Your corporate security policy requires that a user performing attacks must have limited network access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" > "Senso

题目

Your corporate security policy requires that a user performing attacks must have limited network access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" > "Sensors" > "Sensor Event Policies" > [rule name] to accomplish this?()

  • A、Ignore
  • B、Replace users role
  • C、Terminate user session
  • D、Disable user account

相似考题
更多“Your corporate security policy requires that a user performing attacks must have limited network access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" "Sensor”相关问题
  • 第1题:

    Your corporate security policy requires that a user performing attacks must have limited network access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" >"Sensors" >"Sensor Event Policies" >[rule name] to accomplish this?()

    A. Ignore

    B. Replace users role

    C. Terminate user session

    D. Disable user account


    参考答案:B

  • 第2题:

    You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()

    A. Dynamic auth table mapping is not enabled.

    B. A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.

    C. To create a static auth table mapping, you must delete the default policy.

    D. The default policy applies only to the factory-default role User.


    参考答案:A

  • 第3题:

    Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008 R2. All servers run Windows Server 2008 R2.   A corporate security policy requires complex passwords for user accounts that have administrator  privileges. You need to design a strategy that meets the following requirements: èEnsures that administrators use complex passwords   èMinimizes the number of servers required to support the solution What should you include in your design?()

    • A、Implement Network Access Protection (NAP).
    • B、Implement Active Directory Rights Management Services (AD RMS).
    • C、Create a new Password Settings Object (PSO) for administrator accounts.
    • D、Create a new child domain in the forest. Move all non-administrator accounts to the new domain.Configure a complex password policy in the root domain.

    正确答案:C

  • 第4题:

    The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()

    • A、TestKing1(config-if)# switchport port-security maximum 1
    • B、TestKing1(config)# mac-address-table secure
    • C、TestKing1(config)# access-list 10 permit ip host
    • D、TestKing1(config-if)# switchport port-security violation shutdown
    • E、TestKing1(config-if)# ip access-group 10

    正确答案:A,D

  • 第5题:

    Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()

    • A、Source IP and browser
    • B、Source IP and certificate
    • C、Certificate and Host Checker
    • D、Host Checker and source IP

    正确答案:D

  • 第6题:

    You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()

    • A、Dynamic auth table mapping is not enabled.
    • B、A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.
    • C、To create a static auth table mapping, you must delete the default policy.
    • D、The default policy applies only to the factory-default role User.

    正确答案:A

  • 第7题:

    You administer a network containing SRX Series firewalls. New policy requires that you implement MAG Series devices to provide access control for end users. The policy requires that the SRX Series devices dynamically enforce security policy based on the source IP address of the user. The policy also requires that the users communicate with protected resources using encrypted traffic. Which two statements are true?()

    • A、The endpoints can use agentless access.
    • B、Encrypted traffic flows between the endpoint and the enforcer.
    • C、Encrypted traffic flows between the endpoint and the protected resource
    • D、The endpoints can use the Odyssey Access Client.

    正确答案:B,D

  • 第8题:

    Your network contains an Active Directory forest. The functional level of the forest is Windows Server  2008 R2.   Your companys corporate security policy states that the password for each user account must be  changed at least every 45 days.   You have a user account named Service1. Service1 is used by a network application named Application1.   Every 45 days, Application1 fails.   After resetting the password for Service1, Application1 runs properly.   You need to resolve the issue that causes Application1 to fail. The solution must adhere to the corporate  security policy.   What should you do()

    • A、Run the Set-ADAccountControl cmdlet.
    • B、Run the Set-ADServiceAccount cmdlet.
    • C、Create a new password policy.
    • D、Create a new Password Settings object (PSO).

    正确答案:B

  • 第9题:

    Your company uses Network Access Protection (NAP) to enforce policies on client computers that connect to the network. Client computers run Windows 7. A Group Policy is used to configure client computers to obtain updates from Windows Server Update Services (WSUS).Company policy requires that updates labeled Important and Critical must be applied before client computers can access network resources.You need to ensure that client computers meet the company policy requirement. What should you do?()

    • A、Enable automatic updates on each client.
    • B、Enable the Security Center on each client.
    • C、Quarantine clients that do not have all available security updates installed.
    • D、Disconnect the connection until the required updates are installed.

    正确答案:C

  • 第10题:

    You are a security administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. All servers run Windows Server 2003. All computers on the network are members of the domain.    Traffic on the network is encrypted by IPSec. The domain contains a custom IPSec policy named Lan Security that applies to all computers in the domain. The Lan Security policy does not allow unsecured communication with non-lPSec-aware computers. The company’s written security policy states that the configuration of the domain and the configuration of the Lan Security policy must not be changed. The domain contains a multihomed server named Server1. Server1 isconnected to the company network, and Server1 is also connected to a test network. Currently, the Lan Security IPSec policy applies to network traffic on both network adapters in Server1. You need to configure Server1 so that it communicates on the test network without IPSec security. Server1 must still use the Lan Security policy when it communicates on the company network.  How should you configure Server1?()

    • A、 Configure a packet filter for the network adapter on the test network to block the Internet Key Exchange (IKE) port.
    • B、 Configure the network adapter on the test network to disable IEEE 802.1x authentication.
    • C、 Configure the network adapter on the test network to enable TCP/IP filtering, and then permit all traffic.
    • D、 Use the netsh command to assign a persistent IPSec policy that permits all traffic on the network adapter on the test.
    • E、 Assign an IPSec policy in the local computer policy that permits all traffic on the network adapter on the test.

    正确答案:D

  • 第11题:

    单选题
    Your network contains a server named Server1 that runs Windows Server 2008 R2.You have a user named User1.You need to ensure that User1 can view the events in the Security event log. The solution must minimize the number of rights assigned to User1. What should you do?()
    A

    In Event Viewer, filter the Security log.

    B

    In Event Viewer, configure the properties of the Security log.

    C

    In the Local Security Policy console, modify the Security Options.

    D

    In the Registry Editor, add a Security Descriptor Definition Language (SDDL) value.


    正确答案: A
    解析: 暂无解析

  • 第12题:

    多选题
    You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()
    A

    Select Require and Enforce for the Host Checker Policy in the realm authentication policy.

    B

    Select Evaluate Policies for the Host Checker policy in the realm authentication policy.

    C

    Configure the Host Checker policy as a role restriction for the Employee role.

    D

    Configure the Host Checker policy as a resource access policy for the Employee role.


    正确答案: B,C
    解析: 暂无解析

  • 第13题:

    You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()

    A. Resource access policy on the MAG Series device

    B. IPsec routing policy on the MAG Series device

    C. General traffic policy blocking access through the firewall enforcer

    D. Auth table entry on the firewall enforcer


    参考答案:A, D

  • 第14题:

    Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are developing a security monitoring plan. You must monitor the files that are stored in a specific directory on a member server. You have the following requirements. Log all attempts to access the files.Retain log information until the full weekly backup occurs. You need to ensure that the security monitoring plan meets the requirements.  What should your plan include?()

    • A、 Configure a directory service access audit policy. Increase the maximum size of the security log.
    • B、 Configure a directory service access audit policy. Set the system log to overwrite events older than 7 days.
    • C、 Configure an object access audit policy for the directory. Increase the maximum size of the system log.
    • D、 Configure an object access audit policy for the directory. Set the security log to overwrite events older than 7 days.

    正确答案:D

  • 第15题:

    You are an administrator of a large campus network. Every switch on a floor within each building of your campus has been configured for a different VLAN. During implementation of the Junos Pulse Access Control Service, you must configure a RADIUS return attribute policy to apply a role representing a group of authenticated users that frequently transport their laptops from building to building and floor to floor. In the admin GUI, which policy element would you enable to accommodate these users?()

    • A、Add Session-Timeout attribute with value equal to the session lifetime
    • B、Add Termination-Action attribute with value equal 1
    • C、VLAN
    • D、Open port

    正确答案:D

  • 第16题:

    You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()

    • A、Select "Require and Enforce" for the Host Checker Policy in the realm authentication policy.
    • B、Select "Evaluate Policies" for the Host Checker policy in the realm authentication policy.
    • C、Configure the Host Checker policy as a role restriction for the Employee role.
    • D、Configure the Host Checker policy as a resource access policy for the Employee role.

    正确答案:B,C

  • 第17题:

    You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()

    • A、Resource access policy on the MAG Series device
    • B、IPsec routing policy on the MAG Series device
    • C、General traffic policy blocking access through the firewall enforcer
    • D、Auth table entry on the firewall enforcer

    正确答案:A,D

  • 第18题:

    You have been tasked with performing an update to the IDP attack database. Which three requirements areincluded as part of this task?()

    • A、The IDP security package must be installed after it is downloaded.
    • B、The device must be rebooted to complete the update.
    • C、The device must be connected to a network.
    • D、An IDP license must be installed on your device.
    • E、You must be logged in as the root user

    正确答案:A,C,D

  • 第19题:

    Your company uses Network Access Protection (NAP) to enforce policies on client computers taht connect to the network. Client computers run Windows Vista. A Group Policy is used to configure client computers to obtain updates from WSUS. Company policy requires that updates labeled important and Critical must be applied before client computers can access network resources. You need to ensure that client computers meet the company policy requirement. What should you do()

    • A、 Enable automatic updates on each client
    • B、 enable the Security Center on each client
    • C、 Quarantine clients that do nto have all availible security updates installed
    • D、 Disconnect the remote connection until the required updates are installed.

    正确答案:C

  • 第20题:

    You are a security administrator for your company. The network consists of a single Active Directory domain. Servers run either Windows Server 2003 or Windows 2000 Server. All client computers run Windows XP Professional.    The company’s written security policy states that user accounts must be locked if an unauthorized user attempts to guess the users, passwords. The current account policy locks out a user after two invalid password attempts in five minutes. The user remains locked out until the account is reset by an administrator. Users frequently call the help desk to have their account unlocked. Calls related to account lockout constitute 25 percent of help desk calls.    You need to reduce the number of help desk calls related to account lockout.  What should you do?()

    • A、 Modify the Default Domain Controllers Policy Group Policy object(GPO). Increase the maximum lifetime for service
    • B、 Modify the Default Domain Policy Group Policy object(GPO). Configure an account lockout threshold of 10.
    • C、 Modify the Default Domain Controllers Policy Group Policy object(GPO). Disable the enforcement of user logon res
    • D、 Modify the Default Domain Policy Group Policy object(GPO). Increase the minimum password age.

    正确答案:B

  • 第21题:

    You are a network administrator of an organization. Maria and John are your network assistant. You have grant then the rights to modify the user properties in the computer management. You want to audit the modification in user accounts. What should you do?()

    • A、Turn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.
    • B、Turn on auditing for objects in the Local Security Policy and Select 'Object Access'. 
    • C、Use Windows Explorer to turn on auditing for the specific files.
    • D、Have the administrator for domains log you on as an administrator and enable auditing for a  specific file.
    • E、Turn on auditing for objects in the Local Security Policy and Select 'Account Management'.
    • F、Allow only one account at a time to log on to your shared folder. Check the event viewer to  see who logged on. 

    正确答案:E

  • 第22题:

    our company uses network access protection (NAP) to enforce policies on client computers that connect to the network. Client computes run windows vista. A group policy is used to configure client computers to obtain updates from WSUS. Company policy requires that updates labeled important and critical must be applied before client computers can access network resources. You need to ensure that client computers meet the company policy requirement. What should you do?()

    • A、Enable automatic updates on each client.
    • B、Enable the security center on each client.
    • C、Quarantine clients that do not have all available security updates installed.
    • D、Disconnect the remote connection until the required updates are installed.

    正确答案:C

  • 第23题:

    单选题
    You are a network administrator of an organization. Maria and John are your network assistant. You have grant then the rights to modify the user properties in the computer management. You want to audit the modification in user accounts. What should you do?()
    A

    Turn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.

    B

    Turn on auditing for objects in the Local Security Policy and Select 'Object Access'. 

    C

    Use Windows Explorer to turn on auditing for the specific files.

    D

    Have the administrator for domains log you on as an administrator and enable auditing for a  specific file.

    E

    Turn on auditing for objects in the Local Security Policy and Select 'Account Management'.

    F

    Allow only one account at a time to log on to your shared folder. Check the event viewer to  see who logged on. 


    正确答案: C
    解析: 暂无解析