A．maintainB．retainC．containD．attain

A. An individual policy can have only one scheduler applied.

B. You must manually configure system-time updates.

C. Multiple policies can use the same scheduler.

D. Policies that do not have schedulers are not active.

A. Select "Require and Enforce" for the Host Checker Policy in the realm authentication policy.

B. Select "Evaluate Policies" for the Host Checker policy in the realm authentication policy.

C. Configure the Host Checker policy as a role restriction for the Employee role.

D. Configure the Host Checker policy as a resource access policy for the Employee role.

etwork access and activities until an administrator can investigate.In the admin GUI, which sensor event policy action must you configure in "Configuration" >"Sensors" >"Sensor Event Policies" >[rule name] to accomplish this？（）

A. Ignore

B. Replace users role

C. Terminate user session

D. Disable user account

A．ICMP

B． SNMP

C． TCP

D． HTTPS

Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI).To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer？（）

A. CLI

B. WebUI

C. NSM

D. Junos Pulse Access Control Service

A. All the triggers for the table are disabled without changing any of the column names or column types in the table.

B. The primary key constraint on the EMPLOYEES table is disabled during redefinition.

C. VPD policies are copied from the original table to the new table during online redefinition.

D. You must copy the VPD policies manually from the original table to the new table during online redefinition.

A. It also supports PAT.

B. It requires you to configure address entries in the junos-nat zone.

C. It requires you to configure address entries in the junos-global zone.

D. The IP addresses being translated must be in the same subnet as the incoming interface.

A. You do not need to configure a RADIUS client policy.

B. You must know the exact model number of the Infranet Enforcer.

C. You must specify the NACN password of the device in the RADIUS client policy.

D. You do not need to designate a location group to which the Infranet Enforcer will belong.

in named.

The domain contains two Windows Server 2003 terminal servers that host applications that are used by company employees. An organization unit (OU) named TerminalServers contains only the computer accounts for these two Terminal servers. A Group Policy object (GPO) named TSPolicy is linked to the TerminalServers OU, and you have been granted the right to modify the GPO.

Users should use the terminal servers to run only authorized applications. A custom financial application suite is currently the only allowed application. The financial application suite is installed in the folder C:\Program Files\MT Apps. The financial application suite contains many executable files.

Users must also be able to use Internet Explorer to access a browser-based application on the company intranet. The browser-based application makes extensive use of unsigned ActiveX components.

The financial application suite and the browser-based application are frequently updates with patches or new versions.

You need to configure the terminal servers to prevent users from running unauthorized applications. You plan to configure software restriction policies in the TSPolicy GPO. To reduce administrative overhead, you want to create a solution that can be implemented once, without requiring constant reconfiguration.

Which three actions should you perform to configure software restriction polices？（）

(Each correct answer presents part of the solution. Choose three)

A. one IP network or subnetwork for each subinterface

B. subinterface numbering that matches vlan tages

C. subinterface encapsulation identifiers that match vlan tags

D. a management domain for each subinterface

E. one physical interface for each subinterface

F. one subinterface per vlan