单选题To compete in today's fast-paced competitive environment, organizations are increasingly allowing contractors, partners, visitors and guests to access their internal enterprise networks.These users may connect to the network through wired ports in conf

第1题：

第2题：

Network Access Protection （NAP） is configured for the corporate network. Users connect to the corporate network by using portable computers. The company policy required confidentiality of data when the data is in transmit between the portable computers and the servers. You need to ensure taht users can access network resources only from computers that comply with the company policy. What should you do？ （）

• A、 Create an IPsec Enforcement Network policy
• B、 Create an 802.1X enforcement network policy
• C、 Create a wired network （IEEE 802.3） Group Policy
• D、 Create an Extensible Authentication Portocol （EAP） Enforcement Network Policy

第3题：

Which important factor is taken into account when determining an estimate for the maximum network bandwidth to be used by a customer？（）

• A、the size of the hard drives for each PC connected to the client’s network
• B、the average size of the wallet based on the number of profiles and accounts
• C、if any users will use IBM Tivoli Access Manager for Enterprise Single Sign-On during non-work hours
• D、the number of users that will be connected using the wireless network， as opposed to a wired connection

第4题：

Start of repeated scenarioYou are an enterprise desktop support technician for Fabrikam, Inc. Active Directory InformationThe company has a main office and a branch office. The main office hosts all of the companys servers. The main office connects to the branch office by using a WAN link. The network contains a single Active Directory domain that has 500 users. The domain contains three domain controllers and an enterprise root certification authority (CA). All servers run Windows Server 2008 R2. All user accounts are in an organizational unit (OU) named Employees. The computer accounts for all desktop computers are in an OU named Desktops. The computer accounts for all portable computers are in an OU named Laptops. A startup script is deployed to all computers by using Group Policy objects (GPOs). Client ConfigurationsAll client computers run Windows 7 Enterprise. All users have desktop computers. All computers are members of the domain. All desktop computers use wired connections to connect to the network. All portable computers use wireless connections to connect to the network. The wireless network is secured by using EAP-TLS. Company policy states that all client computers must be configured by using DHCP. The company has an internal Web site. The Web site is configured to useSSL encryption and to require client certificates. All company users can access the internal Web site. End of repeated scenario Users in the branch office report slow network performance when they connect to the file shares in the main office. You need to recommend a solution to improve performance when users access the file shares from the branch office. The solution must minimize hardware costs. What should you recommend implementing?（）

• A、BranchCache
• B、DirectAccess
• C、Distributed File System Replication (DFSR)
• D、Universal Group Membership Caching

第5题：

Network Access Protection (NAP) is configured for the corporate network.Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.What should you do？（）

• A、Create an IPsec Enforcement Network policy.
• B、Create an 802.1X Enforcement Network policy.
• C、Create a Wired Network (IEEE 802.3) Group policy.
• D、Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.

第6题：

You are the administrator of an Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional and are members of the domain.The domain contains a single DNS server named Server1. Root hints are enabled on Server1. Internet access for the company is provided by a Network Address Translation （NAT） server named Server2. Server2 is connected to the Internet by means of a permanent connection to the company’s ISP.Users report that they can no longer connect to http：//www.adatum.com. Users can connect to internal resources and to other Internet Web sites. You can successfully access http：//www.adatum.com from a computer outside of the corporate network.You need to ensure that the users can access http：//www.adatum.com. You must also ensure that users retain their ability to access internal resources.   Which two actions should you perform？（）

• A、Disable Routing and Remote Access on Server2.
• B、Create a root zone on Server1.
• C、On all affected users’ computers， run the ipconfig /flushdns command.
• D、Configure all affected users’ computers to use the ISP’s DNS server.
• E、Use the DNS console on Server1 to clear the DNS cache.

第7题：

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

第14题：

To compete in today's fast-paced competitive environment, organizations are increasingly allowing contractors, partners, visitors and guests to access their internal enterprise networks.These users may connect to the network through wired ports in conference rooms or offices, or via wireless access points. In allowing this open access for third parties, LANs become(6) .Third parties can introduce risk in a variety of ways from connecting with an infected laptop to unauthorized access of network resources to(7)activity. For many organizations, however,the operational complexity and costs to ensure safe third party network access have been prohibitive. Fifty-two percent of surveyed CISOs state that they currently use a moat and castle's security approach, and admit that defenses inside the perimeter are weak. Threats from internal users are also increasingly a cause for security concerns. Employees with malicious intent can launch (8) of service attacks or steal (9) information by snooping the network. As they access the corporate network, mobile and remote users inadvertently can infect the network with (10) and worms acquired from unprotected public networks. Hackers masquer-ading as internal users can take advantage of weak internal security to gain access to confidential information. 空白处（9）应选择（）

• A、reserved
• B、confidential
• C、complete
• D、mysterious

第15题：

You need to configure fine-grained access control to external network resources from within your database. You create an access control list (ACL) using the DBMS_NETWORK_ACL_ADMIN package. Which statement is true regarding the ACL created?（）

• A、It is a list of remote database links stored in the XML file that are available to the users of the database.
• B、It is a list of users and network privileges stored in the XML file according to which a group of users can connect to one or more hosts.
• C、It is a list of users and network privileges stored in the data dictionary according to which a group of users can connect to one or more hosts.
• D、It is the list of the host names or the IP addresses stored in the data dictionary that can connect to your database through PL/SQL network utility packages such as UTL_TCP.

第16题：

Your network consists of a single Active Directory domain. The network is located on the 172.16.0.0/23  subnet.   The company hires temporary employees. You provide user accounts and computers to the temporaryem ployees. The temporary employees receive computers that are outside the Active Directory domain.   The temporary employees use their computers to connect to the network by using wired connections andwireless connections. The company’s security policy specifies that the computers connected to the network must have the latest updates for the operating system.   You need to plan the network’s security so that it complies with the company 's security policy. What should you include in your plan？（）

• A、Implement a Network Access Protection （NAP） strategy for the 172.16.0.0/23 subnet.
• B、Create an extranet domain within the same forest. Migrate the temporary employees user accounts to the extranet domain. Install the necessary domain resources on the 172.16.0.0/23 subnet.
• C、Move the temporary employees user accounts to a new organizational unit （OU）. Create a new Group Policy object （GPO） that uses an intranet Microsoft Update server. Link the new GPO tothe new OU.
• D、Create a new subnet in a perimeter network. Relocate the wireless access point to the perimeter network. Require authentication through a VPN server before allowing access to the internal resources.

第17题：

You are designing a strategy to allow users to gain VPN access to the internal network.  What should you do？（）

• A、 Allow all inbound VPN traffic to pass through the internal firewall and the perimeter firewall.
• B、 Allow all inbound VPN traffic to pass through the perimeter firewall only.
• C、 Allow all VPN traffic from the source IP address of 131.107.1.14 to pass through the internal firewall.
• D、 Allow all VPN traffic from the source IP address of 191.168.1.0/24 to pass through the perimeter firewall.

第18题：

Network access protection (NAP) is configured for the corporate network. Users connect to the corporate network by using portable computers. The command policy required confidentiality of data when is in transmit between the portable computers and the servers. You need to ensure that users can access network resources only from computers that comply with the company policy. What should you do?（）

• A、Create an Ipsec enforcement network policy.
• B、Create an 802.1xenforcemen tnetwork policy.
• C、Createa wired network（IEEE802.3）Group policy.
• D、Create an extensible authentication protocol（EAP）enforcement network policy.

第19题：

第20题：

第21题：

第22题：

第23题：

第24题：