You have a firewall filter containing two terms applied in an inbound direction on a customer interface.You would like this filter to protect your network from a spoofed denial of service attack. Which match criterion should be configured ito identify unw

第1题：

第2题：

A packet is evaluated against three user-defined terms within a firewall filter and no match is found. What correctly describes the action the firewall filter will take for this packet?（）

• A、The filter will permit the packet and take no additional action
• B、The filter will reject the packet and send an ICMP message back to the sender
• C、The filter will discard the packet and take no additional action
• D、The filter will permit the packet and write a log entry to the firewall log

第3题：

You need to control SSH. HTTP, and Telnet access to an MX240 router through any interface. You have decided to use a firewall filter. How should you apply the firewall filter?（）

• A、as an outbound filter on interface fxp0
• B、as an outbound filter on interface lo0
• C、as an inbound filter on interface fxp0
• D、as an inbound filter on interface lo0

第4题：

You have a firewall filter applied in an inbound direction on a customer interface. You would like this filter to protect your network from a spoofed denial of service attack. Which action should be configured to accomplish your goal?（）

• A、then reject
• B、then discard
• C、then next filter
• D、then silent-drop

第5题：

You need to control SSH, HTTP, and Telnet access to an MX240 router through any interface. You have decided to use a firewall filter. How should you apply the firewall filter?（）

• A、as an outbound filter on interface fxp0
• B、as an outbound filter on interface lo0
• C、as an inbound filter on interface fxp0
• D、as an inbound filter on interface lo0

第6题：

You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI). To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer?（）

• A、CLI
• B、WebUI
• C、NSM
• D、Junos Pulse Access Control Service

第7题：

You need to identify the types of inbound traffic that should pass through the perimeter firewall while maintaining the security of the network. Which inbound traffic should be allowed?（）

• A、VPN Traffic
• B、DNS Traffic
• C、LDAP Traffic
• D、HTTP Traffic
• E、HTTPS Traffic
• F、Traffic from the network address of 192.168.10/24

第8题：

You have a server that runs Windows Server 2003 Service Pack 2 (SP2). The server is configured as a network address translation (NAT) router. The server has two network adapters and provides Internet access for the network.You need to prevent traffic on port 21 from being sent to the Internet. All other outbound traffic must be allowed.What should you do?（） 

• A、On the network adapter that is connected to the LAN, enable TCP/IP filtering. 
• B、On the network adapter that is connected to the Internet, enable TCP/IP filtering. 
• C、From the Routing and Remote Access snap-in, open the properties of the interface connected to the Internet, select the Services and Ports tab, and define a new service. 
• D、From the Routing and Remote Access snap-in, open the properties of the interface connected to the Internet, select the NAT/Basic Firewall tab, and define a new static packet filter.

第9题：

You work as the Exchange administrator at Company.com.The Company.com network contains an Exchange Server 2010 Organization.Company.com has its headquarters in Paris where you are located.you are responsible for managing two exchange servers named -ex01 and -ex02.both exchange servers are configured to host the client access server role， the hub transport server role as well as the mailbox server role.terstkingex01 and -ex02 are members of a database availability group.during the course of the week you receive an instruction from management to ensure that users are able to make a connection to the client access server in the event of a single server failure. What should you do？（）

• A、Your best option would be to have the Network Load Balancing feature installed on every server.Thereafter a second IP address should be assigned to every network adapter.
• B、Your best option would be to have two new records created for the Client Access server from the DNS manager.
• C、Your best option would be to have a hardware load balancer deployed. Then a DNS record should be created for the virtual IP address. Thereafter a Client Access server array should be configured.
• D、Your best option would e to have a new service named Client Access Server created and a new IP address allocated from the Failover Cluster Manager.

第10题：

第11题：

第12题：

第13题：

第14题：

You need to control SSH, HTTP, and Telnet access to an MX240 router through any interface.You have decided to use a firewall filter. How should you apply the firewall filter?（）

• A、as an outbound filter on interface fxp0
• B、as an outbound filter on interface lo0
• C、as an inbound filter on interface fxp0
• D、as an inbound filter on interface lo0

第15题：

Which three statements accurately describe IOS Firewall configurations？（）

• A、The IP inspection rule can be applied in the inbound direction on the secured interface
• B、The IP inspection rule can be applied in the outbound direction on the unsecured interface
• C、The ACL applied in the inbound direction on the unsecured interface should be an extendedACL.
• D、For temporary openings to be created dynamically by Cisco IOS Firewall， the access-list for thereturning traffic must be a standard ACL

第16题：

You have a firewall filter containing two terms applied in an inbound direction on a customer interface. You would like this filter to protect your network from a spoofed denial of service attack. What match criterion should be used in the first term of the filter？（）

• A、Source TCP port
• B、Source IP address
• C、Destination TCP port
• D、Destination IP address

第17题：

A firewall filter is applied as an input filter on a transit interface. What three types of traffic will this affect? （）

• A、inbound traffic transiting the router
• B、outbound traffic transiting the router
• C、traffic destined to the Routing Engine
• D、traffic destined to the interface address on which the filter is applied

第18题：

Which two features protect the ERX Edge Router from denial-of-service attacks? （）(Choose two.)

• A、rate limiting of ICMP
• B、RADIUS authorizations
• C、source address validation
• D、stateful firewall on the router

第19题：

Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the Routing and Remote Access service （RRAS） role service installed.You need to view all inbound VPN packets. The solution must minimize the amount of data collected.What should you do？（）

• A、From RRAS，create an inbound packet filter.
• B、From Network Monitor，create a capture filter.
• C、From the Registry Editor，configure file tracing for RRAS.
• D、At the command prompt，run netsh.exe ras set tracing rasauth enabled.

第20题：

A Windows Communication Foundation (WCF) solution uses two services to manage a shopping cart. Service A processes messages containing line items that total between $0 and $500. Service B processes messages containing line items that total more than $500. All messages are of equal importance to the business logic. You need to route incoming messages to the appropriate services by using WCF routing. Which two message filters should you add to the router? (Each correct answer presents part of the solution. Choose two.)（）

• A、a message filter with a priority of 100 that will forward messages that total between $0 and $500 to Service A
• B、a message filter with a priority of 0 that will forward messages that total between $0 and $500 to Service A
• C、a message filter with a priority of 0 that will forward all messages to Service B
• D、a message filter with a priority of 100 that will forward all messages to Service B

第21题：

第22题：

第23题：