当前分类: JN0-331
问题:单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thur...
查看答案
问题:单选题In the configuration shown in the exhibit, you decided to eliminate the junos-ftp applicationfrom the match condition of the policy MyTraffic. [edit security policies] user@hostl# show from-zone Private to-zone External { policy MyTraffic { match { sou...
问题:单选题Which configuration shows a pool-based source NAT without PAT’?()A AB BC CD D...
问题:多选题Which two statements are true about overflow pools?()AOverflow pools do not support PATBOverflow pools can not use the egress interface IP address for NATCOverflow pools must use PATDOverflow pools can contain the egress interface IP address or separat...
问题:多选题Which two statements are true regarding redundancy groups?()AWhen priority settings are equal and the members participating in a cluster are initialized at the same time, the primary role for redundancy group 0 is assigned to node 0.BThe preempt option...
问题:多选题Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true?() [edit security policies from-zone HR to-zone trust] use...
问题:单选题Which statement is true regarding redundancy groups?()A The preempt option determines the primary and secondary roles for redundancy group 0 during a failure and recovery scenario.B When priority settings are equal and the members participating in a cl...
问题:多选题Which three functions are provided by JUNOS Software for security platforms?()AVPN establishmentBstateful ARP lookupsCDynamic ARP inspectionDNetwork Address TranslationEinspection of packets at higher levels (Layer 4 and above)...
问题:单选题Which IDP policy action closes the connection and sends an RST packet to both the client and the server?()A close-connectionB terminate-connectionC close-client-and-serverD terminate-session...
问题:单选题Which statement is true about a NAT rule action of off?()A The NAT action of off is only supported for destination NAT rule-sets.B The NAT action of off is only supported for source NAT rule-sets.C The NAT action of off is useful for detailed control o...
问题:单选题A traditional router is better suited than a firewall device for which function?()A VPN establishmentB packet-based forwardingC stateful packet processingD Network Address Translation...
问题:单选题For IKE phase 1 negotiations, when is aggressive mode typically used?()A when one of the tunnel peers has a dynamic IP addressB when one of the tunnel peers wants to force main mode to be usedC when fragmentation of the IKE packet is required between t...
问题:多选题Which three options represent IDP policy match conditions?()AprotocolBsource-addressCportDapplicationEattacks...
问题:单选题Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing asecurity policy change?()A policy-rematchB policy-evaluateC rematch-policyD evaluate-policy...
问题:单选题Which type of zone is used by traffic transiting the device?()A transit zoneB default zoneC security zoneD functional zone...
问题:多选题Which two statements describe the purpose of a security policy?()AIt enables traffic counting and logging.BIt enforces a set of rules for transit traffic.CIt controls host inbound services on a zone.DIt controls administrator rights to access the devic...
问题:单选题Under which configuration hierarchy is an access profile configured for firewall user authentication?()A [edit access]B [edit security access]C [edit firewall access]D [edit firewall-authentication]...
问题:单选题Which attribute is required for all IKE phase 2 negotiations?()A proxy-IDB preshared keyC Diffie-Hellman group keyD main or aggressive mode...
问题:多选题What are three configuration objects used to build JUNOS IDP rules?()Azone objectsBpolicy objectsCattack objectsDalert and notify objectsEnetwork and address objects...
