单选题Kerberos is a form of user authentication that:()A Provides users access to network resources.B Performs router commands after user authentication.C Provides users with remote access only capabilities.D Does not require an authentication server

题目
单选题
Kerberos is a form of user authentication that:()
A

Provides users access to network resources.

B

Performs router commands after user authentication.

C

Provides users with remote access only capabilities.

D

Does not require an authentication server

相似考题

1.Kerberos is a form of user authentication that:()A. Provides users access to network resources.B. Performs router commands after user authentication.C. Provides users with remote access only capabilities.D. Does not require an authentication server

2.You have configured the Odyssey Access Client with a profile which has the "Disable Server Verification" setting cleared.What will be the result if the device certificate on the MAG Series device has expired and the user attempts to authenticate?()A、The user will be instructed to call the network administrator.B、The user will fail authentication.C、The user will be prompted to install a new device certificate on the MAG Series device.D、The user will successfully authenticate and have full network access.

3. You are the systems engineer for your company. The network consists of three physical networks connected by hardware-based routers. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.   Each physical network contains at least one domain controller and at least one DNS server. One physical network contains a Microsoft Internet Security and Acceleration (ISA) Server array that provides Internet access for the entire company. The network also contains a certificate server.   Company management wants to ensure that all data is encrypted on the network and that all computers transmitting data on the network are authenticated.   You decide to implement IPSec on all computers on the network. You edit the Default Domain Policy Group Policy object (GPO) to apply the Secure Server (Require Security) IPSec policy.   Users immediately report that they cannot access resources located in remote networks. You investigate and discover that all packets are being dropped by the routers. You also discover that Active Directory replication is not functioning between domain controllers in different networks.   You need to revise your design and implementation to allow computers to communicate across the entire network. You also need to ensure that the authentication keys are stored encrypted.   Which two actions should you take?()A、 Configure the routers to use IPSec and a preshared key for authentication.B、 Configure the routers to use IPSec and a certificate for authentication.C、 Configure the routers to use IPSec and Kerberos for authenticationD、 Reconfigure the GPOs to require a preshared key for IPSec authentication.E、 Reconfigure the GPOs to require a certificate for IPSec authentication.

4.What is not a difference between VPN tunnel authentication and per-user authentication?()A、VPN tunnel authentication is part of the IKE specification. B、VPN tunnel authentication does not control which end user can use the IPSec SA (VPN tunnel).C、User authentication is used to control access for a specific user ID, and can be used with or without a VPN tunnel for network access authorization. D、802.1X with EAP-TLS (X.509 certificates) can be used to authenticate an IPSec tunnel.

更多“单选题Kerberos is a form of user authentication that:()A Provides users access to network resources.B Performs router commands after user authentication.C Provides users with remote access only capabilities.D Does not require an authentication server”相关问题

  • 第1题:

    Kerberos is a form of user authentication that:()

    • A、Provides users access to network resources.
    • B、Performs router commands after user authentication.
    • C、Provides users with remote access only capabilities.
    • D、Does not require an authentication server

    正确答案:A

  • 第2题:

    You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains Windows Server 2003 file servers. The network also contains a Windows Server 2003 computer named Server1 that runs Routing and Remote Access and Internet Authentication Service (IAS). Server1 provides VPN access to the network for users’ home computers.   You suspect that an external unauthorized user is attempting to access the network through Server1. You want to log the details of access attempts by VPN users when they attempt to access the network. You want to compare the IP addresses of users’ home computers with the IP addresses used in the access attempts to verify that the users are authorized.  You need to configure Server1 to log the details of access attempts by VPN users.   What should you do?  ()

    • A、 Configure the system event log to Do not overwrite.
    • B、 In IAS, in Remote Access Logging, enable the Authentication requests setting.
    • C、 Configure the Remote Access server to Log all events.
    • D、 Create a custom remote access policy and configure it for Authentication-Type.

    正确答案:B

  • 第3题:

    You are a network administrator for your company. The network consists of a single Active Directory domain. The domain contains three Windows Server 2003 domain controllers, 20 Windows Server 2003 member servers, and 750 Windows XP Professional computers. The domain is configured to use only Kerberos authentication for all server connections.A user reports that she receives an "Access denied" error message when she attempts to connect to one of the member servers. You want to test the functionality of Kerberos authentication on the user’s client computer.  Which command should you run from the command prompt on the user’s computer?()

    • A、netsh
    • B、netdiag
    • C、ktpass
    • D、ksetup

    正确答案:B

  • 第4题:

    You are designing a security strategy for users who need remote access to the corporate network.  What should you do?()

    • A、 Configure Internet Authentication Service (IAS) for accounting.
    • B、 Configure the server running Routing and Remote Access to support L2TP.
    • C、 Configure the server running Routing and Remote Access to restrict dial-in traffic to the NewApp servers only.
    • D、 Create a separate account for remote access users. Configure these accounts to access the NewApp server only.

    正确答案:C

  • 第5题:

    You need to design a remote access authentication strategy that will allow users in the IT department to remotely connect to the network. Your solution must meet security requirements. What should you do?()

    • A、Install Internet Authentication Services (IAS) on a server in the den.corp.woodgrovebank.com domain. Configure the VPN servers as RADIUS clients
    • B、Install Internet Authentication Services (IAS) on a stand-alone server in the Denver extranet. Create local user accounts for the IT personnel on the IAS server. Configure the VPN servers as RADIUS clients
    • C、Create a remote access policy on each of the VPN servers. Configure the policy to use the den.corp.woodgrovebank.com to authenticate remote access users. Configure the policy to require L2TP to establish a connection
    • D、Create a remote access policy on each of the VPN servers. Create local user accounts for the IT personnel on the VPN servers. Configure the policy to use the VPN servers’ local accounts database to authenticate users. Configure the policy to require L2TP to establish a connection

    正确答案:A

  • 第6题:

    You need to design access to Microsoft Outlook Web Access for remote users. What should you do?()

    • A、Place all user mailboxes on back-end servers. Deploy Outlook Web Access on three front-end servers that are members of the Network Load Balancing cluster
    • B、Place all user mailboxes on back-end servers that are members of a Network Load Balancing cluster. Deploy Outlook Web Access on the back-end servers
    • C、Place mailboxes for remote users on one back-end server and place all mailboxes for main office users on another back-end server. Deploy Outlook Web Access on the back-end server that contains the mailboxes for remote users
    • D、Place all user mailboxes on two back-end servers that are members of a Network Load Balancing cluster. Place mailboxes for remote users and mailboxes for main office users into separate storage groups. Deploy Outlook Web Access on three front-end servers. Configure the front-end servers to access only the back-end Network Load Balancing cluster

    正确答案:A

  • 第7题:

    单选题
    You need to design access to Microsoft Outlook Web Access for remote users. What should you do?()
    A

    Place all user mailboxes on back-end servers. Deploy Outlook Web Access on three front-end servers that are members of the Network Load Balancing cluster

    B

    Place all user mailboxes on back-end servers that are members of a Network Load Balancing cluster. Deploy Outlook Web Access on the back-end servers

    C

    Place mailboxes for remote users on one back-end server and place all mailboxes for main office users on another back-end server. Deploy Outlook Web Access on the back-end server that contains the mailboxes for remote users

    D

    Place all user mailboxes on two back-end servers that are members of a Network Load Balancing cluster. Place mailboxes for remote users and mailboxes for main office users into separate storage groups. Deploy Outlook Web Access on three front-end servers. Configure the front-end servers to access only the back-end Network Load Balancing cluster


    正确答案: A
    解析: 暂无解析

  • 第8题:

    单选题
    You need to design a remote access strategy for portable computers. Your solution must meet business requirements. What should you do?()
    A

    Issue a computer certificate to P_RAS1. Reconfigure the remote access policy on P_RAS1 to accept only EAP-MD5 authentication. Then, specify that P_RAS1’s computer certificate is to be used for authentication

    B

    Issue a user certificate to the Administrator account on P_RAS1. Reconfigure the remote access policy to accept only EAP-MD5 authentication. Then, specify that the Administrator account’s user certificate is to be used for authentication

    C

    Issue a computer certificate to P_RAS1. Reconfigure the remote access policy to accept only EAP-TLS authentication. Then, specify the P_RAS1’s computer certificate is to be used for authentication

    D

    Issue a user certificate to the Administrator account on P_RAS1. Reconfigure the remote access policy to accept only EAP-TLS authentication. Then, specify that the Administrator account’s user certificate is to be used for authentication


    正确答案: B
    解析: 暂无解析

  • 第9题:

    单选题
    Kerberos is a form of user authentication that:()
    A

    Provides users access to network resources.

    B

    Performs router commands after user authentication.

    C

    Provides users with remote access only capabilities.

    D

    Does not require an authentication server


    正确答案: D
    解析: 暂无解析

  • 第10题:

    单选题
    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the Remote Access server role installed. A user named User1 must connect to the network remotely. The client computer of User1 requires Challenge Handshake Authentication Protocol (CHAP) for remote connections. CHAP is enabled on Server1. You need to ensure that User1 can connect to Server1 and authenticate to the domain.  What should you do from Active Directory Users and Computers?()
    A

    From the properties of Server1, select Trust this computer for delegation to any service (Kerberos only).

    B

    From the properties of Server1, assign the Allowed to Authenticate permission to User1.

    C

    From the properties of User1, select Use Kerberos DES encryption types for this account.

    D

    From the properties of User1, select Store password using reversible encryption


    正确答案: A
    解析: 暂无解析

  • 第11题:

    单选题
    Which statement accurately describes firewall user authentication?()
    A

    Firewall user authentication provides another layer of security in a network.

    B

    Firewall user authentication provides a means for accessing a JUNOS Software-based security device.

    C

    Firewall user authentication enables session-based forwarding.

    D

    Firewall user authentication is used as a last resort security method in a network.


    正确答案: B
    解析: 暂无解析

  • 第12题:

    单选题
    You are designing a strategy to ensure that VPN users are able to access all internal resources.  What should you do?()
    A

     Specify a static routing table entry on VPN1 for the Dallas network.

    B

     Specify a static routing table entry on VPN1 for the Seattle network.

    C

     Implement Internet Authentication Service (IAS) on VPN1.

    D

     Define a User Class option for Routing & Remote Access Clients on the DHCP Server.


    正确答案: A
    解析: 暂无解析

  • 第13题:

    Which statement accurately describes firewall user authentication?()

    • A、Firewall user authentication provides another layer of security in a network.
    • B、Firewall user authentication provides a means for accessing a JUNOS Software-based security device.
    • C、Firewall user authentication enables session-based forwarding.
    • D、Firewall user authentication is used as a last resort security method in a network.

    正确答案:A

  • 第14题:

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the Remote Access server role installed. A user named User1 must connect to the network remotely. The client computer of User1 requires Challenge Handshake Authentication Protocol (CHAP) for remote connections. CHAP is enabled on Server1. You need to ensure that User1 can connect to Server1 and authenticate to the domain.  What should you do from Active Directory Users and Computers?()

    • A、From the properties of Server1, select Trust this computer for delegation to any service (Kerberos only).
    • B、From the properties of Server1, assign the Allowed to Authenticate permission to User1.
    • C、From the properties of User1, select Use Kerberos DES encryption types for this account.
    • D、From the properties of User1, select Store password using reversible encryption

    正确答案:D

  • 第15题:

    You are developing a Web application. Your code restricts access to some pages based on the users credentials. You need to configure IIS to supply the user's Windows credentials to your Web application. These credentials must be encrypted. What should you do? ()

    • A、Enable Anonymous access. Enable Integrated Windows authentication.
    • B、Enable Anonymous access. Enable Basic authentication.
    • C、Disable Anonymous access. Enable Integrated Windows authentication.
    • D、Disable Anonymous access. Enable Basic authentication.

    正确答案:C

  • 第16题:

    Your network contains a single Active Directory domain. All domain controllers run Windows Server   2008 R2. There are 1,000 client computers that run Windows 7 and that are connected to managedswitches.   You need to recommend a strategy for network access that meets the following requirements:   èUsers are unable to bypass network access restrictions.   èOnly client computers that have up-to-date service packs installed can access the network.   èOnly client computers that have up-to-date anti-malware software installed can access the network.   What should you recommend?()

    • A、Implement Network Access Protection (NAP) that uses DHCP enforcement.
    • B、Implement Network Access Protection (NAP) that uses 802.1x enforcement.
    • C、Implement a Network Policy Server (NPS), and enable IPsec on the domain controllers.
    • D、Implement a Network Policy Server (NPS), and enable Remote Authentication Dial-In User Service  (RADIUS) authentication on the managed switches.

    正确答案:B

  • 第17题:

    You are the network administrator for your company. The network consists of a single Active Directory domain.  The company has remote users in the sales department who work from home. The remote users’ client computers run Windows XP Professional, and they are not members of the domain. The remote users’ client computers have local Internet access through an ISP.   The company is deploying a Windows Server 2003 computer named Server1 that has Routing and Remote Access installed. Server1 will function as a VPN server, and the remote users will use it to connect to the company network. Confidential research data will be transmitted from the remote users’ client computers. Security is critical to the company and Server1 must protect the remote users’ data transmissions to the main office. The remote client computers will use L2TP/IPSec to connect to the VPN server.  You need to choose a secure authentication method.   What should you do? ()

    • A、 Use the authentication method of the default IPSec policies.
    • B、 Create a custom IPSec policy and use the Kerberos version 5 authentication protocol.
    • C、 Create a custom IPSec policy and use certificate-based authentication.
    • D、 Create a custom IPSec policy and use preshared key authentication.
    • E、 Use the authentication method of the Routing and Remote Access custom IPSec policy for L2TP connection.

    正确答案:C

  • 第18题:

    单选题
    You are designing a security strategy for users who need remote access to the corporate network.  What should you do?()
    A

     Configure Internet Authentication Service (IAS) for accounting.

    B

     Configure the server running Routing and Remote Access to support L2TP.

    C

     Configure the server running Routing and Remote Access to restrict dial-in traffic to the NewApp servers only.

    D

     Create a separate account for remote access users. Configure these accounts to access the NewApp server only.


    正确答案: A
    解析: 暂无解析

  • 第19题:

    单选题
    You need to design a remote access authentication strategy that will allow users in the IT department to remotely connect to the network. Your solution must meet security requirements. What should you do?()
    A

    Install Internet Authentication Services (IAS) on a server in the den.corp.woodgrovebank.com domain. Configure the VPN servers as RADIUS clients

    B

    Install Internet Authentication Services (IAS) on a stand-alone server in the Denver extranet. Create local user accounts for the IT personnel on the IAS server. Configure the VPN servers as RADIUS clients

    C

    Create a remote access policy on each of the VPN servers. Configure the policy to use the den.corp.woodgrovebank.com to authenticate remote access users. Configure the policy to require L2TP to establish a connection

    D

    Create a remote access policy on each of the VPN servers. Create local user accounts for the IT personnel on the VPN servers. Configure the policy to use the VPN servers’ local accounts database to authenticate users. Configure the policy to require L2TP to establish a connection


    正确答案: C
    解析: 暂无解析

  • 第20题:

    单选题
    You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains Windows Server 2003 file servers. The network also contains a Windows Server 2003 computer named Server1 that runs Routing and Remote Access and Internet Authentication Service (IAS). Server1 provides VPN access to the network for users’ home computers.   You suspect that an external unauthorized user is attempting to access the network through Server1. You want to log the details of access attempts by VPN users when they attempt to access the network. You want to compare the IP addresses of users’ home computers with the IP addresses used in the access attempts to verify that the users are authorized.  You need to configure Server1 to log the details of access attempts by VPN users.   What should you do?  ()
    A

     Configure the system event log to Do not overwrite.

    B

     In IAS, in Remote Access Logging, enable the Authentication requests setting.

    C

     Configure the Remote Access server to Log all events.

    D

     Create a custom remote access policy and configure it for Authentication-Type.


    正确答案: D
    解析: 暂无解析

  • 第21题:

    单选题
    You are designing a security strategy for users who need remote access to the corporate network. What should you do?()
    A

    Configure Internet Authentication Service (IAS) for accounting.

    B

    Configure the server running Routing and Remote Access to support L2TP.

    C

    Configure the server running Routing and Remote Access to restrict dial-in traffic to the NewApp servers only.

    D

    Create a separate account for remote access users. Configure these accounts to access the NewApp server only.


    正确答案: B
    解析: 暂无解析

  • 第22题:

    单选题
    You are a network administrator for your company. The network consists of a single Active Directory domain. The domain contains three Windows Server 2003 domain controllers, 20 Windows Server 2003 member servers, and 750 Windows XP Professional computers. The domain is configured to use only Kerberos authentication for all server connections.A user reports that she receives an "Access denied" error message when she attempts to connect to one of the member servers. You want to test the functionality of Kerberos authentication on the user’s client computer.  Which command should you run from the command prompt on the user’s computer?()
    A

    netsh

    B

    netdiag

    C

    ktpass

    D

    ksetup


    正确答案: C
    解析: 暂无解析

  • 第23题:

    单选题
    Your network contains a single Active Directory domain. All domain controllers run Windows Server   2008 R2. There are 1,000 client computers that run Windows 7 and that are connected to managedswitches.   You need to recommend a strategy for network access that meets the following requirements:   èUsers are unable to bypass network access restrictions.   èOnly client computers that have up-to-date service packs installed can access the network.   èOnly client computers that have up-to-date anti-malware software installed can access the network.   What should you recommend?()
    A

    Implement Network Access Protection (NAP) that uses DHCP enforcement.

    B

    Implement Network Access Protection (NAP) that uses 802.1x enforcement.

    C

    Implement a Network Policy Server (NPS), and enable IPsec on the domain controllers.

    D

    Implement a Network Policy Server (NPS), and enable Remote Authentication Dial-In User Service  (RADIUS) authentication on the managed switches.


    正确答案: C
    解析: 暂无解析

  • 第24题:

    单选题
    You are the network administrator for your company. The network consists of a single Active Directory domain.  The company has remote users in the sales department who work from home. The remote users’ client computers run Windows XP Professional, and they are not members of the domain. The remote users’ client computers have local Internet access through an ISP.   The company is deploying a Windows Server 2003 computer named Server1 that has Routing and Remote Access installed. Server1 will function as a VPN server, and the remote users will use it to connect to the company network. Confidential research data will be transmitted from the remote users’ client computers. Security is critical to the company and Server1 must protect the remote users’ data transmissions to the main office. The remote client computers will use L2TP/IPSec to connect to the VPN server.  You need to choose a secure authentication method.   What should you do? ()
    A

     Use the authentication method of the default IPSec policies.

    B

     Create a custom IPSec policy and use the Kerberos version 5 authentication protocol.

    C

     Create a custom IPSec policy and use certificate-based authentication.

    D

     Create a custom IPSec policy and use preshared key authentication.

    E

     Use the authentication method of the Routing and Remote Access custom IPSec policy for L2TP connection.


    正确答案: B
    解析: 暂无解析

相关内容