多选题Which two are true about authentication?()AForm-based logins should NOT be used with HTTPS.BWhen using Basic Authentication the target server is NOT authenticated.CJ2EE compliant web containers are NOT required to support the HTTPS protocol.DWeb contai

题目
多选题
Which two are true about authentication?()
A

Form-based logins should NOT be used with HTTPS.

B

When using Basic Authentication the target server is NOT authenticated.

C

J2EE compliant web containers are NOT required to support the HTTPS protocol.

D

Web containers are required to support unauthenticated access to unprotected web resources.

相似考题

1.Which two statements about using the CHAP authentication mechanism in a PPP link are true?()A.CHAP uses a two-way handshakeB.CHAP authentication periodically occurs after link establishmentC.CHAP has no protection from playback attacksD.CHAP authentication is performed only upon link establishmentE.CHAP uses a three-way handshakeF.CHAP authentication passwords are sent in plaintext

2. Company.com network consists of a single Active Directory domain named  Company.com.Company.com has an Exchange Server 2010 organization.The Company.com employees use Microsoft Office Outlook 2007 to connect to their mailboxes.RPC over HTTP and Auto discover are configured on Microsoft Office Outlook 2007. A new Company.com security policy requires that the employees connected to the domain does not need authentication when using Outlook Anywhere.However, those not connected t the domain needs to be authentication when using Outlook Anywhere.The employees need to comply with the new Company.com security policy.  What should you do?()A、You should consider using Basic authentication on Outlook Anywhere and set up only Basic authentication on the RPC virtual directory.B、You should consider using NTLM authentication on Outlook Anywhere and set up Basic authentication and NTLM authentication on the RPC virtual directory.C、You should consider using NTLM authentication on Outlook Anywhere and set up only Basic authentication on the RPC virtual directory.D、You should consider using Basic authentication on Outlook Anywhere and set up Basic authentication and NTLM authentication on the RPC virtual directory.

3.Which two are true about authentication?()A、Form-based logins should NOT be used with HTTPS.B、When using Basic Authentication the target server is NOT authenticated.C、J2EE compliant web containers are NOT required to support the HTTPS protocol.D、Web containers are required to support unauthenticated access to unprotected web resources.

4.Which two statements about authentication settings for DCNM-LAN are true? ()A、 If none of the authentication servers that are configured for the current authentication mode responds to an authentication request, the DCNM-LAN server falls back to localauthentication.B、 DCNM-LAN only supports TACACS+.C、 Each DCNM-LAN server will have the same device credentials.D、 Administering DCNM-LAN authentication settings requires an authentication license.E、 DCNM-LAN server users are local to the DCNM-LAN server.

更多“多选题Which two are true about authentication?()AForm-based logins should NOT be used with HTTPS.BWhen using Basic Authentication the target server is NOT authenticated.CJ2EE compliant web containers are NOT required to support the HTTPS protocol.DWeb contai”相关问题

  • 第1题:

    Which two statements about using the CHAP authentication mechanism in a PPP link are true?()

    • A、CHAP uses a two-way handshake
    • B、CHAP authentication periodically occurs after link establishment
    • C、CHAP has no protection from playback attacks
    • D、CHAP authentication is performed only upon link establishment
    • E、CHAP uses a three-way handshake
    • F、CHAP authentication passwords are sent in plaintext

    正确答案:B,E

  • 第2题:

    Which activity supports the data integrity requirements of an application?()

    • A、Using HTTPS as a protocol
    • B、Using an LDAP security realm
    • C、Using HTTP Basic authentication
    • D、Using forms-based authentication

    正确答案:A

  • 第3题:

    Which two statements regarding external authentication servers for firewall userauthentication are true?()

    • A、Up to three external authentication server types can be used simultaneously.
    • B、Only one external authentication server type can be used simultaneously.
    • C、If the local password database is not configured in the authentication order, and the configured authentication server is unreachable, authentication is not performed.
    • D、If the local password database is not configured in the authentication order, and the configured authentication server rejects the authentication request, authentication is not performed

    正确答案:B,D

  • 第4题:

    Your company has a server that runs Windows Server 2008. The server has the Web Server (IIS) role installed.  You need to activate SSL for the default Web site.  Which two actions should you perform?()

    • A、Obtain and import a server certificate by using the IIS Manager console.
    • B、Select the Generate Key option in the Machine Key dialog box for the default Web site.
    • C、Add bindings for the HTTPS protocol to the default Web site by using the IIS Manager console.
    • D、Install the Digest Authentication component for the Web server role by using the Server Manager console.

    正确答案:A,C

  • 第5题:

    You need to ensure that the company’s standard password policy is enforced for all logins that areused to access SQL Server 2005.Which two actions should you perform?()

    • A、Set the appropriate local password policies for all computers on which SQL Server is installed.
    • B、Set the server authentication mode of all SQL Server instances to Windows Authentication mode.
    • C、Install all instances of SQL Server 2005 on computers that run Windows Server 2003 or later.
    • D、Create SQL Server logins that have CHECK_POLICY enabled.

    正确答案:C,D

  • 第6题:

    多选题
    Which two are true about authentication?()
    A

    Form-based logins should NOT be used with HTTPS.

    B

    When using Basic Authentication the target server is NOT authenticated.

    C

    J2EE compliant web containers are NOT required to support the HTTPS protocol.

    D

    Web containers are required to support unauthenticated access to unprotected web resources.


    正确答案: A,C
    解析: 暂无解析

  • 第7题:

    多选题
    You manage a server that runs Windows Server 2008. The server has the Web Server (IIS) role installed. The server hosts an Internet-accessible Web site that has a virtual directory named /orders/. A Web server certificate is installed and an SSL listener has been configured for the Web site. The /orders/ virtual directory must meet the following company policy requirements: Be accessible to authenticated users only. Allow authentication types to support all browsers. Encrypt all authentication traffic by using HTTPS.  All other directories of the Web site must be accessible to anonymous users and be available withoutSSL.  You need to configure the /orders/ virtual directory to meet the company policy requirements.  Which two actions should you perform?()
    A

    Configure the Web site to the Require SSL setting.

    B

    Configure the /orders/ virtual directory to the Require SSL setting.

    C

    Configure the Digest Authentication setting to Enabled for the /orders/ virtual directory.

    D

    Configure the Basic Authentication setting to Enabled and the Anonymous Authentication setting to Disabled for the Web site.

    E

    Configure the Basic Authentication setting to Enabled and the Anonymous Authentication setting to Disabled for the /orders/ virtual directory.


    正确答案: C,A
    解析: 暂无解析

  • 第8题:

    多选题
    Which two statements regarding external authentication servers for firewall userauthentication are true?()
    A

    Up to three external authentication server types can be used simultaneously.

    B

    Only one external authentication server type can be used simultaneously.

    C

    If the local password database is not configured in the authentication order, and the configured authentication server is unreachable, authentication is not performed.

    D

    If the local password database is not configured in the authentication order, and the configured authentication server rejects the authentication request, authentication is not performed


    正确答案: B,A
    解析: 暂无解析

  • 第9题:

    多选题
    You need to design an access control strategy for the external and intranet Web sites. Which two actions should you perform?()
    A

    Enable SSL on the external Web site by using a Microsoft cryptographic service provider (CSP)

    B

    Enable Microsoft .NET Passport authentication on the external Web site. Use Passport Level 0 with SSL on the external Web site

    C

    Enable SSL on the external Web site by using a commercial digital certificate

    D

    Enable SSL on the intranet Web site by using an internal server certificate

    E

    Enable SSL on the external Web site by using an internal server certificate


    正确答案: E,A
    解析: 暂无解析

  • 第10题:

    多选题
    Which two statements about the open and shared key wireless-authentication methods are true? ()
    A

    Shared key authentication is considered more secure than open authentication.

    B

    Shared key authentication is considered less secure than open authentication.

    C

    If the WEP keys do not match using the open authentication method, the client will not authenticate, associate, and transfer data.

    D

    If the WEP keys do not match using the open authentication method, the client will still be able to authenticate and associate, but will not transfer data.

    E

    If the WEP keys do not match using the open authentication method, the client will still be able to authenticate, associate, and transfer data.


    正确答案: C,B
    解析: 暂无解析

  • 第11题:

    多选题
    Which two statements about using the CHAP authentication mechanism in a PPP link are true?()
    A

    CHAP uses a two-way handshake

    B

    CHAP authentication periodically occurs after link establishment

    C

    CHAP has no protection from playback attacks

    D

    CHAP authentication is performed only upon link establishment

    E

    CHAP uses a three-way handshake

    F

    CHAP authentication passwords are sent in plaintext


    正确答案: E,D
    解析: 暂无解析

  • 第12题:

    单选题
    Which the basic authentication type is optional for a J2EE 1.4 compliant web container?()
    A

     HTTP Basic Authentication

    B

     Form Based Authentication

    C

     HTTP Digest Authentication

    D

     HTTPS Client Authentication


    正确答案: A
    解析: 暂无解析

  • 第13题:

    Which two authentication mechanisms provide weaker protection than other mechanisms?()

    • A、 HTTP Basic Authentication
    • B、 Form Based Authentication
    • C、 HTTP Digest Authentication
    • D、 HTTPS Client Authentication

    正确答案:A,B

  • 第14题:

    Which basic authentication type is optional for a J2EE 1.4 compliant web container?()

    • A、HTTP Basic Authentication
    • B、Form Based Authentication
    • C、HTTP Digest Authentication
    • D、HTTPS Client Authentication

    正确答案:C

  • 第15题:

    Which two statements regarding external authentication servers for firewall user authentication are true?() (Choose two.)

    • A、Up to three external authentication server types can be used simultaneously.
    • B、Only one external authentication server type can be used simultaneously.
    • C、If the local password database is not configured in the authentication order, and the configured authentication server  bypassed.
    • D、If the local password database is not configured in the authentication order, and the configured authentication server authentication is rejected.

    正确答案:B,D

  • 第16题:

    You are an IIS Web server administrator implementing authentication settings for a new Web site.According to the requirements for the Human Resources Web site, users should be prompted forauthentication information when they attempt to access the site. The site will be accessed only by userswho have accounts in your organization’s Active Directory domain. You have already configured the filesystem permissions for the content based on the appropriate settings. You also want to maximize securityof the site. Which two actions should you take to meet these requirements?()

    • A、Enable Windows authentication.
    • B、Enable basic authentication.
    • C、Disable anonymous authentication.
    • D、Enable anonymous authentication.

    正确答案:A,C

  • 第17题:

    You manage a server that runs Windows Server 2008. The server has the Web Server (IIS) role installed. The server hosts an Internet-accessible Web site that has a virtual directory named /orders/. A Web server certificate is installed and an SSL listener has been configured for the Web site. The /orders/ virtual directory must meet the following company policy requirements: Be accessible to authenticated users only. Allow authentication types to support all browsers. Encrypt all authentication traffic by using HTTPS.  All other directories of the Web site must be accessible to anonymous users and be available withoutSSL.  You need to configure the /orders/ virtual directory to meet the company policy requirements.  Which two actions should you perform?()

    • A、Configure the Web site to the Require SSL setting.
    • B、Configure the /orders/ virtual directory to the Require SSL setting.
    • C、Configure the Digest Authentication setting to Enabled for the /orders/ virtual directory.
    • D、Configure the Basic Authentication setting to Enabled and the Anonymous Authentication setting to Disabled for the Web site.
    • E、Configure the Basic Authentication setting to Enabled and the Anonymous Authentication setting to Disabled for the /orders/ virtual directory.

    正确答案:B,E

  • 第18题:

    多选题
    Your company has a server that runs Windows Server 2008. The server has the Web Server (IIS) role installed.  You need to activate SSL for the default Web site.  Which two actions should you perform?()
    A

    Obtain and import a server certificate by using the IIS Manager console.

    B

    Select the Generate Key option in the Machine Key dialog box for the default Web site.

    C

    Add bindings for the HTTPS protocol to the default Web site by using the IIS Manager console.

    D

    Install the Digest Authentication component for the Web server role by using the Server Manager console.


    正确答案: C,B
    解析: 暂无解析

  • 第19题:

    多选题
    Which two statements about authentication settings for DCNM-LAN are true? ()
    A

    If none of the authentication servers that are configured for the current authentication mode responds to an authentication request, the DCNM-LAN server falls back to localauthentication.

    B

    DCNM-LAN only supports TACACS+.

    C

    Each DCNM-LAN server will have the same device credentials.

    D

    Administering DCNM-LAN authentication settings requires an authentication license.

    E

    DCNM-LAN server users are local to the DCNM-LAN server.


    正确答案: A,D
    解析: 暂无解析

  • 第20题:

    多选题
    Which two statements about the open and shared key wireless-authentication methods are true?()
    A

    shared key authentication is considered more secure than open authentication

    B

    shared key authentication is considered less secure than open authentication

    C

    if the WEP keys do not match using the open authentication method, the client will not authenticate, associate, and transfer data

    D

    if the WEP keys do not match using the open authentication method, the client will still be able to authenticate and associate, but will not transfer data

    E

    if the WEP keys do not match using the open authentication method, the client will still be able to authenticate, associate, and transfer data


    正确答案: E,D
    解析: 暂无解析

  • 第21题:

    多选题
    Which two statements regarding external authentication servers for firewall user authentication are true?() (Choose two.)
    A

    Up to three external authentication server types can be used simultaneously.

    B

    Only one external authentication server type can be used simultaneously.

    C

    If the local password database is not configured in the authentication order, and the configured authentication server  bypassed.

    D

    If the local password database is not configured in the authentication order, and the configured authentication server authentication is rejected.


    正确答案: B,A
    解析: 暂无解析

  • 第22题:

    多选题
    You need to ensure that the company’s standard password policy is enforced for all logins that areused to access SQL Server 2005.Which two actions should you perform?()
    A

    Set the appropriate local password policies for all computers on which SQL Server is installed.

    B

    Set the server authentication mode of all SQL Server instances to Windows Authentication mode.

    C

    Install all instances of SQL Server 2005 on computers that run Windows Server 2003 or later.

    D

    Create SQL Server logins that have CHECK_POLICY enabled.


    正确答案: A,B
    解析: 暂无解析

  • 第23题:

    单选题
    Which basic authentication type is optional for a J2EE 1.4 compliant web container?()
    A

    HTTP Basic Authentication

    B

    Form Based Authentication

    C

    HTTP Digest Authentication

    D

    HTTPS Client Authentication


    正确答案: B
    解析: 暂无解析

  • 第24题:

    多选题
    You are an IIS Web server administrator implementing authentication settings for a new Web site.According to the requirements for the Human Resources Web site, users should be prompted forauthentication information when they attempt to access the site. The site will be accessed only by userswho have accounts in your organization’s Active Directory domain. You have already configured the filesystem permissions for the content based on the appropriate settings. You also want to maximize securityof the site. Which two actions should you take to meet these requirements?()
    A

    Enable Windows authentication.

    B

    Enable basic authentication.

    C

    Disable anonymous authentication.

    D

    Enable anonymous authentication.


    正确答案: B,C
    解析: 暂无解析

相关内容