多选题What are two roles of the authenticator as described in the 802.1X standard? （）AIt proxies the authentication information between the supplicant and the authentication server.BIt controls physical access to the network.CIt communicates with the authent

第1题：

What is not a difference between VPN tunnel authentication and per-user authentication?（）

• A、VPN tunnel authentication is part of the IKE specification. 
• B、VPN tunnel authentication does not control which end user can use the IPSec SA (VPN tunnel).
• C、User authentication is used to control access for a specific user ID, and can be used with or without a VPN tunnel for network access authorization. 
• D、802.1X with EAP-TLS (X.509 certificates) can be used to authenticate an IPSec tunnel.

第2题：

Which two pieces of information are needed when declaring the web resource collection in the deployment descriptor？（）

• A、 the URL pattern that requires authorization
• B、 the HTTP methods that require authorization
• C、 the users allowed access to the web resource
• D、 the J2EE roles allowed access to the web resource
• E、 the authentication mechanism required by the web resource

第3题：

The database instance has the following parameter setting： OS_AUTHENT_PREFIX = OPS$ OS_ROLES = FALSE  REMOTE_OS_AUTHENT = FALSE REMOTE_OS_ROLES = FALSE TIMED_OS_STATISTICS = 0  You have a local operating system user SKD. You create a database user OPS$SKD， and then  assignexternal authentication. The user OPS$SKD has the CREATE SESSION privilege.  What would youachieve by the above process（）

• A、The database user OPS$SKD will be able to administer the database.
• B、The authentication detail for the database user OPS$SKD is recorded in the password file.
• C、The local operating system user SKD will be able to access the database instance without specifying the username and password.
• D、The database user OPS$SKD has to login with the password of the local operating system user SKD to access the database instance.

第4题：

Which statement regarding 802.1X is true?（）

• A、802.1X is simple to implement on any workstation.
• B、802.1X requires access-lists to allow IP voice traffic across.
• C、Authentication is initiated when the workstation connects to an Ethernet port.
• D、802.1X requires HTTP access to initiate authentication.

第5题：

You are the network administrator for your company. A user is complaining that they are not able to access the network with the Junos Pulse client. You run a packet capture on the network interface to monitor the 802.1X authentication process. You notice that after the EAP- request/identity packet is received, and the supplicant responds with an EAP-response/identity packet, no further communication occurs for several seconds. What are three causes for this behavior?（）

• A、The authenticator is not licensed to support Junos Pulse.
• B、The authenticator did not receive the EAP-response/identity packet.
• C、The authentication server is not receiving the RADIUS packet containing the EAP-response/identity data.
• D、The authenticator is sending the request over its loopback interface.
• E、The authentication server is sending back a RADIUS response packet, but the authenticator is not forwarding the response back to the supplicant.

第6题：

What will serve as a RADIUS Client to the Infranet Controller for 802.1x authentication? （）

• A、an ACE server
• B、a wireless network
• C、an Ethernet switch
• D、Odyssey Access Client

第7题：

You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do？（）

• A、Design a custom IPSec policy to implement Encapsulating Security Payload （ESP） for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computers
• B、Design a customer IPSec policy to implement Authentication Header （AH） for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computers
• C、Design a customer IPSec policy to implement Encapsulating Payload （ESP） for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computers
• D、Design a customer IPSec policy to implement Authentication Header （AH） for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

In an IEEE 802.1x deployment，between which two devices EAPOL messages typically are sent？（）

• A、Between the supplicant and the authenticator
• B、Between the authenticator and the authentication server
• C、Between the supplicant and the authentication server
• D、Between the RADIUS server and the authenticator

第14题：

What are two steps to configure user authentication for a Junos Pulse Access Control Service?（）

• A、Configure an authentication policy as part of the user role definitions.
• B、Configure a Sign-in Policy.
• C、Configure authentication agents as part of the user role definitions
• D、Configure an authentication policy as part of the authentication realm definition.

第15题：

What are two roles of the authenticator as described in the 802.1X standard? （）

• A、It proxies the authentication information between the supplicant and the authentication server.
• B、It controls physical access to the network.
• C、It communicates with the authentication server only.
• D、It is responsible for verifying the identity of the supplicant through the use of an internal database.

第16题：

You are using ADU and are authenticated and associated to an access point. You are unable toobtain an IP address. Which of the following will cause this problem？（）

• A、AES encryption enabled
• B、TKIP enabled
• C、third-party wireless supplicant enabled
• D、802.1X authentication type enabled

第17题：

When using RADIUS as an external authentication method for 802.1X authentication for the Junos Pulse Access Control Service, what must you do to ensure that the RADIUS authentication works properly?（）

• A、Configure IP helper to forward the authentication requests from the clients to the external RADIUS server
• B、Configure the supplicant as anexternal authentication server
• C、Configure RADIUS proxy on the realm
• D、Specify the correct RADIUS port 389 on the Junos Pulse Access Control Service

第18题：

You need to design an authentication solution for the wireless network. Your solution must meet the security requirements. What should you do？（）

• A、Create wireless VPNs using L2TP/IPSec between the client computers to the wireless access point
• B、Configure IEEE 802.1x authentication with smart cards
• C、Configure the wireless network to use Wired Equivalent Privacy （WEP）
• D、Install and configure an Internet Authentication Service （IAS） server

第19题：

第20题：

第21题：

第22题：

第23题：