单选题[edit groups] user@host# show node0 { system { host-name NODE0; } interfaces { fxp0 { unit 0 { family inet { address 1.1.1.1/24; } } } } } node1 { system { host-name NODE1; } interfaces { fxp0 { unit 0 { family inet { address 1.1.1.2/24; } } } } } In t
题目
This section is where you define all chassis clustering configuration.
This configuration is required for members of a chassis cluster to talk to each other.
You can apply this configuration in the chassis cluster to make configuration easier.
This section is where unique node configuration is applied.
相似考题
参考答案和解析
更多“[edit groups] user@host# show node0 { system { host-name NOD”相关问题
-
第1题:
You are required to configure a SCREEN option that enables IP source route option detection.Which twoconfigurations meet this requirement?() (Choose two.)A. [edit security screen] user@host# show ids-option protectFromFlood { ip { loose-source-route-option; strict-source-route-option; } }
B. [edit security screen] user@host# show ids-option protectFromFlood { ip { source-route-option; } }
C. [edit security screen] user@host# show ids-option protectFromFlood { ip { record-route-option; security-option; } }
D. [edit security screen] user@host# show ids-option protectFromFlood { ip { strict-source-route-option; record-route-option; } }
参考答案:A, B
-
第2题:
A router has been configured with the settings shown below: [edit] user@host# show system authentication-order authentication-order [ radius tacplus ]; The router also has a local database that contains the user lab with password lab123. What would happen if both the RADIUS and the TACACS servers are not accessible?()
- A、The user lab will not be able to login.
- B、The user lab will be authenticated against the local database and will be able to login.
- C、The user lab will receive an error message indicating the router is unable to authenticate due to the authentication servers not responding.
- D、The user will be able to login only if tries to login as the root user.
正确答案:B -
第3题:
Which command do you use to display the messages seen during the last system boot?()
- A、show system boot-messages
- B、show chassis messages
- C、show file system boot-messages
- D、show boot-log messages
正确答案:A -
第4题:
If both nodes in a chassis cluster initialize at different times, which configuration example will allow you to ensure that the node with the higher priority will become primary for your RGs other than RG0?()
- A、[edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150;preempt; }
- B、[edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; monitoring; }
- C、[edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; control-link-recovery; }
- D、[edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; strict-priority; }
正确答案:A -
第5题:
查看IHUB 内存的命令
- A、show core1-uptime
- B、show system core1-cpu
- C、show system core1-memory-pools
正确答案:C -
第6题:
A system administrator wants to configure a system so that all new users will be put into the database group by default. How would this be accomplished?()
- A、remove all other groups from the system
- B、run the command mkuser -default "GROUP=database"
- C、change the default group in /usr/lib/security/mkuser.default
- D、edit /etc/security/group to move all users to the database stanza
正确答案:C -
第7题:
单选题When applying the configuration in the exhibit and initializing a chassis cluster, which statement is correct?() [edit chassis] user@host# show cluster { reth-count 3; redundancy-group 1 { node 0 priority 1; node 1 priority 100; } }AThree physical interfaces are redundant.
BYou must define an additional redundancy group.
Cnode 0 will immediately become primary for redundancy group 1.
DYou must issue an operational command and reboot the system for the above configuration to take effect.
正确答案: B解析: 暂无解析 -
第8题:
单选题[edit groups] user@host# show node0 { system { host-name NODE0; } interfaces { fxp0 { unit 0 { family inet { address 1.1.1.1/24; } } } } } node1 { system { host-name NODE1; } interfaces { fxp0 { unit 0 { family inet { address 1.1.1.2/24; } } } } } In the exhibit, what is the function of the configuration statements?()AThis section is where you define all chassis clustering configuration.
BThis configuration is required for members of a chassis cluster to talk to each other.
CYou can apply this configuration in the chassis cluster to make configuration easier.
DThis section is where unique node configuration is applied.
正确答案: C解析: 暂无解析 -
第9题:
单选题A router has been configured with the settings shown below: [edit] user@host# show system authentication-order authentication-order [ radius tacplus ]; The router also has a local database that contains the user lab with password lab123. What would happen if both the RADIUS and the TACACS servers are not accessible?()AThe user lab will not be able to login.
BThe user lab will be authenticated against the local database and will be able to login.
CThe user lab will receive an error message indicating the router is unable to authenticate due to the authentication servers not responding.
DThe user will be able to login only if tries to login as the root user.
正确答案: B解析: 暂无解析 -
第10题:
单选题How can you verify that you have correctly configured SSH access to your Junos device?()Auser@router# show system services
Buser@router> show configuration services
Cuser@router# show configuration system services
Duser@router# show system login
正确答案: C解析: 暂无解析 -
第11题:
单选题You are configuring a new BGP neighbor and want to view the configuration of interface ge- 0/0/0.42.Which command do you use to achieve this result?()A[edit protocols bgp group external] user@router# set interfaces ge-0/0/0.42
B[edit protocols bgp group external] user@router# edit show interfaces ge-0/0/0.42
C[edit protocols bgp group external] user@router# top show interfaces ge-0/0/0.42
D[edit protocols bgp group external] user@router# show interfaces ge-0/0/0.42
正确答案: A解析: 暂无解析 -
第12题:
单选题Which type of source NAT is configured in the exhibit?() [edit security nat destination] user@host# show pool A { address 10.1.10.5/32; } rule-set 1 { from zone untrust; rule 1A { match { destination-address 100.0.0.1/32; } then { destination-nat pool A; } } }Astatic destination NAT
Bstatic source NAT
Cpool-based destination NAT without PAT
Dpool-based destination NAT with PAT
正确答案: A解析: 暂无解析 -
第13题:
Which command do you use to display the messages seen during the last system boot?()A. show system boot-messages
B. show chassis messages
C. show file system boot-messages
D. show boot-log messages
参考答案:A
-
第14题:
You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?()
- A、[edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }
- B、[edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }
- C、[edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }
- D、[edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }
正确答案:B -
第15题:
SR7750查看系统已经打开的端口命令是()
- A、Show system connection
- B、Show system port
- C、show running port
- D、Show system security
正确答案:A -
第16题:
Which CLI command allows you to determine how many licenses are currently used on the routerand are further needed by the router?()
- A、show system license key
- B、show system license usage
- C、show system license total
- D、show system license profile
正确答案:B -
第17题:
查看ihub内存的命令()
- A、show corel-uptime
- B、show system core1-cpu
- C、show system core1-memory-pools
正确答案:C -
第18题:
单选题Which type of source NAT is configured in the exhibit?() [edit security nat source] user@host# show rule-set 1 { from interface ge-0/0/2.0; to zone untrust; rule 1A {match { destination-address 1.1.70.0/24; } then { source-nat interface; } } }Ainterface-based source NAT
Bstatic source NAT
Cpool-based source NAT with PAT
Dpool-based source NAT without PAT
正确答案: B解析: 暂无解析 -
第19题:
单选题Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone by using an IPsec VPN and log information at the time of session close.Which configuration meets this requirement?()A[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts;destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } log { session-init; } } }
B[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } count { session-close; } } }
C[edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN;} } log { session-close; } } }
D[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; log; count session-close; } } } }
正确答案: D解析: 暂无解析 -
第20题:
单选题Which statement contains the correct parameters for a route-based IPsec VPN?()A[edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }
B[edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; } policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }
C[edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200;} policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }
D[edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }
正确答案: B解析: 暂无解析 -
第21题:
单选题Which configuration shows the correct application of a security policy scheduler?()A[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } scheduler-name now; } } }
B[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }
C[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn scheduler-name now; } } } }
D[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; scheduler-name now; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }myTunnel;
正确答案: B解析: 暂无解析 -
第22题:
多选题You are required to configure a SCREEN option that enables IP source route option detection.Which twoconfigurations meet this requirement?() (Choose two.)A[edit security screen] user@host# show ids-option protectFromFlood { ip { loose-source-route-option; strict-source-route-option; } }
B[edit security screen] user@host# show ids-option protectFromFlood { ip { source-route-option; } }
C[edit security screen] user@host# show ids-option protectFromFlood { ip { record-route-option; security-option; } }
D[edit security screen] user@host# show ids-option protectFromFlood { ip { strict-source-route-option; record-route-option; } }
正确答案: D,B解析: 暂无解析 -
第23题:
单选题A router has been configured with the authentication order settings shown below: [edit] user@host# show system authentication-order authentication-order [radius tacplus password]; The router also has a local database that contains the user lab with password lab123. What would happen if both the RADIUS and the TACACS servers respond with a reject for user lab?()AThe user lab will not be able to login.
BThe user lab will be authenticated against the local database and will be able to login.
CThe user will be able to login only if tries to login as the root user.
DThe user lab will receive an error message indicating the username and password provided could not be found on the radius and tacacs servers.
正确答案: D解析: 暂无解析