当前分类: JN0-331
问题:单选题Which statement regarding the implementation of an IDP policy template is true?()A IDP policy templates are automatically installed as the active IDP policy.B IDP policy templates are enabled using a commit script.C IDP policy templates can be download...
查看答案
问题:多选题Which two are uses of NAT?()Aenabling network migrationsBconserving public IP addressesCallowing stateful packet inspectionDpreventing unauthorized connections from outside the network...
问题:单选题Which statement describes the behavior of source NAT with address shifting?()A Source NAT with address shifting translates both the source IP address and the source port of a packet.B Source NAT with address shifting defines a one-to-one mapping from a...
问题:多选题Which three statements are true when working with high-availability clusters?()AThe valid cluster-id range is between 0 and 255.BJUNOS security devices can belong to more than one cluster if cluster virtualization is enabled.CIf the cluster-id value is...
问题:单选题What is the default session timeout for UDP sessions?()A 30 secondsB 1 minuteC 5 minutesD 30 minutes...
问题:多选题Which two statements about JUNOS Software packet handling are correct?()AJUNOS Software applies service ALGs only for the first packet of a flow.BJUNOS Software uses fast-path processing only for the first packet of a flow.CJUNOS Software performs rout...
问题:多选题Which two steps are performed when configuring a zone?()ADefine a default policy for the zone.BAssign logical interfaces to the zone.CAssign physical interfaces to the zone.DDefine the zone as a security or functional zone...
问题:多选题Which three methods of source NAT does JUNOS Software support?()Ainterface-based source NATBsource NAT with address shiftingCsource NAT using static source poolDinterface-based source NAT without PATEsource NAT with address shifting and PAT...
问题:多选题Users can define policy to control traffic flow between which two components?()Afrom a zone to the device itselfBfrom a zone to the same zoneCfrom a zone to a different zoneDfrom one interface to another interface...
问题:单选题Which statement is true regarding proxy ARP?()A Proxy ARP is enabled by default on stand-alone JUNOS security devices.B Proxy ARP is enabled by default on chassis clusters.C JUNOS security devices can forward ARP requests to a remote device when proxy ...
问题:单选题You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in the Untrust zone. How do you create this policy?()A Specify the IP address (172.19.1.1/32) as the destination address in the polic...
问题:单选题When devices are in cluster mode, which new interfaces are created?()A No new interface is created.B Only the st interface is created.C fxp1, fab0, and fab1 are created.D st,fxp1,reth,fab0,and fab1 are created....
问题:多选题Which two statements regarding external authentication servers for firewall userauthentication are true?()AUp to three external authentication server types can be used simultaneously.BOnly one external authentication server type can be used simultaneou...
问题:单选题Which statement is true about a NAT rule action of off?()A The NAT action of off is only supported for destination NAT rule-sets.B The NAT action of off is only supported for source NAT rule-sets.C The NAT action of off is useful for detailed control o...
问题:单选题You want to allow your device to establish OSPF adjacencies with a neighboring device connected tointerface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()A [edit security ...
问题:多选题What are two uses of NAT?()Aconserving public IP addressesBallowing stateful packet inspectionCpreventing unauthorized connections from outside the networkDallowing networks with overlapping private address space to communicate...
问题:多选题You have been tasked with performing an update to the IDP attack database. Which three requirements areincluded as part of this task?()AThe IDP security package must be installed after it is downloaded.BThe device must be rebooted to complete the updat...
问题:单选题Which zone is a system-defined zone?()A null zoneB trust zoneC untrust zoneD management zone...
问题:单选题Using a policy with the policy-rematch flag enabled, what happens to the existing and newsessions when you change the policy action from permit to deny?()A The new sessions matching the policy are denied. The existing sessions are dropped.B The new ses...
问题:单选题Which statement is true about source NAT?()A Source NAT works only with source pools.B Destination NAT is required to translate the reply traffic.C Source NAT does not require a security policy to function.D The egress interface IP address can be used ...
