多选题You are required to configure a SCREEN option that enables IP source route option detection.Which twoconfigurations meet this requirement?（） (Choose two.)A[edit security screen] user@host# show ids-option protectFromFlood { ip { loose-source-route-opti

第1题：

第2题：

What is true about IP Source Guard with port security？（）

• A、Binding should be manually configured.
• B、It is not supported if IEEE 802.1x port-based authentication is enabled.
• C、The DHCP server must support option 82， or the client is not assigned an IP address.
• D、It filters based on source IP address only.

第3题：

What is the correct procedure for adding an access point in WCS？（）

• A、Choose Configure >Access_Point， then enter the AP MAC address
• B、Choose Configure >Access_Point， then enter the IP address of the AP
• C、Wait until the WLC downloads its code from the WCS and choose the access point from the list under the WLC option of the Configure menu
• D、Wait until the AP downloads its code from the WCS and choose the access point from the list under the Access_Point option of the Configure menu

第4题：

Which of the following commands will enable you to see the contents of the IP routing table andsend the output to a TFTP server at the same time？（）

• A、show ip route ∣ to tftp：//192.168.1.1/route.txt
• B、show ip route ∣ tee tftp：//192.168.1.1/route.txt
• C、show ip route ∣ include tftp：//192.168.1.1/route.txt
• D、show ip route ft include tJtp：//19Z168.1.1/route.txt
• E、show ip route ∣ redirect tftp：//192.168.1.1/route.txt

第5题：

Which configuration shows the correct application of a security policy scheduler?（）

• A、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } scheduler-name now; } } }
• B、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }
• C、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn scheduler-name now; } } } }
• D、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; scheduler-name now; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }myTunnel;

第6题：

Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?（）

• A、Source IP and browser
• B、Source IP and certificate
• C、Certificate and Host Checker
• D、Host Checker and source IP

第7题：

At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? （）(Choose two.)

• A、[edit security idp]
• B、[edit security zones security-zone trust interfaces ge-0/0/0.0]
• C、[edit security zones security-zone trust]
• D、[edit security screen]

第8题：

You are configuring the DX appliance for the first time using the console. Which two configurationvalues can be set using the first time configuration screen?（） (Choose two.)

• A、the user role
• B、the ether0 IP address
• C、the default route for this DX appliance
• D、the address of a network TFTP server

第9题：

An important tablespace of your database is dropped by mistake. You use the Flashback Database feature to retrieve the tablespace. You perform the following steps to retrieve the tablespace：   1. You log on to Enterprise Manager as SYSDBA.    2. You select the maintenance screen.    3. You choose Perform Recovery option on the maintenance screen.    4. You choose Whole Database in the Object Type drop-down list Perform Recovery： Type screen. 5. You choose Recover to Current Time from the Operation Type on the Perform Recovery： Type screen.    6. You provide the Host Credentials for a database user. on the Perform Recovery： Type screen.    7. You click the continue button.    An information screen appears saying that the database is unavailable. What is this information screen？（）

• A、Recovery Manager
• B、Recovery Window
• C、Recovery Wizard
• D、Enterprise Manager Home Page

第10题：

Your computer hardware supports Microsoft Windows Aero Experience. The transparency feature does not appear to be enabled. You need to use the transparency feature.  What are the two possible ways to achieve this goal？ （）

• A、Configure theme settings to Windows Vista.
• B、Increase the screen resolution to 1024 x 768 pixels or higher.
• C、Change the Color scheme option to Windows Aero.
• D、Change the Visual effects option to Let Windows choose whats best for my computer

第11题：

第12题：

第13题：

第14题：

You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?（）

• A、[edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }
• B、[edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }
• C、[edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }
• D、[edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }

第15题：

Which two statements about the use of SCREEN options are correct? （）(Choose two.)

• A、SCREEN options offer protection against various attacks
• B、SCREEN options are deployed prior to route and policy processing in first path packet processing
• C、SCREEN options are deployed at the ingress and egress sides of a packet flow
• D、SCREEN options, you must take special care to protect OSPF

第16题：

Which of the following commands shows all routes learned via EIGRP？（Choose all that apply.）（）

• A、show ip eigrp topology
• B、show ip eigrp adjacency
• C、show ip eigrp routes
• D、show ip eigrp database
• E、show ip route eigrp
• F、show ip eigrp forwarding

第17题：

Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone by using an IPsec VPN and log information at the time of session close.Which configuration meets this requirement?（）

• A、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts;destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } log { session-init; } } }
• B、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } count { session-close; } } }
• C、[edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN;} } log { session-close; } } }
• D、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; log; count session-close; } } } }

第18题：

You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality？（）

• A、[edit interfaces]
• B、[edit security zones]
• C、[edit system services]
• D、[edit security interfaces]

第19题：

You are required to configure a SCREEN option that enables IP source route option detection.Which twoconfigurations meet this requirement?（） (Choose two.)

• A、[edit security screen] user@host# show ids-option protectFromFlood { ip { loose-source-route-option; strict-source-route-option; } }
• B、[edit security screen] user@host# show ids-option protectFromFlood { ip { source-route-option; } }
• C、[edit security screen] user@host# show ids-option protectFromFlood { ip { record-route-option; security-option; } }
• D、[edit security screen] user@host# show ids-option protectFromFlood { ip { strict-source-route-option; record-route-option; } }

第20题：

Prior to applying SCREEN options to drop traffic， you want to determine how your configuration will affect traffic. Which mechanism would you configure to achieve this objective？（）

• A、the log option for the particular SCREEN option
• B、the permit option for the particular SCREEN option
• C、the SCREEN option， because it does not drop traffic by default
• D、the alarm-without-drop option for the particular SCREEN option

第21题：

Your company has an Active Directory domain. You have a server that runs Windows Server 2008. The Terminal Services role is installed on the server.  The company security policy does not allow users to copy and paste information to a local computer during a Terminal Services session.  You deploy the remote application named APP1.  You need to configure Terminal Services to meet the security requirement. What should you do？（）

• A、Enable the Use temporary folders per session option.
• B、Change the Security Encryption Level to FIPS Compliant.
• C、Deselect the Clipboard option in the RDP Settings for the published application.
• D、Disable the Drive option in the RDP-Tcp Client Setting properties for the server.

第22题：

第23题：

第24题：