A network engineer wants to allow a temporary entry for a remote user with a specific usename and password so that the user can access the entire network over the internet.which ACL can be used?()A. reflexiveB. extendedC. standardD. dynamic

第1题：

A network engineer wants to allow a temporary entry for a remote user with a specific usename andpassword so that the user can access the entire network over the internet.which ACL can be used？（）

• A、reflexive
• B、extended
• C、standard
• D、dynamic

第2题：

Your company consists of a single Active Directory domain that is configured in Windows 2000 native mode. All servers run Windows Server 2003 Service Pack 2 （SP2）.  You deploy a Routing and Remote Access server to provide VPN access to the network.You need to ensure that only members of a group named Sales can access the network through the VPN. The solution must minimize the administrative effort required to manage remote access.  What should you do？（）

• A、Allow dial-in access for the user accounts of all Sales group members.
• B、Deny dial-in access for the user accounts of all users except the Sales group members.
• C、Create a remote access policy and assign the Allow - Remote Access permission. Add the Windows-Groups condition and specify the Sales group.
• D、Create a remote access policy and assign the Deny - Remote Access permission. Add the Windows-Groups condition and specify all Active Directory groups except for Sales.

第3题：

A network engineer wants to allow a temporary entry for a remote user with a specific usename and password so that the user can access the entire network over the internet.which ACL can be used?（）

• A、reflexive
• B、extended
• C、standard
• D、dynamic

第4题：

You are configuring a new Catalyst switch that you want to manage remotely from workstations on other network segments within your enterprise.Which of the following are required to allow remote management of the switch over IP?（）

• A、The switch name must match the workgroup name of the local network.
• B、The switch must be configured with an IP address and default gateway.
• C、The remote workstations must have access to the management VLAN of the switch.
• D、CDP must be enabled on the switch so that it can be located by other devices on the network.

第5题：

Which statements describe the capabilities of the DBMS_NETWORK_ACL_ADMIN package?（）

• A、It can be used to allow the access privilege settings for users but not roles.
• B、It can be used to allow the access privilege settings for users as well as roles.
• C、It can be used to control the time interval for which the access privilege is available to a user.
• D、It can be used to selectively restrict the access for each user in a database to different host computers.
• E、It can be used to selectively restrict a user's access to different applications in a specific host computer.

第6题：

The human resources department has informed you that two new temporary part-time employees will join your company next week. You are required to set up a workstation that will be used bythese employees. They do not need access to the network but they will need to access an HP LaserJet printer attached to the local computer. You install Windows 2000 Professional and format the hard disk using NTFS. What type of user account should you create for them？（）

• A、No account. They can use the built-in guest account.
• B、No Account. They can use the built-in Administrator account.
• C、Local user account
• D、Domain user account

第7题：

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

Which of the following is NOT a security feature relating to user accounts？（）

• A、Some commands can be password protected requiring logged in customers to re-enter their password.
• B、A user account can be disabled automatically， after a specified number of invalid login attempts.
• C、An account can have multiple valid passwords at the same time， any of which can be used to access the account.
• D、The password policy feature can allow the system to require passwords to include a minimum number of numeric characters.
• E、Logged in customers can be logged off of the system after a specified period of inactivity.

第14题：

A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?（）

• A、BPDU
• B、Port security
• C、RSTP
• D、STP
• E、VTP
• F、Blocking mode

第15题：

Which two statements are true about the Cisco Classic （CBAC） IOS Firewall set？（）

• A、It can be used to block bulk encryption attacks
• B、It can be used to protect against denial of service attacks
• C、Traffic originating from the router is considered trusted， so it is not inspected
• D、Based upon the custom firewall rules， an ACL entry is statically created and added to theexisting ACL permanently
• E、Temporary ACL entries that allow selected traffic to pass are created and persist for theduration of the communication session

第16题：

What is the primary purpose of creating a Location Group Policy? （）

• A、to associate more than one realm with an authentication server
• B、to logically group network access devices and associate them with specific sign-in policies
• C、to allow or prevent users from accessing resources in specific locations on the network
• D、to define the URL that users of network access devices can use to access the Infranet Controller

第17题：

Your network contains a Network Policy Server (NPS) named NPS1. NPS1 is configured for remote access account lockout.A domain user named User1 has been locked out by NPS1.You need to unlock the User1 user account on NPS1.What should you use？（）

• A、the Netsh tool
• B、the Network Policy Server console
• C、the Registry Editor
• D、the Routing and Remote Access console

第18题：

第19题：

第20题：

第21题：

第22题：

第23题：