当前分类: JN0-331
问题:单选题Which zone is a system-defined zone?()A null zoneB trust zoneC untrust zoneD management zone...
查看答案
问题:单选题A route-based VPN is required for which scenario?()A when the remote VPN peer is behind a NAT deviceB when multiple networks need to be reached across the tunnel and GRE cannot be usedC when the remote VPN peer is a dialup or remote access clientD when...
问题:多选题Which three methods of source NAT does JUNOS Software support?()Ainterface-based source NATBsource NAT with address shiftingCsource NAT using static source poolDinterface-based source NAT without PATEsource NAT with address shifting and PAT...
问题:单选题When devices are in cluster mode, which new interfaces are created?()A No new interface is created.B Only the st interface is created.C fxp1, fab0, and fab1 are created.D st,fxp1,reth,fab0,and fab1 are created....
问题:多选题Which two statements regarding external authentication servers for firewall userauthentication are true?()AUp to three external authentication server types can be used simultaneously.BOnly one external authentication server type can be used simultaneou...
问题:单选题What is the default session timeout for UDP sessions?()A 30 secondsB 1 minuteC 5 minutesD 30 minutes...
问题:多选题What are two uses of NAT?()Aconserving public IP addressesBallowing stateful packet inspectionCpreventing unauthorized connections from outside the networkDallowing networks with overlapping private address space to communicate...
问题:单选题In the configuration shown in the exhibit, you decided to eliminate the junos-ftp applicationfrom the match condition of the policy MyTraffic. [edit security policies] user@hostl# show from-zone Private to-zone External { policy MyTraffic { match { sou...
问题:多选题Which two statements about JUNOS Software packet handling are correct?()AJUNOS Software applies service ALGs only for the first packet of a flow.BJUNOS Software uses fast-path processing only for the first packet of a flow.CJUNOS Software performs rout...
问题:多选题You are creating a destination NAT rule-set. Which two are valid for use with the from clause?()Asecurity policyBinterfaceCrouting-instanceDIP address...
问题:单选题What is the purpose of an address book?()A It holds security policies for particular hosts.B It holds statistics about traffic to and from particular hosts.C It defines hosts in a zone so they can be referenced by policies.D It maps hostnames to IP add...
问题:单选题Two VPN peers are negotiating IKE phase 1 using main mode. Which message pair in the negotiation contains the phase 1 proposal for the peers?()A message 1 and 2B message 3 and 4C message 5 and 6D message 7 and 8...
问题:多选题Which three statements are true when working with high-availability clusters?()AThe valid cluster-id range is between 0 and 255.BJUNOS security devices can belong to more than one cluster if cluster virtualization is enabled.CIf the cluster-id value is...
问题:单选题Which statement is true about source NAT?()A Source NAT works only with source pools.B Destination NAT is required to translate the reply traffic.C Source NAT does not require a security policy to function.D The egress interface IP address can be used ...
问题:单选题Which configuration shows a pool-based source NAT without PAT’?()A AB BC CD D...
问题:多选题Users can define policy to control traffic flow between which two components?()Afrom a zone to the device itselfBfrom a zone to the same zoneCfrom a zone to a different zoneDfrom one interface to another interface...
问题:单选题Which statement regarding the implementation of an IDP policy template is true?()A IDP policy templates are automatically installed as the active IDP policy.B IDP policy templates are enabled using a commit script.C IDP policy templates can be download...
问题:单选题You have been tasked with installing two SRX 5600 platforms in a high-availability cluster. Which requirement must be met for a successful installation?()A You must enable SPC detect within the configuration.B You must enable active-active failover for...
问题:多选题Which two statements regarding firewall user authentication client groups are true?()AIndividual clients are configured under client groups in the configuration hierarchy.BClient groups are configured under individual clients in the configuration hiera...
