多选题You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()ASelect Require and Enforce for the Host Checker Policy in the realm authentication

题目
多选题
You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()
A

Select Require and Enforce for the Host Checker Policy in the realm authentication policy.

B

Select Evaluate Policies for the Host Checker policy in the realm authentication policy.

C

Configure the Host Checker policy as a role restriction for the Employee role.

D

Configure the Host Checker policy as a resource access policy for the Employee role.

相似考题

1.Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A. Source IP and browserB. Source IP and certificateC. Certificate and Host CheckerD. Host Checker and source IP

2.You have created a Host Checker policy that contains multiple rules. You want to inform end users which rule specifically has failed.In the admin GUI, which configuration setting would you enable?()A. Enable Custom InstructionsB. Pre-auth notificationC. Remediation messageD. Send reason strings

3.Your corporate security policy requires that a user performing attacks must have limited network access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" >"Sensors" >"Sensor Event Policies" >[rule name] to accomplish this?()A. IgnoreB. Replace users roleC. Terminate user sessionD. Disable user account

4.You are the administrator of a Junos Pulse Access Control Service implementation. You must restrict authenticated users connected from the branch offices to a few specific resources within the data center. However, when the authenticated users are connected at the corporate office, they are allowed more access to the data center resources.You have created two roles with different levels of access and are trying to determine the best way of controlling when a user is mapped to a specific role. Having the user prompted to manually select their role is possible, but you want to automate the process.Which configuration solves this problem?()A. Implement a RADIUS request attribute policy to assist with realm selection and create different role-mapping rules for the user in each realm.B. Implement a directory/attribute server on the realm and set up this server to determine by group membership the proper role to which a user should be mapped.C. Reorder the role-mapping rules to allow for the more open role to be mapped first and then enable the "stop processing rules when this rule matches" function on this role.D. Implement a Host Checker policy on the realm that determines the geographic location of the device and restricts the user based on the results of the policy.

参考答案和解析
正确答案: D,B
解析: 暂无解析
更多“多选题You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()ASelect Require and Enforce for the Host Checker Policy in the realm authentication ”相关问题

  • 第1题:

    You want to create a Host Checker policy that looks for a specific antivirus product that is running on your client machines, but the predefined antivirus options do not include the antivirus product version that you use.Which feature should you verify the antivirus product is up to date?()

    A. Enhanced Endpoint Security

    B. DP signatures

    C. Antivirus licensing

    D. Endpoint Security Assessment Plug-in


    参考答案:D

  • 第2题:

    If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()

    A. All roles are evaluated together.

    B. Each role is evaluated separately.

    C. Clients must pass all policies to access the role.

    D. Clients will pass as long as one policy is accepted.


    参考答案:B, C

  • 第3题:

    You are designing a password management solution to meet the business and technical requirements.  Which two actions should you perform?hich two actions should you perform?()

    • A、 Delegate the password management controls to the help desk staff.
    • B、 Delegate the password management controls to the Domain Users group.
    • C、 Configure the Default Domain Policy to enforce password expiration settings.
    • D、 Configure the Default Domain Controller Policy to enforce password expiration settings.

    正确答案:B,D

  • 第4题:

    You are configuring an SRX210 as a firewall enforcer that will tunnel IPsec traffic from several Junos Pulse users.Which two parameters must you configure on the SRX210?()

    • A、access profile
    • B、IKE parameters
    • C、tunneled interface
    • D、redirect policy

    正确答案:A,B

  • 第5题:

    Your corporate security policy requires that a user performing attacks must have limited network access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" > "Sensors" > "Sensor Event Policies" > [rule name] to accomplish this?()

    • A、Ignore
    • B、Replace users role
    • C、Terminate user session
    • D、Disable user account

    正确答案:B

  • 第6题:

    Which two statements are true about applying Host Checker at the realm level?()

    • A、If Evaluate is checked then the client must pass policy to get the sign-in page.
    • B、If Evaluate is checked then the client can fail policy and still get the sign-in page.
    • C、If Require and Enforce is checked then the client must pass policy to get the sign-in page.
    • D、If Require and Enforce is checked then the client can fail policy and still get the sign-in page.

    正确答案:B,C

  • 第7题:

    You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()

    • A、Dynamic auth table mapping is not enabled.
    • B、A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.
    • C、To create a static auth table mapping, you must delete the default policy.
    • D、The default policy applies only to the factory-default role User.

    正确答案:A

  • 第8题:

    多选题
    On the Junos Pulse Access Control Service, you have created a role called Secret that you only want to provide to users who present a certificate.Using the admin GUI, which two features would you configure to satisfy this requirement?()
    A

    Sign-in Policy

    B

    Role Mapping Rule

    C

    Role Restrictions

    D

    Trusted Server CA


    正确答案: C,D
    解析: 暂无解析

  • 第9题:

    多选题
    You want to enforce a company’s business policy on several objects by using a single policy function. Which two types of policies can be assigned to the policy_type argument in the dbms_rls.add_policy procedure to achieve the above objective? ()
    A

    DBMS_RLS.STATIC

    B

    DBMS_RLS.DYNAMIC

    C

    DBMS_RLS.SHARED_STATIC

    D

    DBMS_RLS.CONTEXT_SENSITIVE

    E

    DBMS_RLS.SHARED_CONTEXT_SENSITIVE


    正确答案: C,B
    解析: 暂无解析

  • 第10题:

    多选题
    You administer a network with Windows-based endpoints that have custom software images. You want to use Host Checker to require that endpoints are running the custom software image.Which two Host Checker policy rules would be used to enforce this requirement?()
    A

    Isolate a file name unique to the custom image and create a custom rule-type of File which matches on the file. Select the Required option under the custom rule.

    B

    Identify the MAC address unique to network cards installed in PCs with the custom image and create a custom rule-type of MAC Address which matches on the appropriate MAC address.

    C

    Select the Required option under the custom rule Identify the IP address unique to the network cards installed in PCs with the custom image and create a custom rule-type of IP Address which matches on the appropriate IP address. Select the Required option under the custom rule.

    D

    Isolate or create a unique Windows registry key for the custom image and create a custom rule- type of Registry Setting which matches on the name of the registry key.


    正确答案: C,D
    解析: 暂无解析

  • 第11题:

    多选题
    You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()
    A

    Select Require and Enforce for the Host Checker Policy in the realm authentication policy.

    B

    Select Evaluate Policies for the Host Checker policy in the realm authentication policy.

    C

    Configure the Host Checker policy as a role restriction for the Employee role.

    D

    Configure the Host Checker policy as a resource access policy for the Employee role.


    正确答案: B,C
    解析: 暂无解析

  • 第12题:

    多选题
    You are configuring an SRX210 as a firewall enforcer that will tunnel IPsec traffic from several Junos Pulse users.Which two parameters must you configure on the SRX210?()
    A

    access profile

    B

    IKE parameters

    C

    tunneled interface

    D

    redirect policy


    正确答案: C,B
    解析: 暂无解析

  • 第13题:

    You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()

    A. Dynamic auth table mapping is not enabled.

    B. A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.

    C. To create a static auth table mapping, you must delete the default policy.

    D. The default policy applies only to the factory-default role User.


    参考答案:A

  • 第14题:

    You want to create a Host Checker policy that looks for a specific antivirus product that is running on your client machines, but the predefined antivirus options do not include the antivirus product version that you use.Which feature should you verify the antivirus product is up to date?()

    • A、Enhanced Endpoint Security
    • B、DP signatures
    • C、Antivirus licensing
    • D、Endpoint Security Assessment Plug-in

    正确答案:D

  • 第15题:

    You are designing a strategy of enforce the corporate security policy. Which action or actions should you perform?()

    • A、Configure a password policy that requires strong passwords  
    • B、Configure a password policy that requires all users to change their passwords once a month.  
    • C、Allow users in the branch offices to log on between the hours of 8:00 AM and 5:00 PM, Monday through Friday.  
    • D、Allow users in the retail outlets to log on between the hours of 6:00 AM and 11:00 PM, daily. 
    • E、Enable a policy that forces users to log off when their logon hours expire. 

    正确答案:A,B,C,D,E

  • 第16题:

    You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()

    • A、Select "Require and Enforce" for the Host Checker Policy in the realm authentication policy.
    • B、Select "Evaluate Policies" for the Host Checker policy in the realm authentication policy.
    • C、Configure the Host Checker policy as a role restriction for the Employee role.
    • D、Configure the Host Checker policy as a resource access policy for the Employee role.

    正确答案:B,C

  • 第17题:

    Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()

    • A、Source IP and browser
    • B、Source IP and certificate
    • C、Certificate and Host Checker
    • D、Host Checker and source IP

    正确答案:D

  • 第18题:

    You have created a Host Checker policy that contains multiple rules. You want to inform end users which rule specifically has failed.In the admin GUI, which configuration setting would you enable?()

    • A、Enable Custom Instructions
    • B、Pre-auth notification
    • C、Remediation message
    • D、Send reason strings

    正确答案:D

  • 第19题:

    You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003, and all client computers run Windows XP Professional. A new management directive states that users can log to the domain only during business hours. Users who remain logged on after business hours must be automatically disconnected from network resources. You need to enforce this directive by using the minimum amount of administrative effort. Which two actions should you perform?() (Each correct answer presents part of the solution. Choose two)

    • A、Configure the Default Domain Policy Group Policy object (GPO) to increase scheduling priority for all users.
    • B、Configure the Default Domain Policy Group Policy object (GPO) to force users to log off when their logon hours expire.
    • C、Select all user accounts. Modify the account properties to restrict logon hours to business hours.
    • D、Create a domain user account named Temp. Configure the account properties to restrict logon hours to business hours.
    • E、Modify the DACL on the Default Domain Policy Group Policy object (GPO) to assign the Allow - Read permission to the Users group.

    正确答案:B,C

  • 第20题:

    多选题
    You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003, and all client computers run Windows XP Professional. A new management directive states that users can log to the domain only during business hours. Users who remain logged on after business hours must be automatically disconnected from network resources. You need to enforce this directive by using the minimum amount of administrative effort. Which two actions should you perform?() (Each correct answer presents part of the solution. Choose two)
    A

    Configure the Default Domain Policy Group Policy object (GPO) to increase scheduling priority for all users.

    B

    Configure the Default Domain Policy Group Policy object (GPO) to force users to log off when their logon hours expire.

    C

    Select all user accounts. Modify the account properties to restrict logon hours to business hours.

    D

    Create a domain user account named Temp. Configure the account properties to restrict logon hours to business hours.

    E

    Modify the DACL on the Default Domain Policy Group Policy object (GPO) to assign the Allow - Read permission to the Users group.


    正确答案: E,C
    解析: 暂无解析

  • 第21题:

    多选题
    You are designing a password management solution to meet the business and technical requirements.  Which two actions should you perform?hich two actions should you perform?()
    A

    Delegate the password management controls to the help desk staff.

    B

    Delegate the password management controls to the Domain Users group.

    C

    Configure the Default Domain Policy to enforce password expiration settings.

    D

    Configure the Default Domain Controller Policy to enforce password expiration settings.


    正确答案: A,C
    解析: 暂无解析

  • 第22题:

    单选题
    Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()
    A

    Source IP and browser

    B

    Source IP and certificate

    C

    Certificate and Host Checker

    D

    Host Checker and source IP


    正确答案: B
    解析: 暂无解析

  • 第23题:

    多选题
    If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()
    A

    All roles are evaluated together.

    B

    Each role is evaluated separately.

    C

    Clients must pass all policies to access the role.

    D

    Clients will pass as long as one policy is accepted.


    正确答案: C,D
    解析: 暂无解析

  • 第24题:

    多选题
    Which two statements are true about applying Host Checker at the realm level?()
    A

    If Evaluate is checked then the client must pass policy to get the sign-in page.

    B

    If Evaluate is checked then the client can fail policy and still get the sign-in page.

    C

    If Require and Enforce is checked then the client must pass policy to get the sign-in page.

    D

    If Require and Enforce is checked then the client can fail policy and still get the sign-in page.


    正确答案: D,A
    解析: 暂无解析

相关内容