The Company security administrator is concerned with layer 2 network attacks.  Which two  statements about these attacks are true？ （）

A .  Attacks are prevented by utilizing the port-security feature. B .  An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the  802.1q encapsulation. C .  Configuring an interface with the switchport mode dynamic command will prevent VLAN  hopping. D .  An end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q  encapsulation. E .  Configuring an interface with the "switchport mode access" command will prevent VLAN  hopping.

A .  Enable root guard to mitigate ARP address spoofing attacks. B .  Configure DHCP spoofing to mitigate ARP address spoofing attacks. C .  Configure PVLANs to mitigate MAC address flooding attacks. D .  Enable root guard to mitigate DHCP spoofing attacks. E .  Configure dynamic APR inspection （DAI） to mitigate IP address spoofing on DHCP untrusted  ports. F .  Configure port security to mitigate MAC address flooding   G .  None of the other alternatives apply

A . Active Directory delegation B . Authorization Manager C . built-in security groups D . user rights assignment

A . Configure Administration Role Separation. B . Add the BranchAdmins group to the Domains Admins group. C . Add the BranchAdmins group to the Server Operators group. D . Assign the permission for the domain controller computer objects to the BranchAdmins group.

A . Deploy Network Policy Server （NPS） and create a network policy. B . Deploy Print and Document Services and create a custom printer filter. C . Deploy File Server Resource Manager （FSRM） and create a file classification rule. D . Deploy Active Directory Rights Management Services （AD RMS） and create an AD RMS rights policy  template.

A . the Authorization Manager snap-in on Node1 and Node2 B . the Authorization Manager snap-in on the VMs C . the Network Configuration Operators local group on each VM D . the Network Configuration Operators local group on Node1 and Node2

A . an iSCSI initiator B . the Multipath I/O feature C . Wake On LAN D . Windows Deployment Services （WDS）

A . Modify the NTFS permissions and the share permissions of the DFS targets. B . Modify the referrals settings of the DFS namespace and the NTFS permissions of the DFS targets. C . Migrate the namespace to Windows Server 2008 mode and modify the referrals settings. D . Migrate the namespace to Windows Server 2008 mode and enable access-based enumeration.

A . Encrypted File System （EFS） B . the AppLocker Group Policy settings C . the IPSec enforcement method D . Windows BitLocker Drive Encryption （BitLocker）

A . access-based enumeration （ABE） B . Active Directory delegation C . Authorization Manager D . role separatio

A .  the business knowledge of the IT staff B .  the technical knowledge of the IT staff C .  the company’s business objectives D .  the company’s network topology E .  the IT future directio

A . Add Admin2 to the Domain Admins global group. B . Add Admin2 to the Backup Operators domain local group. C . Delegate full control ofall objects in graphicdesigninstitute.com to Admin2. D . Delegate full control of all objects in the Domain Controllers organizational unit（OU）to Admin2.

A . Test and manually deploy updates B . Deploy a Software Update Services （SUS） server. Test all updates and then approve them. Configure all client computers to automatically obtain updates from the server C . Test all updates and then use a third-party utility to repackage updates in a Windows Installer file. Deploy the -.msi files by using Group Policy D . Configure all client computers to use Automatic Updates to obtain security updates from the Windows Update Web site. Test all updates posted to the Windows Update Web site

A .  Attacks are prevented by utilizing the port-security feature. B .  An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the  802.1q encapsulation. C .  Configuring an interface with the switchport mode dynamic command will prevent VLAN  hopping. D .  An end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q  encapsulation. E .  Configuring an interface with the "switchport mode access" command will prevent VLAN  hopping.

A . Basic authentication and connection security rules B . Basic authentication and SSL C . Digest authentication and connection security rules D . Digest authentication and SSL

A . Upgrade DFS2 to Windows Server 2008 R2. B . Implement access-based enumeration （ABE）. C . Implement Authentication Mechanism Assurance. D . Configure the DFS namespace to use Windows Server 2008 mode.

A . a custom password filter B . a Password Settings object （PSO） C . managed service accounts D . manual password change

A .  MAC spoofing attacks allow an attacking device to receive frames intended for a different  network host. B .  Port scanners are the most effective defense against dynamic ARP inspection. C .  MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable  attack points. D .  Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP  snooping attacks. E .  DHCP snooping sends unauthorized replies to DHCP queries. F .  ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection. G .  None of the other alternatives apply.

A . Create a child OU within the existing domain B . Create a child domain of the existing domain C . Create a new domain in a new forest. Configure the new domain to trust the existing domain D . Create a new tree in the existing forest. Configure the new domain to trust the existing domai

A . Ship security officer B . Company security officer C . Port facility security officer D . PSC officer

A . access-based enumeration （ABE） B . Authentication Mechanism Assurance C . Authorization Manager D . Hyper-V Manager

A . 802.1X B . DHCP C . IPSec D . VPN

A . In the Default Domain Policy Group Policy object （GPO） for the corp.woodgrovebank.com domain， add the LA\HRUsers group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list B . In the Default Domain Policy Group Policy object （GPO） for the la.corp.woodgrovebank.com domain， add the LA\HRUsers group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list C . In the Default Domain Policy Group Policy object （GPO） for the corp.woodgrovebank.com domain， add the LA\HRUsers group and the CORP\Backup Operators group to the Restricted Groups list. Add only the HR department user accounts and the administrator user accounts to the Allowed Members list for each group D . In the Default Domain Policy Group Policy object （GPO） for the la.corp.woodgrovebank.com domain， add the LA\HRUsers group and the CORP\Backup Operators group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list for the LA\HRUsers group. Add only the administrator user accounts to the Allowed Members list for the CORP\Backup Operators grou

Society is a (joint-stock) company, in which the members agree, (for) the better (securing of )bread for each shareholder, (to surrender to) the liberty and culture of each individual. A．joint-stock B．for C．securing of D．to surrender to