[单项选择]A network administrator wants to verify the active alarms on interface so-0/0/0. Which command displays this information?（）
A. show interfaces alarms
B. show interfaces terse
C. show alarms extensive
D. show interfaces extensive

[单项选择]A network administrator wants to verify the active alarms on interface so-0/0/0.0. Which command displays this information?（）
A. show interfaces alarms
B. show interfaces terse
C. show alarms extensive
D. show interfaces extensive

[多项选择] You are the network administrator for Active Directory. Another system administrator installs Software Update Services (SUS) on a production Windows Server 2003 computer. You are assigned to manage the SUS computer. You need to ensure that you can recover SUS if the server fails. You need to back up all components that are required to restore SUS to its current configuration. Because of limited space, you must not back up unnecessary data. What action or actions should you perform? Select all that apply.（）
A. Back up the SUS folder that contains synchronized content.
B. Back up the folder in which the SYSAdmin site was created.
C. Back up the System State data fro the Windows Server 2003 computer.
D. Back up the IIS metabase

[单项选择]The administrator wants to verify the current state of the OSPF database loading process. Which show command should the administrator use?（）
A. show ip ospf [process - id] interface
B. show ip ospf neighbor
C. show ip ospf [process - id]
D. show ip ospf [process - id area - id] database

[单项选择] A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone. Which configuration statement would correctly accomplish this task?（）
A. from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
B. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
C. from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }
D. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

[单项选择]A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?（）
A. BPDU
B. Port security
C. RSTP
D. STP
E. VTP
F. Blocking mode

[多项选择]A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1?（）
A. Configure port Fa0/1 to accept connections only from the static IP address of the server.
B. Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.
C. Configure the MAC address of the server as a static entry associated with port Fa0/1.
D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.
E. Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.
F. Configure an access list on the switch to deny server traffic from entering any port other than Fa0/1.

[单项选择]A network administrator needs to verify that switch interface 0/5 has been assigned to the Sales VLA.N. Which command will accomplish this task?（）
A. Show vlan
B. Show mac-address-table
C. Show vtp status
D. show spanning-tree root
E. show ip interface brief

[单项选择]A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?（）
A. access-list 101 deny tcp 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
B. access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
C. access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any any
D. access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any any

[多项选择] You are the administrator of an Active Directory domain named A user reports that he forgot his password and cannot log on to the domain. You discover that yesterday morning the user reset his password and successfully logged on to the domain. You need to enable the user to log on to the domain. What should you do? （）(Choose two)
A. Use Active Directory Users and Computers to move the account to the default organizational unit (OU) named Users. Instruct the user to restart his computer.
B. Use Active Directory Users and Computers to open the account properties for the user's user account. Clear the Account is locked out check box, and select the User must change password at next logon check box.
C. Use Active Directory Users and Computers to reset the user's password. Give the user the new password.
D. Use Computer Management to reset the password for the local Administrator account.

[单项选择]An administrator wants to test the network MTU. Which of the following commands allows differentsize packets to be sent?（）
A. netstat
B. traceroute
C. nbtstat
D. ping

[单项选择] The system administrator wants to use a new jfslog /dev/fs1log with the filesystem /test/fs1 on the testvg volume group. The following commands were used to create the log and assign it to the filesystem：  （1）mklv -t jfslog -y /dev/fs1log testvg 1   （2）chfs -a log=/dev/fs1log /test/fs1   While trying to mount the /test/fs1 filesystem the administrator received the error：  "Cannot mount /dev/fs1lv on /test/fs1： A system call received a parameter that is not valid". What step did the administrator miss that most likely caused the error？（）
A. Use the logform command to format /dev/fs1log as a jfslog
B. Use the chlv command to change the lv type of /dev/fs1log to jfslog
C. Use the chvg command to change the default jfslog of testvg to /dev/fs1log
D. Edit the /etc/filesystems file to change the log associated with /test/fs1 to /dev/fs1log