Q: 12
Which two components of a Security policy, when configured, allow third-party contractors access to
internal applications outside business hours? (Choose two.)
Options
Discussion
Guessing C and D are correct, not B. B is a classic distractor but doesn't handle who or when access happens.
C and D. User-ID lets you specify the contractors, Schedule limits access to outside business hours. Makes sense based on policy usage.
C/D? User-ID (C) lets the policy target just the third-party contractors, while Schedule (D) sets the after-hours part. I remember similar practice questions focused on these fields in the official study guide. Pretty sure these two are what you need for user/time-based restriction.
C D tbh. User-ID is for identifying those contractors by user, and Schedule limits it to after-hours-so both fit exactly what they're asking. No need for App-ID or Service here since it's about who and when, not what or how. Anyone see it differently?
I don’t think App-ID (A) applies here, it’s User-ID (C) and Service (B). User-ID identifies the specific contractors, and Service defines what app or port they can hit, which could mean those internal apps. Only thing is, without Schedule this wouldn't restrict hours, but if the service is restricted outside business hours, maybe that's enough? Maybe missing something about time control though. Agree?
Be respectful. No spam.
