多选题You want to enhance the security within the LAN and prevent VLAN hopping. What two steps canbe taken to help prevent this？（）AEnable BPD guardBDisable CDP on ports where it is not necessaryCPlace unused ports in a common unrouted VLANDPrevent automatic 

第1题：

You want to enhance the security within the LAN and prevent VLAN hopping.  What two steps can be taken to help prevent this？（）

• A、Enable BPD guard
• B、Disable CDP on ports where it is not necessary
• C、Place unused ports in a common unrouted VLAN
• D、Prevent automatic trunk configuration
• E、Implement port security

第2题：

You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality？（）

• A、[edit interfaces]
• B、[edit security zones]
• C、[edit system services]
• D、[edit security interfaces]

第3题：

You are the administrator of your company’s network. Ten Windows 2000 Professional computers are located in the Research department. The computers contain highly confidential information. You want the 10 computers to be able to communicate with other Windows 2000 Professional computers on the network. However, you do not want them to communicate with computers that are not running Windows 2000, including those that are running Windows 95, Windows 98 and Windows NT.  You want to configure a security policy on each computer to ensure that the confidential information is secure. What should you do?（）

• A、Use Security Configuration and Analysis to import the Hisecws.inf security template file to modify the default security settings.
• B、Use security templates to create a security template file and import the security settings to modify the default security settings.
• C、Use the local computer policy to disable the access to this computer from the network option.
• D、Use Secedit.exe to reconfigure the computers’ default security settings to not allow anonymous access to the computers.

第4题：

You want to prevent a Windows 2000 Professional computer named Payroll5 from communicating on your network with Windows NT 4.0， Windows 95， and Windows 98 computers. You want to enable the payroll5 computer to communicate on your network with other Windows 2000 computers only. What should you do？（）

• A、Close all NetBIOS ports in the advanced TCP/IP options of Payroll5.
• B、Import the Hisecws.inf security template to payroll5.
• C、Disable access this computer from network in the local security policy settings for payroll5.
• D、Clear all WINS client settings on payroll5.

第5题：

You are the administrator of your company’s network. You use Security Templates to configure a Security Policy on the Windows 2000 Professional Computers in the Sales organizational unit （OU）. You notice that the Computers in the Sales OU are not downloading the Security Policy settings. On each computer， the Security Policy appears in the Local Computer Policy， but is not listed as the effective policy. You want all computers in the Sales OU to have the Security Policy listed as the effective policy. How should you accomplish this task？ （）

• A、Use Security Templates to correct the setting and export the security file.
• B、Use Security Configuration and Analysis to import the security setting. Then create a Group policy object （GPO） for the Sales QU.
• C、Use Secedit /RefreshPolicy Machine_Policy command.
• D、Use the Basicwk.inf security file settings， save the security file， and then import the fileto theComputers.

第6题：

You have stored confidential financial data in a shared folder named AccSecured on your Windows 2000 Prfessional computer. Your company hires an intern named Richard.  You create a subfolder named intern, which Richard needs to access. You want to allow Richard access to the intern subfolder only. You create a user account named intern. You want to allow the intern user account the ability to update, create, and delete files within the intern folder. You need to prevent Richard from accessing any other files or folders within the AccSecured folder.  What should you do?（）

• A、Map a network drive to the AccSecured/intern folder from Richard’s computer.
• B、Map a network drive to the AccSecured shared folder from Richard’s computer.
• C、Allow the intern user account modify permissions on the intern subfolder.
• D、Allow the intern user account traverse folder/execute file permission on the AccSecured folder.
• E、Allow the intern user account list folder content permission on the AccSecured folder. Removeread extended attributes and read permissions.

第7题：

You have a computer that runs Windows 7. You need to prevent ActiveX controls from running in WindowsInternet Explorer.  Which Internet Explorer settings should you modify?（）

• A、Content
• B、Encoding
• C、Safety
• D、Security

第8题：

第9题：

第10题：

第11题：

第12题：

Which version of a view would you use if you just want a quick， easy view within your XPage？（）

• A、Data Table Control
• B、View Control
• C、Repeat Control
• D、Filter by category View Control

第13题：

In which scenario will you use the Flashback Transaction Query feature？（）

• A、 when you want to restore an important table that is dropped from the Recycle Bin
• B、 when you want to obtain the SQL statements to undo the deletion of some important records from a table by a transaction
• C、when you want to restore a dropped user’s schema
• D、 when a row of a table is updated many times within a specific time period and you want all the versions of the row in the specified time period

第14题：

You have a combined Windows 2000 and Windows 98 network that contain sensitive data. You want to utilize as many new Windows 2000 security features as possible. You want to customize a security policy on each computer to ensure that data is kept confidential and secured. Allcomputers must still be able to communicate with each other over the network. What should you do？（）

• A、Use the security configuration and analysis console to improve the HISECWS security  template file.
• B、Use the local computer policy to disable the access this computer from the network option.
• C、Use SECEDIT to reconfigure the computer default security settings to not allow anonymous  access to the computer.
• D、Create a policy that excludes write access to the windows 2000 computers then apply the  policy to all non-windows 2000 computers.
• E、None of the above, Windows 9X systems cannot be secured using security template files.

第15题：

You have a DHCP server that runs Windows Server 2008. The DHCP server has two network connections named LAN1 and LAN2. You need to prevent the DHCP server from responding to DHCP client requests on LAN2. The server must continue to respond to non-DHCP client requests on LAN2. What should you do？ （）

• A、 From the DHCP snap-in， modify the bindings to associate only LAN1 with the DHCP service
• B、 From the DHCP snap-in， create a new multicast scope
• C、 From the properties of the LAN1 network connection， set the metric value to 1
• D、 From the properties of the LAN2 network connection， set the metric value to 1

第16题：

You have 30 NT 4.0 machines and 5 W2k Pro machines on your network. You want to share files on the W2kPro machines that only they can access. The NT 4 machines must not be able to access those shared files at all？ （）

• A、You should import hisecws.inf security template.
• B、You should import hisecdc.inf security template.
• C、You should import securews.inf security template.
• D、You should import compatws.inf security template.

第17题：

You are the network administrator for ExamSheet.  Computers on your network run Windows 2000 Professional, Windows NT Workstation 4.0 and Windows 98. Ten Windows 2000 Professional computers are located in the research department. These computers contain highly confidential information. You want the 10 Windows 2000 Professional computers to be able to communicate only with other Windows 2000 computers.  What should you do?（）

• A、On the research computers use the Local Computer Policy to disable theAccess this computer  from the networkoption.
• B、Use Security Configuration and Analysis to apply the Highly Secure security template to the research computers.
• C、Add the users of the research computers to the Power Users group on each computer.
• D、On the research computers configure the security settings to prevent anonymous access.

第18题：

You are the network administrator for Company.  A user named Marie uses a Windows 2000 Professional computer named ES1 to process payroll records.  You want to prevent ES1 from being able to communicate with any Windows NT Workstation 4.0， Windows 98 and Windows 95 computers on the network. You also want ES1 to communicate only with other Windows 2000 computers.  What should you do？（）

• A、Close all NetBIOS ports in the Advanced TCP/IP options of ES1.
• B、Disable the Access this computer from network policy in the local security policy settings for ES1.
• C、Import the Securews.inf security template to ES1.
• D、Import the Hisecws.inf security template to ES1.
• E、Clear all WINS client settings on ES1.

第19题：

第20题：

第21题：

第22题：