题:

    单选题
    Why would a network administrator configure port security on a switch?()
    A

    to prevent unauthorized Telnet access to a switch port

    B

    to limit the number of Layer 2 broadcasts on a particular switch port

    C

    to prevent unauthorized hosts from accessing the LAN

    D

    to protect the IP and MAC address of the switch and associated ports

    E

    to block unauthorized access to the switch management interfaces over common TCP ports


    正确答案: D
    解析: 暂无解析

  • 第22题:

    多选题
    You are the administrator of a Windows 2000 network. You need to store secured files for your company’s Accounting and Legal departments on a Windows 2000 Professional computer. You want to accomplish the following goals:  • Enable users in both departments to access their own files from the network  • Enable users in the Accounting department to view the Legal department’s documents  • Prevent users in the Legal department from being able to view the Accounting department’s    documents  • Enable managers within the company to access and modify both the Accounting and the Legal   department’s files You take the following actions:   • Create two shared folders named Accounting and Legal  • Create three groups named Accounting, Legal, and Management  • Allow the Accounting group Modify permission on the Accounting folder  • Allow the Accounting group Read permissions on the Legal folders.  • Allow the Management group Modify permission on both the Accounting and Legal folders.   Which result or results do these actions produce?()
    A

    Users in both departments can access to their own files from the network.

    B

    Users in the Accounting department can view the Legal department’s documents.

    C

    Users in the Legal department cannot view the Accounting department’s documents.

    D

    Company managers can access and modify both departments’ files.


    正确答案: A,B
    解析: B: The Accounting group has been granted Read permission to the Legal folders so they can view the Legal department’s documents. 
    C: The Legal group has not been granted any permissions so they cannot access the Accounting department’s documents. 
    D: The Company Management’s group has Modify permissions to both the Accounting and the Legal folders so they will be able to modify both departments’ files. 

  • 第23题:

    单选题
    A system administrator wants to configure 802.1X on an Ethernet switch to enable access to specific parts of the network based on group memberships.How can the administrator accomplish this goal?()
    A

    Configure roles based on departments and assign access based on source IP address.

    B

    Configure roles based on the user's manager and assign access based on the user's MAC address

    C

    Configure roles based on group memberships and assign a specific VLAN to the role.

    D

    Configure roles based on RADIUS request attribute and assign a specific VLAN to the role.


    正确答案: D
    解析: 暂无解析

相关内容