多选题Which two parameters are configured in IPsec policy? ()(Choose two.)AmodeBIKE gatewayCsecurity proposalDPerfect Forward Secrecy

题目
多选题
Which two parameters are configured in IPsec policy? ()(Choose two.)
A

mode

B

IKE gateway

C

security proposal

D

Perfect Forward Secrecy

相似考题

1.You are configuring an SRX210 as a firewall enforcer that will tunnel IPsec traffic from several Junos Pulse users.Which two parameters must you configure on the SRX210?()A. access profileB. IKE parametersC. tunneled interfaceD. redirect policy

2.Which two statements are true with regard to policy ordering? ()(Choose two.)A. The last policy is the default policy, which allows all traffic.B. The order of policies is not important.C. New policies are placed at the end of the policy list.D. The insert command can be used to change the order.

3.Which two parameters are configured in IPsec policy? ()(Choose two.)A. modeB. IKE gatewayC. security proposalD. Perfect Forward Secrecy

4.Which three parameters are configured in the IKE policy? ()(Choose three.)A. modeB. preshared keyC. external interfaceD. security proposalsE. dead peer detection settings

更多“Which two parameters are configured in IPsec policy? ()(Choo”相关问题

  • 第1题:

    You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()

    A. Resource access policy on the MAG Series device

    B. IPsec routing policy on the MAG Series device

    C. General traffic policy blocking access through the firewall enforcer

    D. Auth table entry on the firewall enforcer


    参考答案:A, D

  • 第2题:

    Which two statements are true regarding interface properties? ()

    A.MTU and speed must be configured under each unit.

    B.Physical parameters such as MTU, duplex mode, and speed are configured under the interface name.

    C.IP and IPv6 addresses are configured under a unit-number.

    D.DLCI numbers, VPI/VCI values, and VLAN tags are physical parameters.


    参考答案:B, C

  • 第3题:

    Which three parameters are configured in the IKE policy?()

    • A、mode
    • B、preshared key
    • C、external interface
    • D、security proposals
    • E、dead peer detection settings

    正确答案:A,B,D

  • 第4题:

    When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()

    • A、IPsec Routing
    • B、Access Control
    • C、IP Address Pool
    • D、Source Interface

    正确答案:D

  • 第5题:

    Which two configuration elements are required for a route-based VPN?()

    • A、secure tunnel interface
    • B、security policy to permit the IKE traffic
    • C、a route for the tunneled transit traffic
    • D、tunnel policy for transit traffic referencing the IPsec VPN

    正确答案:A,C

  • 第6题:

    单选题
    When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()
    A

    IPsec Routing

    B

    Access Control

    C

    IP Address Pool

    D

    Source Interface


    正确答案: C
    解析: 暂无解析

  • 第7题:

    单选题
    Which statement contains the correct parameters for a route-based IPsec VPN?()
    A

    [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

    B

    [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; } policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

    C

    [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200;} policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

    D

    [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }


    正确答案: B
    解析: 暂无解析

  • 第8题:

    多选题
    Which three parameters are configured in the IKE policy?()
    A

    mode

    B

    preshared key

    C

    external interface

    D

    security proposals

    E

    dead peer detection settings


    正确答案: A,B,D
    解析: 暂无解析

  • 第9题:

    多选题
    You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()
    A

    The crypto ACL number

    B

    The IPSEC mode (tunnel or transport)

    C

    The GRE tunnel interface IP address

    D

    The GRE tunnel source interface or IP address, and tunnel destination IP address

    E

    The MTU size of the GRE tunnel interface


    正确答案: C,E
    解析: 暂无解析

  • 第10题:

    多选题
    Which three parameters are configured in the IKE policy? ()(Choose three.)
    A

    mode

    B

    preshared key

    C

    external interface

    D

    security proposals

    E

    dead peer detection settings


    正确答案: D,E
    解析: 暂无解析

  • 第11题:

    多选题
    Which two configuration elements are required for a policy-based VPN?()
    A

    IKE gateway

    B

    secure tunnel interface

    C

    security policy to permit the IKE traffic

    D

    security policy referencing the IPsec VPN tunnel


    正确答案: D,B
    解析: 暂无解析

  • 第12题:

    多选题
    Which two configuration elements are required for a route-based VPN?()
    A

    secure tunnel interface

    B

    security policy to permit the IKE traffic

    C

    a route for the tunneled transit traffic

    D

    tunnel policy for transit traffic referencing the IPsec VPN


    正确答案: A,D
    解析: 暂无解析

  • 第13题:

    When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? ()

    A. IPsec Routing

    B. Access Control

    C. IP Address Pool

    D. Source Interface


    参考答案:D

  • 第14题:

    You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()

    • A、The crypto ACL number
    • B、The IPSEC mode (tunnel or transport)
    • C、The GRE tunnel interface IP address
    • D、The GRE tunnel source interface or IP address, and tunnel destination IP address
    • E、The MTU size of the GRE tunnel interface

    正确答案:C,D

  • 第15题:

    Which three parameters are configured in the IKE policy?() (Choose three.)

    • A、mode
    • B、preshared key
    • C、external interface
    • D、security proposals
    • E、dead peer detection settings

    正确答案:A,B,D

  • 第16题:

    You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()

    • A、Resource access policy on the MAG Series device
    • B、IPsec routing policy on the MAG Series device
    • C、General traffic policy blocking access through the firewall enforcer
    • D、Auth table entry on the firewall enforcer

    正确答案:A,D

  • 第17题:

    You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()

    • A、Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computers
    • B、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computers
    • C、Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computers
    • D、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers

    正确答案:A

  • 第18题:

    多选题
    You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure?()
    A

    Select Require and Enforce for the Host Checker Policy in the realm authentication policy.

    B

    Select Evaluate Policies for the Host Checker policy in the realm authentication policy.

    C

    Configure the Host Checker policy as a role restriction for the Employee role.

    D

    Configure the Host Checker policy as a resource access policy for the Employee role.


    正确答案: B,D
    解析: 暂无解析

  • 第19题:

    多选题
    You are configuring an SRX210 as a firewall enforcer that will tunnel IPsec traffic from several Junos Pulse users.Which two parameters must you configure on the SRX210?()
    A

    access profile

    B

    IKE parameters

    C

    tunneled interface

    D

    redirect policy


    正确答案: B,A
    解析: 暂无解析

  • 第20题:

    多选题
    Which two statements are true regarding interface properties? ()
    A

    MTU and speed must be configured under each unit.

    B

    Physical parameters such as MTU, duplex mode, and speed are configured under the interface name.

    C

    IP and IPv6 addresses are configured under a unit-number.

    D

    DLCI numbers, VPI/VCI values, and VLAN tags are physical parameters.


    正确答案: D,B
    解析: 暂无解析

  • 第21题:

    多选题
    Which two statements regarding firewall user authentication client groups are true?()
    A

    Individual clients are configured under client groups in the configuration hierarchy.

    B

    Client groups are configured under individual clients in the configuration hierarchy.

    C

    Client groups are referenced in security policy in the same manner in which individual clients are referenced.

    D

    Client groups are used to simplify configuration by enabling firewall user authentication without security policy.


    正确答案: D,A
    解析: 暂无解析

  • 第22题:

    多选题
    Which two parameters are configured in IPsec policy?()
    A

    mode

    B

    IKE gateway

    C

    security proposal

    D

    Perfect Forward Secrecy


    正确答案: B,D
    解析: 暂无解析

  • 第23题:

    多选题
    When assigning a standalone access point a non-root role, which two parameters, other than Rolein the radio network settings, must be configured on the SSID Manager page?()
    A

    Force Infrastructure Devices to associate only to this SSID

    B

    Set Infrastructure SSID

    C

    Multiple BSSID

    D

    Set Data Beacon Rate

    E

    Enable IP redirection on this SSID


    正确答案: C,D
    解析: 暂无解析

相关内容