itgle.com

多选题If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()AAll roles are evaluated together.BEach role is evaluated sep

题目
多选题
If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()
A

All roles are evaluated together.

B

Each role is evaluated separately.

C

Clients must pass all policies to access the role.

D

Clients will pass as long as one policy is accepted.

相似考题

1.Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()A. Source IP and browserB. Source IP and certificateC. Certificate and Host CheckerD. Host Checker and source IP

2.You want to restrict access to a role based on the client machine from which the user is accessing the network.Which two role restrictions accomplish this goal? ()A. user nameB. password lengthC. certificateD. Host Checker

3.Which two statements are true regarding routing policy processing?()A. The Junos OS verifies the match criteria of each policy in order and performs the associated action when a match occurs.B. Policies are evaluated from right to left as displayed in the Junos OS configuration file.C. Polices are evaluated based on the order in which they are applied to a routing protocol.D. Policy processing stops once the last statement in the policy is evaluated.

4.You are the administrator of a Junos Pulse Access Control Service implementation. You must restrict authenticated users connected from the branch offices to a few specific resources within the data center. However, when the authenticated users are connected at the corporate office, they are allowed more access to the data center resources.You have created two roles with different levels of access and are trying to determine the best way of controlling when a user is mapped to a specific role. Having the user prompted to manually select their role is possible, but you want to automate the process.Which configuration solves this problem?()A. Implement a RADIUS request attribute policy to assist with realm selection and create different role-mapping rules for the user in each realm.B. Implement a directory/attribute server on the realm and set up this server to determine by group membership the proper role to which a user should be mapped.C. Reorder the role-mapping rules to allow for the more open role to be mapped first and then enable the "stop processing rules when this rule matches" function on this role.D. Implement a Host Checker policy on the realm that determines the geographic location of the device and restricts the user based on the results of the policy.

更多“多选题If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()AAll roles are evaluated together.BEach role is evaluated sep”相关问题

  • 第1题:

    If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()

    A. All roles are evaluated together.

    B. Each role is evaluated separately.

    C. Clients must pass all policies to access the role.

    D. Clients will pass as long as one policy is accepted.


    参考答案:B, C

  • 第2题:

    Which two statements are true regarding redundancy groups?()

    • A、When priority settings are equal and the members participating in a cluster are initialized at the same time, the primary role for redundancy group 0 is assigned to node 0.
    • B、The preempt option determines the primary and secondary roles for redundancy group 0 during a failure and recovery scenario.
    • C、Redundancy group 0 manages the control plane failover between the nodes of a cluster.
    • D、The primary role can be shared for redundancy group 0 when the active-active option is enabled

    正确答案:A,C

  • 第3题:

    Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()

    • A、Source IP and browser
    • B、Source IP and certificate
    • C、Certificate and Host Checker
    • D、Host Checker and source IP

    正确答案:D

  • 第4题:

    Which two statements are true regarding routing policy processing?()

    • A、The Junos OS verifies the match criteria of each policy in order and performs the associated action when a match occurs.
    • B、Policies are evaluated from right to left as displayed in the Junos OS configuration file.
    • C、Polices are evaluated based on the order in which they are applied to a routing protocol.
    • D、Policy processing stops once the last statement in the policy is evaluated.

    正确答案:A,C

  • 第5题:

    Which two statements accurately describe a role?()

    • A、A role can be given to a maximum of 1000 users.
    • B、A user can have access to a maximum of 10 roles.
    • C、A role can have a maximum of 100 privileges contained in it.
    • D、Privileges are given to a role by using the CREATE ROLE statement.
    • E、A role is a named group of related privileges that can be granted to the user.
    • F、A user can have access to several roles, and several users can be assigned the same role.

    正确答案:E,F

  • 第6题:

    Which two statements are true about the roles in the Oracle database?()

    • A、A role can be granted to itself.
    • B、Roles are owned by the SYS user.
    • C、Roles can be granted to other roles.
    • D、A role cannot be assigned external authentication.
    • E、A role can contain both system and object privileges.

    正确答案:C,E

  • 第7题:

    多选题
    When creating a role in a Cisco Nexus 7000 Series Switch, rules are used to define the type of operations that a role will allow the user to perform.  Which two of these parameters cannot be applied as a rule? ()
    A

    port-profile

    B

    command

    C

    access-list

    D

    feature-group

    E

    OID


    正确答案: D,B
    解析: 暂无解析

  • 第8题:

    单选题
    You established access to menu modules using roles. You have allowed the sales role to access the menu module, but prevented access to the Update menu item. Which item property would you alter to gray out the menu option for the role?()
    A

    Item Roles. 

    B

    Menu Item Roles. 

    C

    Display without Privilege. 

    D

    Use Security. 

    E

    Command Type.


    正确答案: C
    解析: 暂无解析

  • 第9题:

    多选题
    You want to restrict access to a role based on the client machine from which the user is accessing the network.Which two role restrictions accomplish this goal? ()
    A

    user name

    B

    password length

    C

    certificate

    D

    Host Checker


    正确答案: A,B
    解析: 暂无解析

  • 第10题:

    单选题
    Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()
    A

    Source IP and browser

    B

    Source IP and certificate

    C

    Certificate and Host Checker

    D

    Host Checker and source IP


    正确答案: B
    解析: 暂无解析

  • 第11题:

    多选题
    Which two statements accurately describe a role?()
    A

    A role can be given to a maximum of 1000 users.

    B

    A user can have access to a maximum of 10 roles.

    C

    A role can have a maximum of 100 privileges contained in it.

    D

    Privileges are given to a role by using the CREATE ROLE statement.

    E

    A role is a named group of related privileges that can be granted to the user.

    F

    A user can have access to several roles, and several users can be assigned the same role.


    正确答案: E,A
    解析: 暂无解析

  • 第12题:

    多选题
    If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true?()
    A

    All roles are evaluated together.

    B

    Each role is evaluated separately.

    C

    Clients must pass all policies to access the role.

    D

    Clients will pass as long as one policy is accepted.


    正确答案: C,D
    解析: 暂无解析

  • 第13题:

    When creating a role in a Cisco Nexus 7000 Series Switch, rules are used to define the type of operations that a role will allow the user to perform.  Which two of these parameters cannot be applied as a rule? () 

    • A、 port-profile
    • B、 command
    • C、 access-list
    • D、 feature-group
    • E、 OID

    正确答案:A,C

  • 第14题:

    You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()

    • A、Select "Require and Enforce" for the Host Checker Policy in the realm authentication policy.
    • B、Select "Evaluate Policies" for the Host Checker policy in the realm authentication policy.
    • C、Configure the Host Checker policy as a role restriction for the Employee role.
    • D、Configure the Host Checker policy as a resource access policy for the Employee role.

    正确答案:B,C

  • 第15题:

    You want to restrict access to a role based on the client machine from which the user is accessing the network.Which two role restrictions accomplish this goal? ()

    • A、user name
    • B、password length
    • C、certificate
    • D、Host Checker

    正确答案:C,D

  • 第16题:

    View the Exhibit to observe the roles assigned to the SL_REP user.  Which statement is true about theassignment of the SELECT_CATALOG_ROLE role to the SL_REP user()

    • A、The user must enable the role explicitly.
    • B、The user can grant the role to other users.
    • C、The user cannot use the role until the DBA enables it explicitly.
    • D、The user can start using the role immediately without any changes

    正确答案:A

  • 第17题:

    You established access to menu modules using roles. You have allowed the sales role to access the menu module, but prevented access to the Update menu item. Which item property would you alter to gray out the menu option for the role?()

    • A、Item Roles. 
    • B、Menu Item Roles. 
    • C、Display without Privilege. 
    • D、Use Security. 
    • E、Command Type.

    正确答案:C

  • 第18题:

    多选题
    Which two statements are true regarding redundancy groups?()
    A

    When priority settings are equal and the members participating in a cluster are initialized at the same time, the primary role for redundancy group 0 is assigned to node 0.

    B

    The preempt option determines the primary and secondary roles for redundancy group 0 during a failure and recovery scenario.

    C

    Redundancy group 0 manages the control plane failover between the nodes of a cluster.

    D

    The primary role can be shared for redundancy group 0 when the active-active option is enabled


    正确答案: B,C
    解析: 暂无解析

  • 第19题:

    单选题
    View the Exhibit to observe the roles assigned to the SL_REP user.  Which statement is true about theassignment of the SELECT_CATALOG_ROLE role to the SL_REP user()
    A

    The user must enable the role explicitly.

    B

    The user can grant the role to other users.

    C

    The user cannot use the role until the DBA enables it explicitly.

    D

    The user can start using the role immediately without any changes


    正确答案: D
    解析: 暂无解析

  • 第20题:

    单选题
    View the Exhibit and examine the privileges granted to the MGR_ROLE role. The user SKD has been grantedthe CONNECT and RESOURCE roles only. The database administrator (DBA) grants MGR_ROLE to the userSKD by executing the command: SQL> GRANT MGR_ROLE TO SKD WITH ADMIN OPTION;  Which statement is true about the user SKD afterhe/she is granted this role()
    A

    The user SKD can grant only the MGR_ROLE role to other users, but not the privileges in it.

    B

    The user SKD can revoke the MGR_ROLE only from the users for whom he/she is the grantor.

    C

    The user SKD can grant the privileges in the MGR_ROLE role to other users, but not with ADMIN OPTION.

    D

    The user SKD can grant the privileges in the MGR_ROLE role to other users, but cannot revoke privilegesfrom them


    正确答案: C
    解析: 暂无解析

  • 第21题:

    多选题
    In the admin GUI, you navigate to "System" > "Status" > "Active Users". You see several buttons, including "Delete Session", "Delete All Sessions". "Refresh Roles", and "Disable All Users".Which two statements are true?()
    A

    To forcibly sign out a single user, you should select the check box next to that user's login name, then select Delete Session.

    B

    If you select Delete All Sessions, all users are forcibly signed out and are unable to sign in again until Enable All Users is selected.

    C

    Selecting Disable All Users prevents users from signing in and starting a new session, but does not forcibly sign out any users that already have an existing session.

    D

    Selecting Refresh Roles re-evaluates authentication policies, role-mapping rules, and resource policies for all existing user sessions.


    正确答案: D,A
    解析: 暂无解析

  • 第22题:

    多选题
    Which two statements are true about the roles in the Oracle database?()
    A

    A role can be granted to itself.

    B

    Roles are owned by the SYS user.

    C

    Roles can be granted to other roles.

    D

    A role cannot be assigned external authentication.

    E

    A role can contain both system and object privileges.


    正确答案: E,D
    解析: 暂无解析

  • 第23题:

    多选题
    You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()
    A

    Select Require and Enforce for the Host Checker Policy in the realm authentication policy.

    B

    Select Evaluate Policies for the Host Checker policy in the realm authentication policy.

    C

    Configure the Host Checker policy as a role restriction for the Employee role.

    D

    Configure the Host Checker policy as a resource access policy for the Employee role.


    正确答案: B,C
    解析: 暂无解析

  • 第24题:

    多选题
    Which two statements are true regarding routing policy processing?()
    A

    The Junos OS verifies the match criteria of each policy in order and performs the associated action when a match occurs.

    B

    Policies are evaluated from right to left as displayed in the Junos OS configuration file.

    C

    Polices are evaluated based on the order in which they are applied to a routing protocol.

    D

    Policy processing stops once the last statement in the policy is evaluated.


    正确答案: A,D
    解析: 暂无解析

相关内容