niusouti.com

单选题When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()A IPsec RoutingB Access ControlC IP Address PoolD Source Interface

题目
单选题
When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()
A

IPsec Routing

B

Access Control

C

IP Address Pool

D

Source Interface

相似考题

1.In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()A. to specify the destination addresses to which access is permittedB. to specify the source address permitted to access the resourceC. to specify the services to which access is permittedD. to inform the enforcer to expect policy information from the Junos Pulse Access Control Service

2.You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()A. resource access policiesB. Host Enforcer policiesC. source IP enforcement policiesD. IPsec enforcement policies

3.You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()A. Resource access policy on the MAG Series deviceB. IPsec routing policy on the MAG Series deviceC. General traffic policy blocking access through the firewall enforcerD. Auth table entry on the firewall enforcer

4.You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service.What must you add to complete the security policy configuration?()A. The intranet-auth authentication optionB. The redirect-portal application serviceC. The uac-policy application serviceD. The ipsec-vpn tunnel

更多“单选题When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()A IPsec RoutingB Access ControlC IP Address PoolD Source Interface”相关问题

  • 第1题:

    Which two methods of authentication are used by the Infranet Controller for IPSec enforcement?()

    A. dial-up VPN

    B. IKE authentication

    C. XAuth authentication

    D. shared IKE authentication


    参考答案:A, C

  • 第2题:

    Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()

    A. You do not need to configure a RADIUS client policy.

    B. You must know the exact model number of the Infranet Enforcer.

    C. You must specify the NACN password of the device in the RADIUS client policy.

    D. You do not need to designate a location group to which the Infranet Enforcer will belong.


    参考答案:A

  • 第3题:

    When using the Cisco SDM Quick Setup Siteto-Site VPN wizard, which three parameters do you configure?()

    • A、Source interface where encrypted traffic originates
    • B、IP address for the remote peer
    • C、Transform set for the IPsec tunnel
    • D、Interface for the VPN connection

    正确答案:A,B,D

  • 第4题:

    Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()

    • A、You do not need to configure a RADIUS client policy.
    • B、You must know the exact model number of the Infranet Enforcer.
    • C、You must specify the NACN password of the device in the RADIUS client policy.
    • D、You do not need to designate a location group to which the Infranet Enforcer will belong.

    正确答案:A

  • 第5题:

    Which two methods of authentication are used by the Infranet Controller for IPSec enforcement?()

    • A、dial-up VPN
    • B、IKE authentication
    • C、XAuth authentication
    • D、shared IKE authentication

    正确答案:A,C

  • 第6题:

    When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()

    • A、IPsec Routing
    • B、Access Control
    • C、IP Address Pool
    • D、Source Interface

    正确答案:D

  • 第7题:

    An IPsec tunnel is established on an SRX Series Gateway on an interface whose IP address was obtained using DHCP.Which two statements are true? ()(Choose two.)

    • A、Only main mode can be used for IKE negotiation
    • B、A local-identity must be defined
    • C、It must be the initiator for IKE
    • D、A remote-identity must be defined

    正确答案:B,C

  • 第8题:

    You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()

    • A、resource access policies
    • B、Host Enforcer policies
    • C、source IP enforcement policies
    • D、IPsec enforcement policies

    正确答案:D

  • 第9题:

    单选题
    You want to configure your Windows 2000 Professional computer to remotely access your company’s Windows 2000 routing and remote access server. You configure a VPN connection. For security purposes, you configure the VPN connection to use MS-CHAP v2 only and to require encryption. You also configure TCP/IP to obtain an IP address automatically, to enable IPSec, and to set IPSec to secure server. When you try to connect, you receive the following error message, “The encryption attempt failed because no valid certificate was found.” What should you do to connect to the server? ()
    A

    Enable the VPN connection to use MS-CHAP.

    B

    Change the data encryption setting to Optional Encryption.

    C

    Specify a TCP/IP address in the network properties.

    D

    Change the IPSec policy setting to Client.


    正确答案: D
    解析: 暂无解析

  • 第10题:

    单选题
    You work as the enterprise exchange administrator at Xxx .Xxx is using Microsoft Exchange Server 2010 as their messaging solution.What actions must you take to change the Exchange-specific cost for a site link?()
    A

    You must configure the host (A) resource records.

    B

    You must add and configure an IPSec Enforcement Network policy.

    C

    You must create an Outlook Web App Mailbox policy.

    D

    You must use the Set-ADSiteLink cmdlet.


    正确答案: D
    解析: 暂无解析

  • 第11题:

    单选题
    You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service. What must you add to complete the security policy configuration?()
    A

    The intranet-auth authentication option

    B

    The redirect-portal application service

    C

    The uac-policy application service

    D

    The ipsec-vpn tunnel


    正确答案: D
    解析: 暂无解析

  • 第12题:

    单选题
    You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()
    A

    Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computers

    B

    Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computers

    C

    Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computers

    D

    Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers


    正确答案: B
    解析: 暂无解析

  • 第13题:

    When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()

    A. IPsec Routing

    B. Access Control

    C. IP Address Pool

    D. Source Interface


    参考答案:D

  • 第14题:

    You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()

    • A、The crypto ACL number
    • B、The IPSEC mode (tunnel or transport)
    • C、The GRE tunnel interface IP address
    • D、The GRE tunnel source interface or IP address, and tunnel destination IP address
    • E、The MTU size of the GRE tunnel interface

    正确答案:C,D

  • 第15题:

    The LAN-side of the Teleworker router is assigned private IP address space (RFC1918), and the VPN topology is IPSec-only (no GRE protocol). When is it required to configure NAT/pNAT on the Teleworker router?()

    • A、when all access to the Internet is through the IPSec tunnel
    • B、when there is direct Internet access via split-tunneling
    • C、when there is no Internet access configured through the Teleworker router
    • D、whenever you have IOS-Firewall (CBAC) configured

    正确答案:B

  • 第16题:

    You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service. What must you add to complete the security policy configuration?()

    • A、The intranet-auth authentication option
    • B、The redirect-portal application service
    • C、The uac-policy application service
    • D、The ipsec-vpn tunnel

    正确答案:C

  • 第17题:

    In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()

    • A、to specify the destination addresses to which access is permitted
    • B、to specify the source address permitted to access the resource
    • C、to specify the services to which access is permitted
    • D、to inform the enforcer to expect policy information from the Junos Pulse Access Control Service

    正确答案:D

  • 第18题:

    You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()

    • A、Resource access policy on the MAG Series device
    • B、IPsec routing policy on the MAG Series device
    • C、General traffic policy blocking access through the firewall enforcer
    • D、Auth table entry on the firewall enforcer

    正确答案:A,D

  • 第19题:

    You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI). To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer?()

    • A、CLI
    • B、WebUI
    • C、NSM
    • D、Junos Pulse Access Control Service

    正确答案:C,D

  • 第20题:

    You work as the enterprise exchange administrator at Xxx .Xxx is using Microsoft Exchange Server 2010 as their messaging solution.What actions must you take to change the Exchange-specific cost for a site link?()

    • A、You must configure the host (A) resource records.
    • B、You must add and configure an IPSec Enforcement Network policy.
    • C、You must create an Outlook Web App Mailbox policy.
    • D、You must use the Set-ADSiteLink cmdlet.

    正确答案:D

  • 第21题:

    单选题
    Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? ()
    A

    You do not need to configure a RADIUS client policy.

    B

    You must know the exact model number of the Infranet Enforcer.

    C

    You must specify the NACN password of the device in the RADIUS client policy.

    D

    You do not need to designate a location group to which the Infranet Enforcer will belong.


    正确答案: C
    解析: 暂无解析

  • 第22题:

    多选题
    You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()
    A

    The crypto ACL number

    B

    The IPSEC mode (tunnel or transport)

    C

    The GRE tunnel interface IP address

    D

    The GRE tunnel source interface or IP address, and tunnel destination IP address

    E

    The MTU size of the GRE tunnel interface


    正确答案: A,D
    解析: 暂无解析

  • 第23题:

    单选题
    In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()
    A

    to specify the destination addresses to which access is permitted

    B

    to specify the source address permitted to access the resource

    C

    to specify the services to which access is permitted

    D

    to inform the enforcer to expect policy information from the Junos Pulse Access Control Service


    正确答案: A
    解析: 暂无解析

  • 第24题:

    单选题
    When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()
    A

    IPsec Routing

    B

    Access Control

    C

    IP Address Pool

    D

    Source Interface


    正确答案: B
    解析: 暂无解析

相关内容