单选题Which of the following is the BEST way to allow web software through the server firewall？（）A Implement an application exception.B Implement an access control list （ACL）.C Open the corporate firewall to allow port 80.D Implement port blocking on port 80

第1题：

A Windows Azure application is activated for Windows Azure Connect A corporate policy blocks Internet traffic for local servers.  You need to recommend the firewall rule that will allow Windows Azure Connect traffic for local servers.  What should you recommend？（）

• A、 Allow TCP port 443 inbound.
• B、 Allow TCP port 3389 outbound.
• C、 Allow TCP port 3389 inbound.
• D、 Allow TCP port 443 outbound.

第2题：

Your company has a single active directory domain. The company network is protected by a firewall. Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server， they receive the following error message： Error 721： The remote computer is not responding. You need to ensure that users can establish a VPN connection. What should you do？ （）

• A、Open port 1423 on the firewall
• B、Open port 1723 on the firewall
• C、Open port 3389 on the firewall
• D、Open port 6000 on the firewall

第3题：

Which of the following allows a program or port through a software firewall?（）

• A、Exception
• B、Pass-through
• C、Port-forwarding
• D、Punch-through

第4题：

You are charged with implementing a secure wireless installation which will provide Internet access to clientdevices but will not allow communications between wireless clients. In addition to implementing PSPF orpeer-to-peer blocking on the wireless side. Which of the following actions should you perform on the wiredinfrastructure？（）

• A、Take no action， you have achieved your goal.
• B、Implement a Cisco Secure IPS sensor.
• C、Implement a protected port on the access switches.
• D、Implement 802.1X on the switch ports.

第5题：

Which of the following is the BEST way to allow web software through the server firewall?（）

• A、Implement an application exception.
• B、Implement an access control list (ACL).
• C、Open the corporate firewall to allow port 80.
• D、Implement port blocking on port 80.

第6题：

Which of the following ports would have to be allowed through a firewall to allow SNMP traffic topass on its default port?（） (Select TWO).

• A、22
• B、23
• C、143
• D、161
• E、162
• F、8080

第7题：

Your company has a single Active Directory domain. The company network is protected by a firewall.Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server, they receive the following error message: °Error 721: The remote computer is not responding.You need to ensure that users can establish a VPN connection. What should you do？（）

• A、Open port 1423 on the firewall.
• B、Open port 1723 on the firewall.
• C、Open port 3389 on the firewall.
• D、Open port 6000 on the firewall.

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

A company needs to connect seven of their Windows-based servers to a DS4000 storage server.   The DS4000 only has two host-side connections， and each server has two HBAs.  Which of the following is the lowest cost solution to provide no single points of failure？（）

• A、Implement two 8-port switches design with ISLs
• B、Implement two 16-port switches design with ISLs
• C、Implement two 8-port switches design without ISLs
• D、Implement two 16-port switches design without ISLs

第14题：

A technician works for a company that has recently been affected by a virus. The virus entered the network by using port 6000. Port 6000 is used by an application located on a server. The technician has been asked to block this port on all servers and computers except for the one server which uses this port. Which of the following should the technician do？（）

• A、Update the antivirus application
• B、Install critical update security patches
• C、Adjust the software firewall settings
• D、Replace the current antivirus program

第15题：

You are charged with implementing a secure wireless installation which will provide Internet access to client devices but will not allow communications between wireless clients. In addition toimplementing PSPF or peer-to-peer blocking on the wireless side. Which of the following actionsshould you perform on the wired infrastructure？（）

• A、Implement a Cisco Secure IPS sensor.
• B、Implement 802.1X on the switch ports.
• C、Take no action， you have achieved your goal.
• D、Implement a protected port on the access switches.

第16题：

Which of the following could be used to restrict access to the local web server to only certain IP addresses？（）

• A、 Create an ACL.
• B、 Create an application exception.
• C、 Configure IPSec.
• D、 Block port 80.

第17题：

Which of the following is the BEST reason to implement a firewall on a server？（）

• A、To watch for bandwidth issues
• B、To protect the server from all traffic
• C、To block certain traffic by ports
• D、To monitor certain malicious traffic

第18题：

Which port must be open on the HMC to allow remote web access？（） 

• A、22
• B、80
• C、443
• D、8080

第19题：

You install a third-party application on your computer. The application uses port 80 to negotiate a listening port. After establishing the listening port， the application uses dynamic ports above 6000.  You need to configure Microsoft Windows Firewall to allow traffic for the application.  What should you do？ （）

• A、Add a port exception for port 80.
• B、Disable the Core Networking exception.
• C、Restore the Windows Firewall defaults.
• D、Add a program exception for the new application.

第20题：

第21题：

第22题：

第23题：

第24题：