多选题Which two are true about authentication？（）AForm-based logins should NOT be used with HTTPS.BWhen using Basic Authentication the target server is NOT authenticated.CJ2EE compliant web containers are NOT required to support the HTTPS protocol.DWeb contai

第1题：

Company.com network consists of a single Active Directory domain named  Company.com.Company.com has an Exchange Server 2010 organization.The Company.com employees use Microsoft Office Outlook 2007 to connect to their mailboxes.RPC over HTTP and Auto discover are configured on Microsoft Office Outlook 2007. A new Company.com security policy requires that the employees connected to the domain does not need authentication when using Outlook Anywhere.However， those not connected t the domain needs to be authentication when using Outlook Anywhere.The employees need to comply with the new Company.com security policy.  What should you do？（）

• A、You should consider using Basic authentication on Outlook Anywhere and set up only Basic authentication on the RPC virtual directory.
• B、You should consider using NTLM authentication on Outlook Anywhere and set up Basic authentication and NTLM authentication on the RPC virtual directory.
• C、You should consider using NTLM authentication on Outlook Anywhere and set up only Basic authentication on the RPC virtual directory.
• D、You should consider using Basic authentication on Outlook Anywhere and set up Basic authentication and NTLM authentication on the RPC virtual directory.

第2题：

Which two statements about using the CHAP authentication mechanism in a PPP link are true?（）

• A、CHAP uses a two-way handshake
• B、CHAP authentication periodically occurs after link establishment
• C、CHAP has no protection from playback attacks
• D、CHAP authentication is performed only upon link establishment
• E、CHAP uses a three-way handshake
• F、CHAP authentication passwords are sent in plaintext

第3题：

第4题：

Which two statements regarding external authentication servers for firewall userauthentication are true？（）

• A、Up to three external authentication server types can be used simultaneously.
• B、Only one external authentication server type can be used simultaneously.
• C、If the local password database is not configured in the authentication order， and the configured authentication server is unreachable， authentication is not performed.
• D、If the local password database is not configured in the authentication order， and the configured authentication server rejects the authentication request， authentication is not performed

第5题：

Which activity supports the data integrity requirements of an application？（）

• A、Using HTTPS as a protocol
• B、Using an LDAP security realm
• C、Using HTTP Basic authentication
• D、Using forms-based authentication

第6题：

Which two are true about authentication？（）

• A、Form-based logins should NOT be used with HTTPS.
• B、When using Basic Authentication the target server is NOT authenticated.
• C、J2EE compliant web containers are NOT required to support the HTTPS protocol.
• D、Web containers are required to support unauthenticated access to unprotected web resources.

第7题：

Which two authentication mechanisms provide weaker protection than other mechanisms？（）

• A、 HTTP Basic Authentication
• B、 Form Based Authentication
• C、 HTTP Digest Authentication
• D、 HTTPS Client Authentication

第8题：

Which two statements about authentication settings for DCNM-LAN are true？ （）

• A、 If none of the authentication servers that are configured for the current authentication mode responds to an authentication request， the DCNM-LAN server falls back to localauthentication.
• B、 DCNM-LAN only supports TACACS+.
• C、 Each DCNM-LAN server will have the same device credentials.
• D、 Administering DCNM-LAN authentication settings requires an authentication license.
• E、 DCNM-LAN server users are local to the DCNM-LAN server.

第9题：

Which basic authentication type is optional for a J2EE 1.4 compliant web container？（）

• A、HTTP Basic Authentication
• B、Form Based Authentication
• C、HTTP Digest Authentication
• D、HTTPS Client Authentication

第10题：

Which two statements regarding external authentication servers for firewall user authentication are true?（） (Choose two.)

• A、Up to three external authentication server types can be used simultaneously.
• B、Only one external authentication server type can be used simultaneously.
• C、If the local password database is not configured in the authentication order, and the configured authentication server  bypassed.
• D、If the local password database is not configured in the authentication order, and the configured authentication server authentication is rejected.