Network Access Protection (NAP) is configured for the corporate network. Users connect to the corporate network by using portable computers. The company policy required confidentiality of data when the data is in transmit between the portable computers an

题目

Network Access Protection (NAP) is configured for the corporate network. Users connect to the corporate network by using portable computers. The company policy required confidentiality of data when the data is in transmit between the portable computers and the servers. You need to ensure taht users can access network resources only from computers that comply with the company policy. What should you do? ()

  • A、 Create an IPsec Enforcement Network policy
  • B、 Create an 802.1X enforcement network policy
  • C、 Create a wired network (IEEE 802.3) Group Policy
  • D、 Create an Extensible Authentication Portocol (EAP) Enforcement Network Policy

相似考题
参考答案和解析
正确答案:A
更多“Network Access Prote”相关问题
  • 第1题:

    In 8011 terminology.all communication was to go through the base station, called an(75)

    A.Access Channel

    B.Access System

    C.Access Point

    D.Network Access Point


    正确答案:C
    解析:在802.11的术语中,所有的通信都经过一个被称作AP(访问点)的基站。

  • 第2题:

    To compete in today's fast-paced competitive environment, organizations are increasingly allowing contractors, partners, visitors and guests to access their internal enterprise network. These users may connect to the network through wired ports in conference rooms or offices, or via wireless access points. In allowing this open access for third parties, LANs become(71). Third parties can introduce risk in a variety of ways from connecting with an infected laptop to unauthorized access of network resources to(72) activity. For many organizations, however, the operational complexity and costs to ensure safe third party network access has been prohibitive. Fifty-two percent of surveyed CISOs stated that they currently use a moat and castle" security approach, and admit that defenses inside the perimeter are weak. Threats from internal users are also increasingly a cause for security concerns. Employees with malicious intent can launch(73) of service attacks or steal(74) information by snooping the network. As they access the corporate network, mobile and remote users inadvertently can infect the network with(75) and worms acquired from unprotected public networks. Hackers masquerading as internal users can take advantage of weak internal security to gain access to confidential information.

    A.damageable

    B.susceptible

    C.vulnerable

    D.changeable


    正确答案:C
    解析:为了参与如今迅速发展的竞争环境,各种组织逐渐允许承包商、合伙人、游客和来宾访问他们的内部企业网。这些用户可能通过在会议室或办公室的有线端口连接网络,也可能通过无线访问点来连接网络。由于允许第二方的开放式访问,局域网就变得很脆弱。第三方可能通过各种途径引入风险,从被感染的移动终端进行未经授权的网络资源访问,到不怀好意的活动都会出现。然而对很多组织来说,操作的复杂性和保证第三方安全地访问网络的费用都是难于承受的。根据CISO的调查,52%的用户使用了城堡式的安全方案,但是网络内部的防卫却是很脆弱的。来自内部用户的安全威胁正在成为网络安全关注的焦点。心怀叵测的雇员可以发动拒绝服务攻击或通过窥探网络来窃取机密信息。当移动用户或远程用户访问公司网络时,他们可能从未经保护的公网上不经意地引入病毒和蠕虫。伪装成内部用户的黑客们会利用脆弱的内部安全来获取机密信息。

  • 第3题:

    Which three of the following basic network services are provided by the Cisco IOS?()

    • A、Defines the network topology
    • B、Access to network resources
    • C、Routing and switching functions
    • D、Content Filtering
    • E、Intrusion Detection

    正确答案:A,B,C

  • 第4题:

    NAS是指()。

    • A、网络接入服务器Network Access Server
    • B、网络认证服务器Network Authentication Server
    • C、网络接入业务Network Access Service
    • D、网络认证系统Network Authentication System

    正确答案:A

  • 第5题:

    How is network layer addressing accomplished in the OSI protocol suite?()

    • A、Internet Protocol address
    • B、Media Access Control address
    • C、Packet Layer Proto col address
    • D、Network Service Access Point address
    • E、Authority and Format Identifier address

    正确答案:D

  • 第6题:

    Your computer has a wired network adapter and a wireless network adapter. You use the wireless network adapter only when traveling.  You need to configure the network adapter profile settings to ensure that other systems are allowed to discover your computer only when you are at home.  What are two possible ways to achieve this goal?()

    • A、When you configure access to the wired network at home, set the wired network adapter location type to Private.
    • B、When you configure access to the wired network at home, set the wired network adapter location type to Public.
    • C、When you configure access to the public wireless access points, set the wireless network adapter location type to Private.
    • D、When you configure access to the public wireless access points, set the wireless network adapter location type to Public.

    正确答案:A,D

  • 第7题:

    Your network contains a single Active Directory domain. All domain controllers run Windows Server   2008 R2. There are 1,000 client computers that run Windows 7 and that are connected to managedswitches.   You need to recommend a strategy for network access that meets the following requirements:   èUsers are unable to bypass network access restrictions.   èOnly client computers that have up-to-date service packs installed can access the network.   èOnly client computers that have up-to-date anti-malware software installed can access the network.   What should you recommend?()

    • A、Implement Network Access Protection (NAP) that uses DHCP enforcement.
    • B、Implement Network Access Protection (NAP) that uses 802.1x enforcement.
    • C、Implement a Network Policy Server (NPS), and enable IPsec on the domain controllers.
    • D、Implement a Network Policy Server (NPS), and enable Remote Authentication Dial-In User Service  (RADIUS) authentication on the managed switches.

    正确答案:B

  • 第8题:

    单选题
    SAN(存储区域网络)术语的全称是()。
    A

    “Storage Area Network”

    B

    “Near Attached Storage”

    C

    “Network Access Storage”

    D

    “Near Access Storage”


    正确答案: D
    解析: 暂无解析

  • 第9题:

    多选题
    Your computer has a wired network adapter and a wireless network adapter. You use the wireless network adapter only when you are traveling.  You need to configure the network adapter profile settings to ensure that the computer discovers other network devices only when you are at home.  Which two actions should you perform?()
    A

    When you configure access to the wired network at home, set the wired network adapter location type to Public.

    B

    When you configure access to the wired network at home, set the wired network adapter location type to Private.

    C

    When you configure access to the public wireless access points, set the wireless network adapter location type to Public.

    D

    When you configure access to the public wireless access points, set the wireless network adapter location type to Private.


    正确答案: D,B
    解析: 暂无解析

  • 第10题:

    多选题
    You must configure access to the corporate network for employees using a client access method. Users require IPsec tunneling to protected resources and an 802.1X supplicant. Users will access the network using Windows platforms.Which two client access methods would support these requirements?()
    A

    Junos Pulse

    B

    Java Agent

    C

    Odyssey Access Client

    D

    Native 802.1X supplicant


    正确答案: C,A
    解析: 暂无解析

  • 第11题:

    单选题
    Your network contains a server that runs Windows Server 2008. The server has the Network Policy and Access Services server role installed.You need to allow only members of a global group named Group1 VPN access to the network. What should you do? ()
    A

    Add Group1 to the RAS and IAS Servers group.

    B

    Add Group1 to the Network Configuration Operators group.

    C

    Create a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 1.

    D

    Create a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 3.


    正确答案: D
    解析: 暂无解析

  • 第12题:

    单选题
    Your network contains a wireless access point. You have a computer that runs Windows 7. The computerconnects to the wireless access point. You disable Service Set Identifier (SSID) broadcasts on the wirelessaccess point. You discover that you are now unable to connect to the wireless access point from theWindows 7 computer. You need to ensure that the computer can connect to the wireless access point. What should you do?()
    A

    From Credential Manager, modify the generic credentials.

    B

    From Credential Manager, modify the Windows credentials.

    C

    From Network and Sharing Center, turn on Network discovery.

    D

    From Network and Sharing Center, modify the wireless network connection settings.


    正确答案: C
    解析: 暂无解析

  • 第13题:

    What are two recommended ways of protecting network device configuration files from outside network security threats (Choose two.)()。

    A.Allow unrestricted access to the console or VTY ports

    B.Use a firewall to restrict access from the outside to the network devices

    C.Always use Telnet to access the device command line because its data is automatically encrypted

    D.Use SSH or another encrypted and authenticated transport to access device configurations

    E.Prevent the loss of passwords by disabling password encryption


    参考答案:B, D

  • 第14题:

    Network security consists of policies and practices to prevent and monitor( )access,misuse,modification, or denial of a computer network and network-accessible resources.Network security involves the authorization of access to data in a network,which is controlled by the network( ). Users choose or are assigned an ID and password or other authenticating information that allows them to access to information and programs within their authority.Network security secures the network,as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a(请作答此空)name and a corresponding password. Network security starts with authentication.Once authenticated a ( ) enforces policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer( )or Trojans being transmitted over the network

    A.complex
    B.unique
    C.catchy
    D.long

    答案:B
    解析:
    网络安全概念。

  • 第15题:

    SAN(存储区域网络)术语的全称是()。

    • A、“Storage Area Network”
    • B、“Near Attached Storage”
    • C、“Network Access Storage”
    • D、“Near Access Storage”

    正确答案:A

  • 第16题:

    What are two recommended ways of protecting network device configuration files from outside network security threats? (Choose two.)()

    • A、Allow unrestricted access to the console or VTY ports.
    • B、Use a firewall to restrict access from the outside to the network devices.
    • C、Always use Telnet to access the device command line because its data is automatically encrypted.
    • D、Use SSH or another encrypted and authenticated transport to access device configurations.
    • E、Prevent the loss of passwords by disabling password encryption. 

    正确答案:B,D

  • 第17题:

    Service Level Agreements (SLA) typically do not address()

    • A、 Network access and availability
    • B、 Application access and availability
    • C、 Escalation and conflict resolution
    • D、 Headcounts and budgets

    正确答案:D

  • 第18题:

    Your company has deployed Network Access Protection (NAP).You configure secure wireless access to the network by using 802.1X authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP.  What should you do?()

    • A、Configure all access points as RADIUS clients to the Remediation Servers.
    • B、Configure all access points as RADIUS clients to the Network Policy Server (NPS).
    • C、Create a Network Policy that defines Remote Access Server as a network connection method.
    • D、Create a Network Policy that specifies EAP-TLS as the only available authentication method.

    正确答案:B

  • 第19题:

    Your company has deployed Network Access Protection (NAP). You configure secure wireless access to the network by using 802.1x authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP.  what should you do()? 

    • A、Configure all access points as RADIUS clients to the Remediation Servers
    • B、Configure all access points as RADIUS clients to the Network Policy Server (NPS)
    • C、Create a Network Policy that defines Remote Access Server as a network connection method
    • D、Create a Network Policy that specifies EAP-TLS as the only availible authentication method.

    正确答案:B

  • 第20题:

    单选题
    A company wants to secure access to its internal wireless network. The company wants to use themost secure means to access the network. Which of the following is the BEST choice for wireless security in this situation?()
    A

    WEP encryption

    B

    Channel rotation

    C

    Disable SSID

    D

    WPA encryption


    正确答案: D
    解析: 暂无解析

  • 第21题:

    多选题
    What are two recommended ways of protecting network device configuration files from outside network security threats (Choose two.)()。
    A

    Allow unrestricted access to the console or VTY ports

    B

    Use a firewall to restrict access from the outside to the network devices

    C

    Always use Telnet to access the device command line because its data is automatically encrypted

    D

    Use SSH or another encrypted and authenticated transport to access device configurations

    E

    Prevent the loss of passwords by disabling password encryption


    正确答案: E,D
    解析: 暂无解析

  • 第22题:

    单选题
    Your network contains a server that runs Windows Server 2008. The server has the Network Policy Server (NPS) service role installed. You need to allow only members of a global group named Group1 VPN access to the network. What should you do?()
    A

    Add Group1 to the RAS and IAS Servers Group

    B

    Add Group1 to the Network Configuration Operators group

    C

    Create a new network policy and define a group-based connection for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 1

    D

    Create a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access Granted. Set the processing of the policy to 3.


    正确答案: C
    解析: 暂无解析

  • 第23题:

    单选题
    Which of the following defines access for a network?()
    A

    ACL

    B

    RDF

    C

    RAS

    D

    ARP


    正确答案: C
    解析: 暂无解析

  • 第24题:

    单选题
    You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains Windows Server 2003 file servers. The network also contains a Windows Server 2003 computer named Server1 that runs Routing and Remote Access and Internet Authentication Service (IAS). Server1 provides VPN access to the network for users’ home computers.   You suspect that an external unauthorized user is attempting to access the network through Server1. You want to log the details of access attempts by VPN users when they attempt to access the network. You want to compare the IP addresses of users’ home computers with the IP addresses used in the access attempts to verify that the users are authorized.  You need to configure Server1 to log the details of access attempts by VPN users.   What should you do?  ()
    A

     Configure the system event log to Do not overwrite.

    B

     In IAS, in Remote Access Logging, enable the Authentication requests setting.

    C

     Configure the Remote Access server to Log all events.

    D

     Create a custom remote access policy and configure it for Authentication-Type.


    正确答案: C
    解析: 暂无解析