Your corporate security policy requires that a user performing attacks must have limited network access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" > "Sensors" > "Sensor Event Policies" > [rule name] to accomplish this?()
第1题:
Your corporate security policy requires that a user performing attacks must have limited network access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" >"Sensors" >"Sensor Event Policies" >[rule name] to accomplish this?()
A. Ignore
B. Replace users role
C. Terminate user session
D. Disable user account
第2题:
A. Dynamic auth table mapping is not enabled.
B. A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.
C. To create a static auth table mapping, you must delete the default policy.
D. The default policy applies only to the factory-default role User.
第3题:
Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008 R2. All servers run Windows Server 2008 R2. A corporate security policy requires complex passwords for user accounts that have administrator privileges. You need to design a strategy that meets the following requirements: èEnsures that administrators use complex passwords èMinimizes the number of servers required to support the solution What should you include in your design?()
第4题:
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()
第5题:
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()
第6题:
You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?()
第7题:
You administer a network containing SRX Series firewalls. New policy requires that you implement MAG Series devices to provide access control for end users. The policy requires that the SRX Series devices dynamically enforce security policy based on the source IP address of the user. The policy also requires that the users communicate with protected resources using encrypted traffic. Which two statements are true?()
第8题:
Your network contains an Active Directory forest. The functional level of the forest is Windows Server 2008 R2. Your companys corporate security policy states that the password for each user account must be changed at least every 45 days. You have a user account named Service1. Service1 is used by a network application named Application1. Every 45 days, Application1 fails. After resetting the password for Service1, Application1 runs properly. You need to resolve the issue that causes Application1 to fail. The solution must adhere to the corporate security policy. What should you do()
第9题:
Your company uses Network Access Protection (NAP) to enforce policies on client computers that connect to the network. Client computers run Windows 7. A Group Policy is used to configure client computers to obtain updates from Windows Server Update Services (WSUS).Company policy requires that updates labeled Important and Critical must be applied before client computers can access network resources.You need to ensure that client computers meet the company policy requirement. What should you do?()
第10题:
You are a security administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. All servers run Windows Server 2003. All computers on the network are members of the domain. Traffic on the network is encrypted by IPSec. The domain contains a custom IPSec policy named Lan Security that applies to all computers in the domain. The Lan Security policy does not allow unsecured communication with non-lPSec-aware computers. The company’s written security policy states that the configuration of the domain and the configuration of the Lan Security policy must not be changed. The domain contains a multihomed server named Server1. Server1 isconnected to the company network, and Server1 is also connected to a test network. Currently, the Lan Security IPSec policy applies to network traffic on both network adapters in Server1. You need to configure Server1 so that it communicates on the test network without IPSec security. Server1 must still use the Lan Security policy when it communicates on the company network. How should you configure Server1?()
第11题:
In Event Viewer, filter the Security log.
In Event Viewer, configure the properties of the Security log.
In the Local Security Policy console, modify the Security Options.
In the Registry Editor, add a Security Descriptor Definition Language (SDDL) value.
第12题:
Select Require and Enforce for the Host Checker Policy in the realm authentication policy.
Select Evaluate Policies for the Host Checker policy in the realm authentication policy.
Configure the Host Checker policy as a role restriction for the Employee role.
Configure the Host Checker policy as a resource access policy for the Employee role.
第13题:
You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()
A. Resource access policy on the MAG Series device
B. IPsec routing policy on the MAG Series device
C. General traffic policy blocking access through the firewall enforcer
D. Auth table entry on the firewall enforcer
第14题:
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are developing a security monitoring plan. You must monitor the files that are stored in a specific directory on a member server. You have the following requirements. Log all attempts to access the files.Retain log information until the full weekly backup occurs. You need to ensure that the security monitoring plan meets the requirements. What should your plan include?()
第15题:
You are an administrator of a large campus network. Every switch on a floor within each building of your campus has been configured for a different VLAN. During implementation of the Junos Pulse Access Control Service, you must configure a RADIUS return attribute policy to apply a role representing a group of authenticated users that frequently transport their laptops from building to building and floor to floor. In the admin GUI, which policy element would you enable to accommodate these users?()
第16题:
You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()
第17题:
You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()
第18题:
You have been tasked with performing an update to the IDP attack database. Which three requirements areincluded as part of this task?()
第19题:
Your company uses Network Access Protection (NAP) to enforce policies on client computers taht connect to the network. Client computers run Windows Vista. A Group Policy is used to configure client computers to obtain updates from WSUS. Company policy requires that updates labeled important and Critical must be applied before client computers can access network resources. You need to ensure that client computers meet the company policy requirement. What should you do()
第20题:
You are a security administrator for your company. The network consists of a single Active Directory domain. Servers run either Windows Server 2003 or Windows 2000 Server. All client computers run Windows XP Professional. The company’s written security policy states that user accounts must be locked if an unauthorized user attempts to guess the users, passwords. The current account policy locks out a user after two invalid password attempts in five minutes. The user remains locked out until the account is reset by an administrator. Users frequently call the help desk to have their account unlocked. Calls related to account lockout constitute 25 percent of help desk calls. You need to reduce the number of help desk calls related to account lockout. What should you do?()
第21题:
You are a network administrator of an organization. Maria and John are your network assistant. You have grant then the rights to modify the user properties in the computer management. You want to audit the modification in user accounts. What should you do?()
第22题:
our company uses network access protection (NAP) to enforce policies on client computers that connect to the network. Client computes run windows vista. A group policy is used to configure client computers to obtain updates from WSUS. Company policy requires that updates labeled important and critical must be applied before client computers can access network resources. You need to ensure that client computers meet the company policy requirement. What should you do?()
第23题:
Turn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.
Turn on auditing for objects in the Local Security Policy and Select 'Object Access'.
Use Windows Explorer to turn on auditing for the specific files.
Have the administrator for domains log you on as an administrator and enable auditing for a specific file.
Turn on auditing for objects in the Local Security Policy and Select 'Account Management'.
Allow only one account at a time to log on to your shared folder. Check the event viewer to see who logged on.