The network security policy requ

第1题：

第2题：

A network vulnerability scanner is part of which critical element of network and system security?（）

• A、host security
• B、perimeter security
• C、security monitoring
• D、policy management

第3题：

第4题：

You are the administrator of your company’s network. Ten Windows 2000 Professional computers are located in the Research department. The computers contain highly confidential information. You want the 10 computers to be able to communicate with other Windows 2000 Professional computers on the network. However, you do not want them to communicate with computers that are not running Windows 2000, including those that are running Windows 95, Windows 98 and Windows NT.  You want to configure a security policy on each computer to ensure that the confidential information is secure. What should you do?（）

• A、Use Security Configuration and Analysis to import the Hisecws.inf security template file to modify the default security settings.
• B、Use security templates to create a security template file and import the security settings to modify the default security settings.
• C、Use the local computer policy to disable the access to this computer from the network option.
• D、Use Secedit.exe to reconfigure the computers’ default security settings to not allow anonymous access to the computers.

第5题：

Which two are needed components when designing and implementing a security solution？（）

• A、detailed VLAN information
• B、an incident response plan
• C、results of testing the new network configuration
• D、an existing hierarchical network topology
• E、a security policy for your organization

第6题：

What would you use to enforce security-policy compliance on all devices that seek to access the network？（）

• A、 VLAN
• B、 NAC
• C、 EAP
• D、 WLAN

第7题：

The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?（）

• A、TestKing1(config-if)# switchport port-security maximum 1
• B、TestKing1(config)# mac-address-table secure
• C、TestKing1(config)# access-list 10 permit ip host
• D、TestKing1(config-if)# switchport port-security violation shutdown
• E、TestKing1(config-if)# ip access-group 10

第8题：

第9题：

Which of the following documents should always be kept up-to-date after any major changes aremade to a network backbone?（）

• A、Network diagram
• B、Performance baseline
• C、Network security procedure
• D、Company policy

第10题：

You have a combined Windows 2000 and Windows 98 network that contain sensitive data. You want to utilize as many new Windows 2000 security features as possible. You want to customize a security policy on each computer to ensure that data is kept confidential and secured. Allcomputers must still be able to communicate with each other over the network. What should you do？（）

• A、Use the security configuration and analysis console to improve the HISECWS security  template file.
• B、Use the local computer policy to disable the access this computer from the network option.
• C、Use SECEDIT to reconfigure the computer default security settings to not allow anonymous  access to the computer.
• D、Create a policy that excludes write access to the windows 2000 computers then apply the  policy to all non-windows 2000 computers.
• E、None of the above, Windows 9X systems cannot be secured using security template files.