A customer has purchased a third-party switch to use for Layer 2 access with their Junos Pulse Access Controe Service. When configuring the switch on the Junos Pulse Access Control Service, the customer does not find a make/model entry for it .Which two a

题目

A customer has purchased a third-party switch to use for Layer 2 access with their Junos Pulse Access Controe Service. When configuring the switch on the Junos Pulse Access Control Service, the customer does not find a make/model entry for it .Which two actions should the customer take to make the switch work with the Junos Pulse Access Control Service?()

A. Add the switch to the Junos Pulse Access Control Service as a standard RADIUS.

B. Add the switch to the Junos Pulse Access Control Service using the "Any" make/model.

C. Add the switch as a firewall enforcer.

D. Obtain and configure the RADIUS dictionary for the switch and use that vendor listing for the make/model.

相似考题

1.通过配置VLAN划分各个部门,并配置ACL以实现每个部门经理之间能够通讯,普通员工之间不能相互通讯。SwSwitch>enSwitchConf tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)int f0/1Switch(config-if)switchport mode trunk (11)%LINEPROTO-5-UPDOWN:Line protocol on Interface FastEthernet0/1,changed state to down%LINEPROTO-5-UPDOWN:Line protocol on Interface FastEthernet0/1,changed state to upSwitch(config-if)exitSwitch(config)vlan 2创建VLAN 2Switch(config-vlan) (12) //VLAN2命名为工程部Switch(config-vlan)exitSwitch(config)vlan 3创建VLAN 3Switch(config-vlan) (13) //VLAN2命名为财务部Switch(config-Vlan)exitSwitch(config-vlan)vlan 4创建VLAN 4Switch(config-vlan) (14) //VLAN2命名为技术部Switch(config-vlan)exitSwitch(config)int f0/2Switch(config-if)switchport access vlan 2 (15)Switch(config-if)exitSwitch(config)int f0/3Switch(config-if)switchport access vlan 2Switch(config-if)exitSwitch(config)int f0/4Switch(config-if)switchport access vlan 3Switch(config-if)exitSwitch(config)int f0/5Switch(config-if)switchport access vlan 3Switch(config-if)exitSwitch(config)int f0/6Switch(config-if)switchport access vlan 4Switch(config-if)exitSwitch(config)int f0/7Switch(config-if)switchport access vlan 4Switch(config-if)exit然后定义访问控制列表。 (在此题中,允许一台特定主机而拒绝一个网段,所以要把拒绝主机放在上面。)注意:要想一个访问列表能够得到应用,必须在接口绑定。R1r1 (config)access-list 10 permit 192.168.2.2 0.0.0.0r1(config)access-list 10 deny 192.168.2.0 0.0.0.255_r1(config)access-list i0 permit 192.168.3.2 0.0.0.0_r1(config)access-list 10 deny 192.168.3.0 0.0.0.255_r1(config)access-list 10 permit any_r1(config)int f0/0.1r1(config-subif)ip access-group 10 outr1(config-subif)exitr1(config)access-list 11 permit 192.168.1.2 0.0.0.0r1(config)access-list 11 deny 192.168.1.0 0.0.0.255r1(config)access-list 11 permit 192.168.3.2 0.0.0.0r1(config)access-list 11 deny 192.168.3.0 0.0.0.255r1(config)access-list 11 permit anyr1(config)int f0/0.2r1(config-subif)ip access-group 11 outr1(config-subif)exitr1(config)access-list 12 permit 192.168.1.2 0.0.0.0r1(config)access-list 12 deny 192.168.1.0 0.0.0.255r1(config)access-list 12 permit 192.168.2.2 0.0.0.0r1(config)access-list 12 deny 192.168.2.0 0.0.0.255r1(config)access-list 12 permit anyr1(config)int f0/0.3r1(config-subif)ip access-group 12 outr1(config-subif)exit现在通过配置后所有的员工都能与互联网通讯。 (由于主机较多就不一一列述)

2.Acknowledgements, sequencing, and flow control are functions that are handled by which layer of the OSI model?A. Layer 5B. Layer 4C. Layer 7D. Layer 6E. Layer 3F. Layer 2G. Layer 1

3.某以太网的局部拓扑如图所示,其中集线器“HUB_A”和交换机“Switch_A”间的链路用标号1来表示,交换机“Switch_A”和交换机“Switch_B”间的链路用标号2来表示,则依照图中VLAN的划分情况链路1和链路2可以有( )两种情况。A、链路1是中继链路(trunk),链路2是中继链路(trunk)B、路1是接入链路(access),链路2是接入链路(access)C、路1是接入链路(access),链路2是中继链路(trunk)D、路1是中继链路(trunk),链路2是接入链路(access)

4.On your Oracle Database, you issue the following commands to create indexes:SQL > CREATE INDEX oe.ord_customer_ix1 ON oe.orders (customer_id, sales_rep_id) INVISIBLE;SQL> CREATE BITMAP INDEX oe.ord_customer_ix2 ON oe.orders (customer_id, sales_rep_id);Which two statements are true?()A. Only the ORD_CUSTOMER_IX1 index created.B. Both the indexes are updated when a row is inserted, updated, or deleted in the ORDERS table.C. Both the indexes are created: however, only ORD_CUSTOMERS_IX1 is used by the optimizer for queries on the ORDERS table.D. The ORD_CUSTOMER_IX1 index is not used by the optimizer even when the OPTIMIZER_USE_INVISIBLE_INDEXES parameters is set to true.E. Both the indexes are created and used by the optimizer for queries on the ORDERS table.F. Both the indexes are created: however, only ORD_CUSTOMERS_IX2 is used by the optimizer for queries on the ORDERS table.

参考答案和解析
参考答案:A, D
更多“A customer has purchased a third-party switch to use for Layer 2 access with their Junos P ”相关问题

  • 第1题:

    Which of the following is MOST likely a managed, Layer 3 device?()

    A.Router

    B.Bridge

    C.Hub

    D.Switch


    参考答案:A

  • 第2题:

    WhichheaderorsetofheadersdoesCRTPcompress?()

    A.Layer2

    B.Layer3

    C.Layer4

    D.Layer2andLayer3

    E.Layer3andLayer4


    参考答案:E

  • 第3题:

    Acknowledgements,sequencing,andflowcontrolarecharacteristicsofwhichOSIlayer?()

    A.Layer2

    B.Layer3

    C.Layer4

    D.Layer5

    E.Layer6

    F.Layer7


    参考答案:C

  • 第4题:

    Atacertaincustomer’ssite,aNASislogicallyinthetrafficpathbutnotphysicallyinthetrafficpath.TheNASidentifiesclientsbytheirIPaddresses.InwhichaccessmodehasthisNASbeenconfiguredtooperate?()

    A.Layer2Edgemode

    B.Layer2Centralmode

    C.Layer2In-Bandmode

    D.Layer3mode


    参考答案:D

  • 第5题:

    Acknowldgement, Sequencing, and Flow control are characteristics of which OSI layer?()

    A. Layer 2

    B. Layer 3

    C. Layer 4

    D. Layer 5

    E. Layer 6

    F. Layer 7


    参考答案:C

  • 第6题:



    管理员要求能确保Vlan10和Vlan20能互通,并且Vlan20的用户访问外网时,使用10.1.30.1作为出口,二Vlan10的用户访问外网时,使用10.1.20.1作为出口,因此考虑使用策略路由。具体配置如下:
    [Switch] acl 3000
    [Switch-acl-adv-3000] rule permit ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255
    [Switch-acl-adv-3000] rule permit ip source 192.168.2.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
    Switch-acl-adv-3000] quit
    ?
    [Switch] acl 3001?//匹配内网192.168.1.0/24网段的数据流
    [Switch-acl-adv-3001]?(1)
    [Switch-acl-adv-3001] quit
    [Switch] acl 3002?//匹配内网192.168.2.0/24网段的数据流
    [Switch-acl-adv-3002] rule permit ip source 192.168.2.0 0.0.0.255
    [Switch-acl-adv-3002] quit
    ?
    [Switch] traffic classifier c0 operator or
    [Switch-classifier-c0]?(2)
    [Switch-classifier-c0] quit
    [Switch]?(3)
    [Switch-classifier-c1] if-match acl 3001
    [Switch-classifier-c1] quit
    [Switch] traffic classifier c2 operator or
    [Switch-classifier-c2] if-match acl 3002
    [Switch-classifier-c2] quit
    [Switch] traffic behavior b0
    [Switch-behavior-b0]?(4)
    [Switch-behavior-b0] quit
    [Switch] traffic behavior b1
    [Switch-behavior-b1]?(5)
    [Switch-behavior-b1] quit
    [Switch] traffic behavior b2
    [Switch-behavior-b2] redirect ip-nexthop 10.1.30.1
    [Switch-behavior-b2] quit
    ?[Switch](6)
    [Switch-trafficpolicy-p1]?(7)
    [Switch-trafficpolicy-p1] classifier c1 behavior b1
    [Switch-trafficpolicy-p1] classifier c2 behavior b2
    [Switch-trafficpolicy-p1] quit
    [Switch] interface gigabitethernet 1/0/3
    [Switch-GigabitEthernet1/0/3]?(8)
    问题1:简要叙述ACL3000在此配置中的作用是什么?
    问题2:请完成(1)-(8)空的命令填空


    答案:
    解析:
    (1)rule permit ip source 192.168.1.0 0.0.0.255或者 rule? [数字编号] permit ip source 192.168.1.0 0.0.0.255
    (2)if-match acl 3000
    (3)traffic classifier c1 operator or
    (4)permit
    (5)redirect ip-nexthop 10.1.20.1
    (6)traffic policy p1
    (7)classifier c0 behavior b0
    (8)traffic-policy p1 inbound
    【解析】
    试题分析:
    传统的路由转发原理是首先根据报文的目的地址查找路由表,然后进行报文转发。但是目前越来越多的用户希望能够在传统路由转发的基础上根据自己定义的策略进行报文转发和选路。策略路由PBR(Policy-Based Routing)就是一种依据用户制定的策略进行数据转发的机制。在某些需要指定特定的数据流走特定的下一跳的场景下可以使用策略路由实现,例如使不同的数据流通过不同的链路进行发送,提高链路的利用效率;将数据流引流到防火墙等安全设备,进行安全过滤;在满足业务服务质量的前提下,选择费用较低的链路传输业务数据,从而降低企业数据服务的成本。策略路由主要配置在于如何利用ACL区分数据,然后再使用PBR设定对应的数据流使用redirect ip-nexthop命令或redirect ipv6-nexthop(对应IPv6数据)命令设置下一跳即可解决。具体配置过程如下:1. 创建VLAN并配置各接口,配置路由等,保证IP网络连通。2. 配置ACL规则,不同网段的数据流。3. 配置流分类,匹配规则为对应的ACL规则,使设备可以对报文进行区分。4. 配置流行为,使满足不同ACL规则的数据流走不同的链路,此时要特别注意的是:先把内网互访的数据流放行。5. 配置流策略,绑定上述流分类和流行为,并应用到对应设备接口的入方向,实现策略路由。本题不涉及基本IP网路连通的配置,因此只要从第2步开始即可。配置ACL规则# 在Switch上创建编码为3000、3001、3002的高级ACL。[Switch] acl 3000 //主要用于匹配内网两个网段之间互访的数据流,这部分数据流不需要做重定向,如果不配置这一步会导致内网之间互访的流量也被重定向,从而导致内网互访不通。[Switch-acl-adv-3000] rule permit ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255[Switch-acl-adv-3000] rule permit ip source 192.168.2.0 0.0.0.255 destination 192.168.1.0 0.0.0.255Switch-acl-adv-3000] quit[Switch] acl 3001 //匹配内网192.168.1.0/24网段的数据流[Switch-acl-adv-3001] rule permit ip source 192.168.1.0 0.0.0.255[Switch-acl-adv-3001] quit[Switch] acl 3002 //匹配内网192.168.2.0/24网段的数据流[Switch-acl-adv-3002] rule permit ip source 192.168.2.0 0.0.0.255[Switch-acl-adv-3002] quit步骤3 配置流分类在Switch上创建流分类c0、c1、c2,匹配规则分别为ACL 3000、ACL 3001和ACL3002。[Switch] traffic classifier c0 operator or[Switch-classifier-c0] if-match acl 3000[Switch-classifier-c0] quit[Switch] traffic classifier c1 operator or[Switch-classifier-c1] if-match acl 3001[Switch-classifier-c1] quit[Switch] traffic classifier c2 operator or[Switch-classifier-c2] if-match acl 3002[Switch-classifier-c2] quit步骤4 配置流行为# 在Switch上创建流行为b0、b1、b2,对于b0只配置permit的动作,对于b1和b2分别指定重定向到10.1.20.1和10.1.30.1的动作。[Switch] traffic behavior b0[Switch-behavior-b0] permit[Switch-behavior-b0] quit[Switch] traffic behavior b1[Switch-behavior-b1] redirect ip-nexthop 10.1.20.1[Switch-behavior-b1] quit[Switch] traffic behavior b2[Switch-behavior-b2] redirect ip-nexthop 10.1.30.1[Switch-behavior-b2] quit步骤5 配置流策略并应用到接口上# 在Switch上创建流策略p1,将流分类和对应的流行为进行绑定。[Switch] traffic policy p1[Switch-trafficpolicy-p1] classifier c0 behavior b0[Switch-trafficpolicy-p1] classifier c1 behavior b1[Switch-trafficpolicy-p1] classifier c2 behavior b2[Switch-trafficpolicy-p1] quit# 将流策略p1应用到Switch的GE1/0/3的入方向上。[Switch] interface gigabitethernet 1/0/3[Switch-GigabitEthernet1/0/3] traffic-policy p1 inbound

相关内容