当前分类: JN0-331
问题:单选题An attacker sends a low rate of TCP SYN segments to hosts, hoping that at least one port replies. Which type of an attack does this scenario describe?()A DoSB SYN floodC port scanningD IP address sweep...
查看答案
问题:多选题Which two statements are true about pool-based destination NAT?()AIt also supports PAT.BPAT is not supported.CIt allows the use of an address pool.DIt requires you to configure an address in the junos-global zone....
问题:单选题Given the configuration shown in the exhibit, which configuration object would be used to associate bothNancy and Walter with firewall user authentication within a security policy?() profile ftp-users { client nancy { firewall-user { password "$9$lJ8vL...
问题:多选题Which two statements describe the purpose of a security policy?()AIt enables traffic counting and logging.BIt enforces a set of rules for transit traffic.CIt controls host inbound services on a zone.DIt controls administrator rights to access the devic...
问题:多选题Which two functions of JUNOS Software are handled by the data plane?()ANATBOSPFCSNMPDSCREEN options...
问题:单选题You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality?()A [edit interfaces]B [edit security zones]C [edit system services]D [edit security interfaces]...
问题:多选题Which two statements are true regarding firewall user authentication?()AWhen configured for pass-through firewall user authentication, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.B...
问题:单选题Which attribute is required for all IKE phase 2 negotiations?()A proxy-IDB preshared keyC Diffie-Hellman group keyD main or aggressive mode...
问题:单选题You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in the Untrust zone. How do you create this policy?()A Specify the IP address (172.19.1.1/32) as the destination address in the polic...
问题:多选题You are creating a destination NAT rule-set. Which two are valid for use with the from clause?()Asecurity policyBinterfaceCrouting-instanceDIP address...
问题:多选题You are implementing an IDP policy template from Juniper Networks. Which three steps are included in thisprocess?()Aactivating a JUNOS Software commit scriptBconfiguring an IDP groups statementCsetting up a chassis clusterDdownloading the IDP policy te...
问题:单选题Which parameters are valid SCREEN options for combating operating system probes?()A syn-fin, syn-flood, and tcp-no-fragB syn-fin, port-scan, and tcp-no-flagC syn-fin, fin-no-ack, and tcp-no-fragD syn-fin, syn-ack-ack-proxy, and tcp-no-frag...
问题:单选题Which IDP policy action closes the connection and sends an RST packet to both the client and the server?()A close-connectionB terminate-connectionC close-client-and-serverD terminate-session...
问题:多选题Which two statements regarding firewall user authentication client groups are true?()AIndividual clients are configured under client groups in the configuration hierarchy.BClient groups are configured under individual clients in the configuration hiera...
问题:单选题Which statement is true about a NAT rule action of off?()A The NAT action of off is only supported for destination NAT rule-sets.B The NAT action of off is only supported for source NAT rule-sets.C The NAT action of off is useful for detailed control o...
问题:多选题Which two statements are true regarding redundancy groups?()AWhen priority settings are equal and the members participating in a cluster are initialized at the same time, the primary role for redundancy group 0 is assigned to node 0.BThe preempt option...
问题:单选题A traditional router is better suited than a firewall device for which function?()A VPN establishmentB packet-based forwardingC stateful packet processingD Network Address Translation...
问题:多选题Which two external authentication server types are supported by JUNOS Software for firewall user authentication?()ARADIUSBTACACS+CLDAPDIIS...
问题:多选题Which three options represent IDP policy match conditions?()AprotocolBsource-addressCportDapplicationEattacks...
问题:多选题Which two statements are true regarding IDP?()AIDP can be used in conjunction with other JUNOS Software security features such as SCREEN options,zones, and security policy.BIDP cannot be used in conjunction with other JUNOS Software security features s...
