当前分类: JN0-331
问题:单选题Given the configuration shown in the exhibit, which configuration object would be used to associate bothNancy and Walter with firewall user authentication within a security policy?() profile ftp-users { client nancy { firewall-user { password "$9$lJ8vL...
查看答案
问题:多选题You are creating a destination NAT rule-set. Which two are valid for use with the from clause?()Asecurity policyBinterfaceCrouting-instanceDIP address...
问题:多选题Which two statements about the use of SCREEN options are correct?()ASCREEN options are deployed at the ingress and egress sides of a packet flow.BAlthough SCREEN options are very useful, their use can result in more session creation.CSCREEN options off...
问题:多选题Which two statements describe the purpose of a security policy?()AIt enables traffic counting and logging.BIt enforces a set of rules for transit traffic.CIt controls host inbound services on a zone.DIt controls administrator rights to access the devic...
问题:单选题Which statement is true about a NAT rule action of off?()A The NAT action of off is only supported for destination NAT rule-sets.B The NAT action of off is only supported for source NAT rule-sets.C The NAT action of off is useful for detailed control o...
问题:单选题Which attribute is required for all IKE phase 2 negotiations?()A proxy-IDB preshared keyC Diffie-Hellman group keyD main or aggressive mode...
问题:单选题An attacker sends a low rate of TCP SYN segments to hosts, hoping that at least one port replies. Which type of an attack does this scenario describe?()A DoSB SYN floodC port scanningD IP address sweep...
问题:单选题Regarding a route-based versus policy-based IPsec VPN, which statement is true?()A A route-based VPN generally uses less resources than a policy-based VPN.B A route-based VPN cannot have a deny action in a policy; a policy-based VPN can have a deny act...
问题:单选题Which configuration shows a pool-based source NAT without PAT’?()A AB BC CD D...
问题:多选题Which two statements are true about pool-based destination NAT?()AIt also supports PAT.BPAT is not supported.CIt allows the use of an address pool.DIt requires you to configure an address in the junos-global zone....
问题:多选题Which two firewall user authentication objects can be referenced in a security policy?()Aaccess profileBclient groupCclientDdefault profile...
问题:单选题What is a redundancy group in JUNOS Software?()A a set of chassis clusters that fail over as a groupB a set of devices that participate in a chassis clusterC a set of VRRP neighbors that fail over as a groupD a set of chassis cluster objects that fail ...
问题:多选题Which two functions of JUNOS Software are handled by the data plane?()ANATBOSPFCSNMPDSCREEN options...
问题:多选题Which three statements are true regarding IDP?()AIDP cannot be used in conjunction with other JUNOS Software security features such as SCREEN options,zones, and security policy.BIDP inspects traffic up to the Application layer.CIDP searches the data st...
问题:多选题Which three advanced permit actions within security policies are valid?()AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic ...
问题:多选题Which two statements are true regarding firewall user authentication?()AWhen configured for pass-through firewall user authentication, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.B...
问题:单选题You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality?()A [edit interfaces]B [edit security zones]C [edit system services]D [edit security interfaces]...
问题:单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thur...
