In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authori
题目
An access control mechanism (71) between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls, routers, files, and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is (72) to access the system at all. Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to(73)access. An auditing function monitors and keeps a record of user accesses to system resources.
In practice, a number of(74)may cooperatively share the access control function. All operating systems have at least a rudimentary(基本的), and in many cases a quite robust, access control component. Add-on security packages can add to the(75)access control capabilities of the OS. Particular applications or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services.
B.monitor
C.grant
D.seek
相似考题
更多“In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or ”相关问题
-
第1题:
NAC's (Network Access Control) role is to restrict network access to only compliant endpoints and (请作答此空)users. However, NAC is not a complete LAN( )solution; additional proactive and ( )security measures must be implemented, Nevis is the first and only comprehensive LAN security solution that combines deep security processing of every packet at 10Gbps, ensuring a high level of security plus application availability and performance. Nevis integrates NAC as the first line of LAN security( ). In addition to NAC, enterprises need to implement role-based network access control as well as critical proactive security measures—real-time, multilevel( )inspection and microsecond threat containment.A.automated]
B.distinguished]
C.authenticated]
D.destructed]答案:C解析:网络访问控制(NAC)的作用是限制对网络的访问,只允许注册的终端和认证的用户访问网络。然而NAC,不是一个完整的LAN安全解决方案,另外还要实现主动的和被动的安全手段。Nevis是第一个也是仅有的全面的LAN安全解决方案,它以10Gbps的速率对每一个分组进行深度的安全处理,在提供高级别安全的同时能保证网络应用的可利用性和适当的性能。Nevis集成了NAC作为LAN的第一道安全防线。此外,企业还需要实现基于角色的网络访问控制,以及起关键作用的主动安全测试——实时的多级安全威胁检测和微秒级的安全威胁堵截。集中的安全策略配置、管理和报告使其能够迅速地对问题进行分析,对用户的活动进行跟踪,这些都是实时可见的,也是历史可查的。 -
第2题:
What are two reasons that a network administrator would use access lists (Choose two.)()。
- A、to control vty access into a router
- B、to control broadcast traffic through a router
- C、to filter traffic as it passes through a router
- D、to filter traffic that originates from the router
- E、to replace passwords as a line of defense against security incursions
正确答案:A,C -
第3题:
Which two statements apply to dynamic access lists?()
- A、they offer simpler management in large internetworks.
- B、you can control logging messages.
- C、they allow packets to be filtered based on upper-layer session information.
- D、you can set a time-based security policy.
- E、they provide a level of security against spoofing.
- F、they are used to authenticate individual users
正确答案:C,D -
第4题:
Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address?()
- A、 reduction of processing in wireless controllers
- B、 distributed approach to authentication, encryption, and policy enforcement
- C、 provides security by blocking communication between access points and wireless clients
- D、 access point discovery, information exchange, and configuration
正确答案:D -
第5题:
What is the goal of the borderless network architecture?()
- A、to provide users with A single device that permits access to information anywhere
- B、to provide users with the same productivity and access to information no matter where are or which device they use
- C、to eliminate the need for border security and firewalls
- D、to provide companies with A way to extend their security and control over employees on the internet
正确答案:B -
第6题:
When determining a customer’s security requirements using the security site survey from the steps for success methodology, which three of theses should be included in the customer’s security policy and procedures?()
- A、Third-party due diligence policy review
- B、Remote Access Policy
- C、Encryption Policy
- D、Application change control policy
- E、Security Personnel policy
正确答案:A,B,D -
第7题:
The root id is set so that direct login is disabled. Information must be reviewed relating to when root access was obtained. In which of the following files is this information located?()
- A、 /var/adm/sulog
- B、 /var/adm/wtmp
- C、 /etc/security/user
- D、 /etc/security/failedlogin
正确答案:A -
第8题:
单选题What is the goal of the borderless network architecture?()Ato provide users withA single device that permits access to information anywhere
Bto provide users with the same productivity and access to information no matter where are or which device they use
Cto eliminate the need for border security and firewalls
Dto provide companies withA way to extend their security and control over employees on the internet
正确答案: D解析: 暂无解析 -
第9题:
单选题LDAP is being utilized throughout the Company Wireless network. Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address? ()AReduction of processing in wireless controllers
BDistributed approach to authentication, encryption, and policy enforcement
CAccess point discovery, information exchange, and configuration
DProvides security by blocking communication between access points and wireless clients
ENone of the other alternatives apply.
正确答案: D解析: 暂无解析 -
第10题:
单选题Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()ASource IP and browser
BSource IP and certificate
CCertificate and Host Checker
DHost Checker and source IP
正确答案: B解析: 暂无解析 -
第11题:
单选题The root id is set so that direct login is disabled. Information must be reviewed relating to when root access was obtained. In which of the following files is this information located?()A/var/adm/sulog
B/var/adm/wtmp
C/etc/security/user
D/etc/security/failedlogin
正确答案: D解析: 暂无解析 -
第12题:
多选题What are two benefits of integrating Junos Pulse Access Control Service with Security Threat Response Manager (STRM)?()AThe ability to detect and prevent malicious traffic.
BThe ability to associate security breaches with a specific user.
CConverged management of network and security events, network flow data, and identity information.
DConsistent device management across administrative realms.
正确答案: C,B解析: 暂无解析 -
第13题:
Network security consists of policies and practices to prevent and monitor( )access,misuse,modification, or denial of a computer network and network-accessible resources.Network security involves the authorization of access to data in a network,which is controlled by the network( ). Users choose or are assigned an ID and password or other authenticating information that allows them to access to information and programs within their authority.Network security secures the network,as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a(请作答此空)name and a corresponding password. Network security starts with authentication.Once authenticated a ( ) enforces policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer( )or Trojans being transmitted over the networkA.complex
B.unique
C.catchy
D.long答案:B解析:网络安全概念。 -
第14题:
LDAP is being utilized throughout the Company Wireless network. Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address? ()
- A、 Reduction of processing in wireless controllers
- B、 Distributed approach to authentication, encryption, and policy enforcement
- C、 Access point discovery, information exchange, and configuration
- D、 Provides security by blocking communication between access points and wireless clients
- E、 None of the other alternatives apply.
正确答案:C -
第15题:
What are two benefits of integrating Junos Pulse Access Control Service with Security Threat Response Manager (STRM)?()
- A、The ability to detect and prevent malicious traffic.
- B、The ability to associate security breaches with a specific user.
- C、Converged management of network and security events, network flow data, and identity information.
- D、Consistent device management across administrative realms.
正确答案:B,C -
第16题:
The LWAPP (Lightweight Access Point Protocol) is in use within the Company wireless LAN. Which statement is true about this protocol?()
- A、 Real-time frame exchange is accomplished within the access point.
- B、 The control traffic between the client and the access point is encapsulated with the LWAPP.
- C、 Authentication, security, and mobility are handled by the access point.
- D、 Data traffic between the client and the access point is encapsulated with LWAPP.
- E、 None of the other alternatives apply
正确答案:A -
第17题:
What is the goal of the borderless network architecture?()
- A、to provide users withA single device that permits access to information anywhere
- B、to provide users with the same productivity and access to information no matter where are or which device they use
- C、to eliminate the need for border security and firewalls
- D、to provide companies withA way to extend their security and control over employees on the internet
正确答案:B -
第18题:
A technician works in a datacenter that is shared by multiple companies. The technician isconcerned with preventing the theft of proprietary information by other technicians with access to the datacenter. Which of the following is the BEST way to prevent data theft in this scenario?()
- A、Mantraps
- B、Two-factor authentication
- C、Security personnel
- D、Locked rack doors
正确答案:D -
第19题:
You are the administrator of your company’s network. Ten Windows 2000 Professional computers are located in the Research department. The computers contain highly confidential information. You want the 10 computers to be able to communicate with other Windows 2000 Professional computers on the network. However, you do not want them to communicate with computers that are not running Windows 2000, including those that are running Windows 95, Windows 98 and Windows NT. You want to configure a security policy on each computer to ensure that the confidential information is secure. What should you do?()
- A、Use Security Configuration and Analysis to import the Hisecws.inf security template file to modify the default security settings.
- B、Use security templates to create a security template file and import the security settings to modify the default security settings.
- C、Use the local computer policy to disable the access to this computer from the network option.
- D、Use Secedit.exe to reconfigure the computers’ default security settings to not allow anonymous access to the computers.
正确答案:A -
第20题:
多选题You want to create a security policy on an SRX240 that redirects unauthenticated users back to the Junos Pulse Access Control Service.Which two steps must you take to accomplish this task?()AConfigure a captive-portal service that redirects all traffic back to the Junos Pulse Access Control Service.
BConfigure a security policy that references the unified-access-control captive-portal service.
CConfigure a captive-portal service that redirects unauthenticated traffic back to the Junos Pulse Access Control Service.
DConfigure a security policy that references the unified-access-control intranet-controller service.
正确答案: D,C解析: 暂无解析 -
第21题:
单选题The LWAPP (Lightweight Access Point Protocol) is in use within the Company wireless LAN. Which statement is true about this protocol?()AReal-time frame exchange is accomplished within the access point.
BThe control traffic between the client and the access point is encapsulated with the LWAPP.
CAuthentication, security, and mobility are handled by the access point.
DData traffic between the client and the access point is encapsulated with LWAPP.
ENone of the other alternatives apply
正确答案: C解析: 暂无解析 -
第22题:
多选题What information does the Junos Pulse Access Control Service provide to Security Threat Response Manager (STRM)?()ASession length
BUser browser information
CSession IP address
DUser identity information
正确答案: D,A解析: 暂无解析 -
第23题:
单选题Which Cisco product family can simultaneously implement firewall, VPN, content security, network access control, virtualization, anD content filtering?()Acatalyst switches
Badaptive security appliances
Cintrusion prevention systems
Dprotect link gateway
正确答案: A解析: 暂无解析 -
第24题:
单选题What is the goal of the borderless network architecture?()Ato provide users with A single device that permits access to information anywhere
Bto provide users with the same productivity and access to information no matter where are or which device they use
Cto eliminate the need for border security and firewalls
Dto provide companies with A way to extend their security and control over employees on the internet
正确答案: D解析: 暂无解析