What is a Host Enforcer policy?()A、A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.B、A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.C、A policy that is sent to the protec

题目

What is a Host Enforcer policy?()

  • A、A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.
  • B、A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.
  • C、A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.
  • D、A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.
相似考题

1.What is a Host Enforcer policy?()A. A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.B. A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.C. A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.D. A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.

2.A network administrator has configured source NAT, translating to an address that is on a locally connected subnet.The administrator sees the translation working, but traffic does not appear to come back.What is causing the problem?()A. The host needs to open the telnet port.B. The host needs a route for the translated address.C. The administrator must use a proxy-arp policy for the translated address.D. The administrator must use a security policy, which will allow communication between the zones.

3.You have an SRX Series Layer 2 enforcer providing 802.1X authentication for connected endpoints. Your security policy requires that users who fail their authentication be placed in a specific VLAN.On the Layer 2 enforcer, at the [edit protocols dot1x authenticator interface] hierarchy for each participating interface, what provides this functionality?()A. guest-vlanB. auth-fail-vlanC. server-reject-vlanD. server-fail-vlan

4.You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()A. resource access policiesB. Host Enforcer policiesC. source IP enforcement policiesD. IPsec enforcement policies

更多“What is a Host Enforcer policy?(”相关问题

  • 第1题:

    You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()

    A. Resource access policy on the MAG Series device

    B. IPsec routing policy on the MAG Series device

    C. General traffic policy blocking access through the firewall enforcer

    D. Auth table entry on the firewall enforcer


    参考答案:A, D

  • 第2题:

    Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()

    A. You do not need to configure a RADIUS client policy.

    B. You must know the exact model number of the Infranet Enforcer.

    C. You must specify the NACN password of the device in the RADIUS client policy.

    D. You do not need to designate a location group to which the Infranet Enforcer will belong.


    参考答案:A

  • 第3题:

    Your company runs Remote Desktop Services. You have a Remote Desktop Session Host (RD Session Host) server. You need to ensure that remote desktop users can print only to the printers that are installed on the RD Session Host server. What should you do?()

    • A、Enable the Do not allow client printer redirection Group Policy setting.
    • B、Disable the Do not allow client printer redirection Group Policy setting.
    • C、Enable the Do not set default client printer to be default printer in a session Group Policy setting.
    • D、Disable the Do not set default client printer to be default printer in a session Group Policy setting.

    正确答案:A

  • 第4题:

    What must be updated regularly to detect the newest versions of personal firewalls on endpoints? ()

    • A、Infranet Enforcer firmware
    • B、Infranet Controller rollback software
    • C、Host Security Assessment Plug-in (HSAP)
    • D、Endpoint Security Assessment Plug-in (ESAP)

    正确答案:D

  • 第5题:

    What is the function of Host Checker?()

    • A、To allow clientless access to the network
    • B、To restrict access to protected resources on the network
    • C、To scan an endpointfor compliance with security policies
    • D、To push a firewall policy to the endpoint's local firewall application

    正确答案:B

  • 第6题:

    You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()

    • A、resource access policies
    • B、Host Enforcer policies
    • C、source IP enforcement policies
    • D、IPsec enforcement policies

    正确答案:D

  • 第7题:

    单选题
    Your company has a load-balanced Remote Desktop Session Host (RD Session Host) cluster. You need to track user session information for the load-balanced RD Session Host cluster. What should you do?()
    A

    Create a Remote Desktop resource authorization policy (RD RAP).

    B

    Create a Remote Desktop connection authorization policy (RD CAP).

    C

    Install and configure the Remote Desktop Licensing role service.

    D

    Install and configure the Remote Desktop Connection Broker role service.


    正确答案: B
    解析: 暂无解析

  • 第8题:

    单选题
    What is a Host Enforcer policy?()
    A

    A policy that is defined on the endpoint that permits or denies inbound or outbound traffic.

    B

    A policy that is sent to the endpoint that permits or denies inbound or outbound traffic.

    C

    A policy that is sent to the protected resource that permits or denies inbound or outbound traffic.

    D

    A policy that is defined on the protected resource that permits or denies inbound or outbound traffic.


    正确答案: B
    解析: 暂无解析

  • 第9题:

    单选题
    Your company runs Remote Desktop Services. You have a Remote Desktop Session Host (RD Session Host) server. You need to ensure that remote desktop users can prin t only to the printers that are installed on the RD Session Host server. What should you do?()
    A

    Enable the Do not allow client printer redirection Group Policy setting.

    B

    Disable the Do not allow client printer redirection Group Policy setting.

    C

    Enable the Do not set default client printer to be default printer in a session Group Policy setting.

    D

    Disable the Do not set default client printer to be default printer in a session Group Policy setting.


    正确答案: D
    解析: 暂无解析

  • 第10题:

    单选题
    You are not able to telnet to the interface IP of your JUNOS software with enhanced services devicefrom a PC on the same subnet. What is causing the problem? ()
    A

    Telnet is not being permitted by self policy.

    B

    Telnet is not being permitted by security policy.

    C

    Telnet is not allowed because it is not considered secure.

    D

    Telnet is not enabled as a host-inbound service on the zone.


    正确答案: D
    解析: 暂无解析

  • 第11题:

    多选题
    You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()
    A

    Resource access policy on the MAG Series device

    B

    IPsec routing policy on the MAG Series device

    C

    General traffic policy blocking access through the firewall enforcer

    D

    Auth table entry on the firewall enforcer


    正确答案: A,C
    解析: 暂无解析

  • 第12题:

    单选题
    In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()
    A

    to specify the destination addresses to which access is permitted

    B

    to specify the source address permitted to access the resource

    C

    to specify the services to which access is permitted

    D

    to inform the enforcer to expect policy information from the Junos Pulse Access Control Service


    正确答案: A
    解析: 暂无解析

  • 第13题:

    What must be updated regularly to detect the newest versions of personal firewalls on endpoints? ()

    A. Infranet Enforcer firmware

    B. Infranet Controller rollback software

    C. Host Security Assessment Plug-in (HSAP)

    D. Endpoint Security Assessment Plug-in (ESAP)


    参考答案:D

  • 第14题:

    Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()

    • A、You do not need to configure a RADIUS client policy.
    • B、You must know the exact model number of the Infranet Enforcer.
    • C、You must specify the NACN password of the device in the RADIUS client policy.
    • D、You do not need to designate a location group to which the Infranet Enforcer will belong.

    正确答案:A

  • 第15题:

    In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()

    • A、to specify the destination addresses to which access is permitted
    • B、to specify the source address permitted to access the resource
    • C、to specify the services to which access is permitted
    • D、to inform the enforcer to expect policy information from the Junos Pulse Access Control Service

    正确答案:D

  • 第16题:

    You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()

    • A、Dynamic auth table mapping is not enabled.
    • B、A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.
    • C、To create a static auth table mapping, you must delete the default policy.
    • D、The default policy applies only to the factory-default role User.

    正确答案:A

  • 第17题:

    You are not able to telnet to the interface IP address of your device from a PC on the same subnet. What iscausing the problem?()

    • A、Telnet is not being permitted by self policy.
    • B、Telnet is not being permitted by security policy.
    • C、Telnet is not allowed because it is not considered secure.
    • D、Telnet is not enabled as a host-inbound service on the zone

    正确答案:D

  • 第18题:

    Your company has an Active Directory Domain Services (AD DS) domain. All client computers run Windows 7. You have a Remote Desktop Session Host (RD Session Host) server. You have the following requirements: H Local devices from remote desktop clients must be redirected to the RD Session Host server . H USB devices from remote desktop clients must not be redirected to the RD Session Host server. What should you do?()

    • A、Disable drive redirection on the remote desktop clients.
    • B、Disable drive redirection on the RD Session Host server.
    • C、Enable the Prevent installation of removable devices Group Policy setting on the remote desktop clients.
    • D、Enable the Prevent installation of removable devices Group Policy setting on the RD Session Host server.

    正确答案:D

  • 第19题:

    单选题
    What is the function of Host Checker?()
    A

    To allow clientless access to the network

    B

    To restrict access to protected resources on the network

    C

    To scan an endpointfor compliance with security policies

    D

    To push a firewall policy to the endpoint's local firewall application


    正确答案: B
    解析: 暂无解析

  • 第20题:

    单选题
    You have an SRX Series Layer 2 enforcer providing 802.1X authentication for connected endpoints. Your security policy requires that users who fail their authentication be placed in a specific VLAN.On the Layer 2 enforcer, at the [edit protocols dot1x authenticator interface] hierarchy for each participating interface, what provides this functionality?()
    A

    guest-vlan

    B

    auth-fail-vlan

    C

    server-reject-vlan

    D

    server-fail-vlan


    正确答案: D
    解析: 暂无解析

  • 第21题:

    多选题
    You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()
    A

    Select Require and Enforce for the Host Checker Policy in the realm authentication policy.

    B

    Select Evaluate Policies for the Host Checker policy in the realm authentication policy.

    C

    Configure the Host Checker policy as a role restriction for the Employee role.

    D

    Configure the Host Checker policy as a resource access policy for the Employee role.


    正确答案: B,D
    解析: 暂无解析

  • 第22题:

    单选题
    A network administrator has configured source NAT, translating to an address that is on a locally connected subnet.The administrator sees the translation working, but traffic does not appear to come back. What is causing the problem?()
    A

    The host needs to open the telnet port.

    B

    The host needs a route for the translated address.

    C

    The administrator must use a proxy-arp policy for the translated address.

    D

    The administrator must use a security policy, which will allow communication between the zones.


    正确答案: C
    解析: 暂无解析

  • 第23题:

    单选题
    You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()
    A

    Dynamic auth table mapping is not enabled.

    B

    A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.

    C

    To create a static auth table mapping, you must delete the default policy.

    D

    The default policy applies only to the factory-default role User.


    正确答案: A
    解析: 暂无解析

相关内容