考题
You configure a Group Policy Object for the Marketing organizational unit (OU) to prevent users from accessing My Network Places and from running System in Control Panel. You want the Managers domain local group to be able to access My Network Places, but you still want to prevent them from running System in Control Panel.What should you do?A.Add the managers group to the access control list of the GPO. Disable the permission of the managers group to read and apply the group policy.B.Add the managers group to the access control list of the GPO. Deny the permission of the managers group to read and apply the group policy.C.Create a second GPO in the OU. Add the managers group to the access control list. Allow the managers group to apply the group policy. Deny the authenticated users group permission to read and apply group policy. Configure the new GPO to deny the ability to run System in Control Panel. Give the original GPO a higher priority than the new GPO.D.Create a second GPO in the OU. Add the managers group to the access control list. Allow the managers group to read and apply the group policy. Disable the permission of the authenticated user group to read and apply the group policy. Configure the new GPO to allow access to My Network Places. Give the new GPO a higher priority than the original GPO.
考题
You are a technician at TestKing. Your assistant applied an IP access control list to Router TK1. You want to check the placement and direction of the access control list.Which command should you use?()A. show access-listB. show ip access-listC. show ip interfaceD. show interfaceE. show interface list
考题
You‘re the systems administrator at Testing, and you create the following access control lists.You then enter the command ip access-group 101 in to apply access control list 101 to router TK1s e0 interface.Which of the following Telnet sessions will be blocked as a result of your access lists?()A. Telnet sessions from host A to host 5.1.1.10B. Telnet sessions from host A to host 5.1.3.10C. Telnet sessions from host B to host 5.1.2.10D. Telnet sessions from host B to host 5.1.3.8E. Telnet sessions from host C to host 5.1.3.10F. Telnet sessions from host F to host 5.1.1.10
考题
You are securing a network for TestKing and want to apply an ACL (access control list) to an interface of a router. Which one of the following commands would you use?()
A. permit access-list 101 outB. ip access-group 101 outC. apply access-list 101 outD. access-class 101 outE. ip access-list e0 out
考题
You are the network administrator at TestKing. You need to perform password recovery on Router TK1. What must you modify in the password recovery process?()
A. Configuration registerB. NVRAMC. Boot flashD. CMOSE. Flash
考题
Which of the following answer choices are correct characteristics of named access list?()
A. You can delete individual statements in a named access listB. Named access lists require a numbered range from 1000 to 1099.C. Named access lists must be specified as standard or extended.D. You can use the ip access-list command to create named access lists.E. You cannot delete individual statements in a named access list.F. You can use the ip name-group command to apply named access lists.
考题
As a network administrator, you have been instructed to prevent all traffic originating on the LAN from entering the R2 router. Which the following command would implement the access list on the interface of the R2 router?()A.access-list 101 inB.access-list 101 outC.ip access-group 101 inD.ip access-group 101 out
考题
Which statement about access lists that are applied to an interface is true?()
A.you can apply multiple access lists with the same protocol or in different…B.you can config one access list,per direction,per layer 3 protocolC.you can placeasmanyaccess lists as you want on any interfaceD.you can apply ony one access list on any interface
考题
As a network administrator,you have been instructed to prevent all traffic or iginating on the LAN from entering the R2 router.Which the following command would implement the access list on the interface of theR2 router?()A.access-list 101 inB.access-list 101 outC.ipaccess-group 101 inD.ipaccess-group 101 out
考题
You are securing a network for TestKing and want to apply an ACL (access control list) to an interface of a router. Which one of the following commands would you use?()A、permit access-list 101 outB、ip access-group 101 outC、apply access-list 101 outD、access-class 101 outE、ip access-list e0 out
考题
Which statement about access lists that are applied to an interface is true?()A、you can apply multiple access lists with the same protocol or in different direction.B、you can config one access list,per direction,per layer 3 protocolC、you can place as many access lists as you want on any interfaceD、you can apply only one access list on any interface
考题
You are the network administrator at TestKing. You need to perform password recovery on Router TK1. What must you modify in the password recovery process?()A、Configuration registerB、NVRAMC、Boot flashD、CMOSE、Flash
考题
Which of the following answer choices are correct characteristics of named access list?()A、You can delete individual statements in a named access listB、Named access lists require a numbered range from 1000 to 1099.C、Named access lists must be specified as standard or extended.D、You can use the ip access-list command to create named access lists.E、You cannot delete individual statements in a named access list.F、You can use the ip name-group command to apply named access lists.
考题
You are a technician at TestKing. Your assistant applied an IP access control list to Router TK1. You want to check the placement and direction of the access control list.Which command should you use?()A、show access-listB、show ip access-listC、show ip interfaceD、show interfaceE、show interface list
考题
Which statement about access lists that are applied to an interface is true?()A、you can apply multiple access lists with the same protocol or in different…B、you can config one access list,per direction,per layer 3 protocolC、you can placeasmanyaccess lists as you want on any interfaceD、you can apply ony one access list on any interface
考题
As a network administrator, you have been instructed to prevent all traffic originating on the LAN from entering the R2 router. Which the following command would implement the access list on the interface of the R2 router?()A、access-list 101 inB、access-list 101 outC、ip access-group 101 inD、ip access-group 101 out
考题
Which statement about access lists that are applied to an interface is true?()A、you can apply multiple access lists with the same protocol or in different…B、you can config one access list,per direction,per layer 3 protocolC、you can place as many access lists as you want on any interfaceD、you can apply ony one access list on any interface
考题
You are the network administrator for your company. Your network consists of a single Active Directory domain. Three security groups named Accountants, Processors, and Management are located in an organizational unit (OU) named Accounting. All of the user accounts that belong to these three groups are also in the Accounting OU. You create a Group Policy object (GPO) and link it to the Accounting OU. You configure the GPO to disable the display options under the User Configuration section of the GPO. You need to achieve the following goals: You need to ensure that the GPO applies to all user accounts that are members of the Processors group. You need to prevent the GPO fromapplying to any user account that is a member of the Accountants group. You need to prevent the GPO from applying to any user account that is a member of the Management group, unless the user account is also a member of the Processors group. What should you do?()A、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL of the GPO to assign the users who are in both the Accountants and Management security groups the Allow - Read and the Allow - Apply Group Policy permissions.B、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Create a new security group named Mixed that contains all the user accounts from the Processors group and the specific user accounts from the Management group to which you want the GPO to apply. Modify the DACL of the GPO to assign the Mixed security group the Allow - Read and the Allow - Apply Group Policy permissions.C、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants security group the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL settings of the GPO to remove the Authenticated Users special group. Modify the DACL settings of the GPO to add the Processors group and assign the Allow - Read and the Allow - Apply Group Policy permissions.D、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants security group the Deny - Read and the Allow - Apply Group Policy permissions. Modify the DACL settings of the GPO to assign the Management security group the Deny - Read and the Deny - Apply Group Policy permissions.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The domain includes an organizational unit (OU) named Processing. There are 100 computer accounts in the Processing OU. You create a Group Policy object (GPO) named NetworkSecurity and link it to the domain. You configure NetworkSecurity to enable security settings through the Computer Configuration section of the Group Policy settings. You need to ensure that NetworkSecurity will apply only to the computers in the Processing OU. You need to minimize the number of GPO links. What should you do?()A、 Link NetworkSecurity to the Processing OU. Disable the User Configuration section of NetworkSecurity.B、 Link NetworkSecurity to the Processing OU. Remove the link from NetworkSecurity to the domain.C、 Modify the discretionary access control list (DACL) for NetworkSecurity to assign all computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.D、 Modify the discretionary access control list (DACL) for NetworkSecurity to assign the Authenticated Users group the Deny - Apply Group Policy permission and to assign all of the computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.
考题
多选题You are the network administrator at TestKing. You need to perform password recovery on Router TK1. What must you modify in the password recovery process?()AConfiguration registerBNVRAMCBoot flashDCMOSEFlash
考题
单选题As a network administrator, you have been instructed to prevent all traffic originating on the LAN from entering the R2 router. Which the following command would implement the access list on the interface of the R2 router?()A
access-list 101 inB
access-list 101 outC
ip access-group 101 inD
ip access-group 101 out
考题
单选题You are a network administrator for TestKing. The network consists of a single Active Directory domain named testking.com. All servers run Windows Server 2003. All client computers run Windows XP Professional. A server named Testking32 contains a folder that is shared as ManagerData$. A global group named AllManagers has permission to access the shared folder. A user reports that he needs access to the ManagerData$ shared folder. You add his user account to the All Managers global group. When the user attempts to connect to the shared folder by typing //Testking32/ManagerData$/ , he receives the following error message: "//Testking32/ManagerData$/ is not accessible. You might not have permissions to use the network resource. Contact the administrator of this server to find out if you have access permissions. Access is denied. You need to ensure that the user can access the ManagerData$ shared folder on Testking32. What should you do?()A
Instruct the user to type //Testking32/ManagerData/ when he attempts to access the folder.B
Add the Anonymous Logon group to the ACL for the ManagerData$ shared folder.C
Select the Replace permission entries on all child object with entries shown here that apply to child objects check box.D
Instruct the user to log off and log on again before he accesses the folder.
考题
多选题You wish to increase the security of all of the routers within your network. What can be done to secure the virtual terminal interfaces on a router?()AAdministratively shut down the interface.BPhysically secure the interface.CCreate an access list and apply it to the virtual terminal interfaces with the access-group command.DConfigure a virtual terminal password and login process.EEnter an access list and apply it to the virtual terminal interfaces using the access-class command.
考题
单选题A Cisco Catalyst switch is part of the CIS network. As an experienced network administrator, you are thinking of filtering the traffic within VLANI00 with the use of a VACL named "test" on that switch. Which of the following command will enable that?()A
interface vlan 100 ip access-group test inB
interface vlan 100 ip access-group testC
vlan access-map test 100D
vlan filter test vlan-list 100
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The domain includes an organizational unit (OU) named Processing. There are 100 computer accounts in the Processing OU. You create a Group Policy object (GPO) named NetworkSecurity and link it to the domain. You configure NetworkSecurity to enable security settings through the Computer Configuration section of the Group Policy settings. You need to ensure that NetworkSecurity will apply only to the computers in the Processing OU. You need to minimize the number of GPO links. What should you do?()A
Link NetworkSecurity to the Processing OU. Disable the User Configuration section of NetworkSecurity.B
Link NetworkSecurity to the Processing OU. Remove the link from NetworkSecurity to the domain.C
Modify the discretionary access control list (DACL) for NetworkSecurity to assign all computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.D
Modify the discretionary access control list (DACL) for NetworkSecurity to assign the Authenticated Users group the Deny - Apply Group Policy permission and to assign all of the computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.
考题
单选题You are a technician at TestKing. Your assistant applied an IP access control list to Router TK1. You want to check the placement and direction of the access control list.Which command should you use?()A
show access-listB
show ip access-listC
show ip interfaceD
show interfaceE
show interface list
考题
单选题You are the network administrator at TestKing. You apply the following access list on the E0 outbound interface connected to the 192.168.1.8/29 LAN: access-list 21 deny tcp 192.168.1.8 0.0.0.7 eq 20 any access-list 21 deny tcp 192.168.1.8 0.0.0.7 eq 21 any What will the effect of this access list be?()A
All traffic will be allowed to out of E0 except FTP traffic.B
FTP traffic from 192.168.1.22 to any host will be blocked.C
FTP traffic from 192.168.1.9 to any host will be blocked.D
All traffic will be prevented from leaving E0.E
All FTP traffic to network 192.168.1.9/29 from any host will be blocked.
考题
单选题You are securing a network for TestKing and want to apply an ACL (access control list) to an interface of a router. Which one of the following commands would you use?()A
permit access-list 101 outB
ip access-group 101 outC
apply access-list 101 outD
access-class 101 outE
ip access-list e0 out