Which three functions are provided by JUNOS Software for security platforms?()A、VPN establishmentB、stateful ARP lookupsC、Dynamic ARP inspectionD、Network Address TranslationE、inspection of packets at higher levels (Layer 4 and above)

题目

Which three functions are provided by JUNOS Software for security platforms?()

  • A、VPN establishment
  • B、stateful ARP lookups
  • C、Dynamic ARP inspection
  • D、Network Address Translation
  • E、inspection of packets at higher levels (Layer 4 and above)
相似考题

1.Which three functions are provided by the Junos OS for security platforms?()(Choose three.)A. VPN establishmentB. stateful ARP lookupsC. Dynamic ARP inspectionD. Network Address TranslationE. inspection of packets at higher levels (Layer 4 and above)

2.Which three mechanisims support the forwarding plane of a Layer 3 VPN in JUNOS software? ()A. MPLS LSPB. ATM tunnelC. GRE tunnelD. IPSEC tunnelE. L2TPv3 session

3. The Company is concerned about Layer 2 security threats.  Which statement is true about these  threats? ()A、 MAC spoofing attacks allow an attacking device to receive frames intended for a different  network host.B、 Port scanners are the most effective defense against dynamic ARP inspection.C、 MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable  attack points.D、 Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP  snooping attacks.E、 DHCP snooping sends unauthorized replies to DHCP queries.F、 ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.G、 None of the other alternatives apply.

4.A traditional router is better suited than a firewall device for which function? ()A. VPN establishmentB. packet-based forwardingC. stateful packet processingD. network address translation

参考答案和解析
正确答案:A,D,E
更多“Which three functions are provided by JUNOS Software for security platforms?()A、VPN establishmentB、stateful ARP lookupsC、Dynamic ARP inspectionD、Network Address TranslationE、inspection of packets at higher levels (Layer 4 and above)”相关问题

  • 第1题:

    Which of the following would be BEST to use when identifying HTTP traffic running on TCP port53?()

    • A、Network layer firewall
    • B、Stateful inspection firewall
    • C、Zone aware firewall
    • D、Application layer firewall

    正确答案:D

  • 第2题:

    Which statement is true regarding the Junos OS?()

    • A、All platforms running the Junos OS separate the functions of learning and flooding.
    • B、All platforms running the Junos OS separate the functions of control and forwarding.
    • C、All platforms running the Junos OS separate the functions of routing and bridging.
    • D、All platforms running the Junos OS separate the functions of management and routing.

    正确答案:B

  • 第3题:

    Which two statements describe the difference between JUNOS Software for securityplatforms and a traditional router?()

    • A、JUNOS Software for security platforms supports NAT and PAT; a traditional router does not support NAT or PAT.
    • B、JUNOS Software for security platforms does not forward traffic by default; a traditional router forwards traffic by default.
    • C、JUNOS Software for security platforms uses session-based forwarding; a traditional router uses packet-based forwarding.
    • D、JUNOS Software for security platforms performs route lookup for every packet; a traditional router performs route lookup only for the first packet.

    正确答案:B,C

  • 第4题:

    You are responsible for increasing the security within the Company LAN. Of the following choices  listed below,  which is true regarding layer 2 security and mitigation techniques? ()

    • A、 Enable root guard to mitigate ARP address spoofing attacks.
    • B、 Configure DHCP spoofing to mitigate ARP address spoofing attacks.
    • C、 Configure PVLANs to mitigate MAC address flooding attacks.
    • D、 Enable root guard to mitigate DHCP spoofing attacks.
    • E、 Configure dynamic APR inspection (DAI) to mitigate IP address spoofing on DHCP untrusted  ports.
    • F、 Configure port security to mitigate MAC address flooding  
    • G、 None of the other alternatives apply

    正确答案:F

  • 第5题:

    The Company security administrator is concerned with layer 2 network attacks.  Which two  statements about these attacks are true? ()

    • A、 ARP spoofing attacks are attempts to redirect traffic to an attacking host by encapsulating a  false 802.1Q header on a frame and causing traffic to be delivered to the wrong VLAN.
    • B、 ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP  message with a forged identity to a transmitting host.
    • C、 MAC address flooding is an attempt to force a switch to send all information out every port byoverloading the MAC address table.
    • D、 ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP  packet that contains the forged address of the next hop router.
    • E、 MAC address flooding is an attempt to redirect traffic to a single port by associating that port  with all MAC addresses in the VLAN.

    正确答案:B,C

  • 第6题:

    In JUNOS software, unclassified packets are associated with which forwarding class?()

    • A、network control
    • B、best effort
    • C、assured forwarding
    • D、expedited forwarding

    正确答案:B

  • 第7题:

    Which two statements are true regarding proxy ARP?()

    • A、Proxy ARP is enabled by default.
    • B、Proxy ARP is not enabled by default.
    • C、JUNOS security devices can forward ARP requests to a remote device when proxy ARP is enabled.
    • D、JUNOS security devices can reply to ARP requests intended for a remote device when proxy ARP is enabled

    正确答案:B,D

  • 第8题:

    Which three mechanisims support the forwarding plane of a Layer 3 VPN in JUNOS software? ()

    • A、MPLS LSP
    • B、ATM tunnel
    • C、GRE tunnel
    • D、IPSEC tunnel
    • E、L2TPv3 session

    正确答案:A,C,D

  • 第9题:

    多选题
    Which three mechanisims support the forwarding plane of a Layer 3 VPN in JUNOS software? ()
    A

    MPLS LSP

    B

    ATM tunnel

    C

    GRE tunnel

    D

    IPSEC tunnel

    E

    L2TPv3 session


    正确答案: E,D
    解析: 暂无解析

  • 第10题:

    单选题
    The Company is concerned about Layer 2 security threats.  Which statement is true about these  threats? ()
    A

     MAC spoofing attacks allow an attacking device to receive frames intended for a different  network host.

    B

     Port scanners are the most effective defense against dynamic ARP inspection.

    C

     MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable  attack points.

    D

     Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP  snooping attacks.

    E

     DHCP snooping sends unauthorized replies to DHCP queries.

    F

     ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.

    G

     None of the other alternatives apply.


    正确答案: C
    解析: 暂无解析

  • 第11题:

    多选题
    Which three JUNOS software features allow for increased security on your network?()
    A

    firewall filters

    B

    data encryption

    C

    routing protocol authentication

    D

    support for BGP path mtu discovery

    E

    automatic discovery for IPSEC neighbors


    正确答案: E,B
    解析: 暂无解析

  • 第12题:

    单选题
    Which statement is true regarding proxy ARP?()
    A

    Proxy ARP is enabled by default on stand-alone JUNOS security devices.

    B

    Proxy ARP is enabled by default on chassis clusters.

    C

    JUNOS security devices can forward ARP requests to a remote device when proxy ARP is enabled.

    D

    JUNOS security devices can reply to ARP requests intended for a remote device when proxy ARP is enabled


    正确答案: C
    解析: 暂无解析

  • 第13题:

    Which statement is true regarding proxy ARP?()

    • A、Proxy ARP is enabled by default on stand-alone JUNOS security devices.
    • B、Proxy ARP is enabled by default on chassis clusters.
    • C、JUNOS security devices can forward ARP requests to a remote device when proxy ARP is enabled.
    • D、JUNOS security devices can reply to ARP requests intended for a remote device when proxy ARP is enabled

    正确答案:D

  • 第14题:

    A traditional router is better suited than a firewall device for which function?()

    • A、VPN establishment
    • B、packet-based forwarding
    • C、stateful packet processing
    • D、Network Address Translation

    正确答案:B

  • 第15题:

    Which three statements are true regarding IDP?()

    • A、IDP cannot be used in conjunction with other JUNOS Software security features such as SCREEN options,zones, and security policy.
    • B、IDP inspects traffic up to the Application layer.
    • C、IDP searches the data stream for specific attack patterns.
    • D、IDP inspects traffic up to the Presentation layer.
    • E、IDP can drop packets, close sessions, prevent future sessions, and log attacks for review by network administrators when an attack is detected.

    正确答案:B,C,E

  • 第16题:

    On a Company switch named R1 you configure the following:  iparp inspection vlan 10-12, 15   What is the purpose of this global configuration command made on R1?()

    • A、 Discards ARP packets with invalid IP-to-MAC address bindings on trusted ports
    • B、 Validates outgoing ARP requests for interfaces configured on VLAN 10, 11, 12, or 15
    • C、 Intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings
    • D、 Intercepts all ARP requests and responses on trusted ports
    • E、 None of the other alternatives apply

    正确答案:C

  • 第17题:

    Which three statements are true about DAI?()

    • A、DAI intercept all ARP packets on untrusted ports
    • B、DAI determines the validity of an ARP packet based on the valid MAC address-to-IP address bindings stored in the DHCP Snooping database.
    • C、DAI is used to prevent against a DHCP Snooping attack.
    • D、DAI forwards all ARP packets received on a trusted interface without any checks.
    • E、DAI forwards all ARP packets on untrusted ports.
    • F、DAI determines the validity of an ARP packet based on the valid MAC address-to-IP address bindings stored in the CAM table.

    正确答案:A,B,D

  • 第18题:

    Which three JUNOS software features allow for increased security on your network?()

    • A、firewall filters
    • B、data encryption
    • C、routing protocol authentication
    • D、support for BGP path mtu discovery
    • E、automatic discovery for IPSEC neighbors

    正确答案:A,B,C

  • 第19题:

    Which three functions are provided by the Junos OS for security platforms?()(Choose three.)

    • A、VPN establishment
    • B、stateful ARP lookups
    • C、Dynamic ARP inspection
    • D、Network Address Translation
    • E、inspection of packets at higher levels (Layer 4 and above)

    正确答案:A,D,E

  • 第20题:

    多选题
    Which three functions are provided by JUNOS Software for security platforms?()
    A

    VPN establishment

    B

    stateful ARP lookups

    C

    Dynamic ARP inspection

    D

    Network Address Translation

    E

    inspection of packets at higher levels (Layer 4 and above)


    正确答案: E,C
    解析: 暂无解析

  • 第21题:

    单选题
    On a Company switch named R1 you configure the following:  iparp inspection vlan 10-12, 15   What is the purpose of this global configuration command made on R1?()
    A

     Discards ARP packets with invalid IP-to-MAC address bindings on trusted ports

    B

     Validates outgoing ARP requests for interfaces configured on VLAN 10, 11, 12, or 15

    C

     Intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings

    D

     Intercepts all ARP requests and responses on trusted ports

    E

     None of the other alternatives apply


    正确答案: A
    解析: 暂无解析

  • 第22题:

    多选题
    Which three functions are provided by the Junos OS for security platforms?()(Choose three.)
    A

    VPN establishment

    B

    stateful ARP lookups

    C

    Dynamic ARP inspection

    D

    Network Address Translation

    E

    inspection of packets at higher levels (Layer 4 and above)


    正确答案: C,E
    解析: 暂无解析

  • 第23题:

    多选题
    Which three statements are true about DAI?()
    A

    DAI intercept all ARP packets on untrusted ports

    B

    DAI determines the validity of an ARP packet based on the valid MAC address-to-IP address bindings stored in the DHCP Snooping database.

    C

    DAI is used to prevent against a DHCP Snooping attack.

    D

    DAI forwards all ARP packets received on a trusted interface without any checks.

    E

    DAI forwards all ARP packets on untrusted ports.

    F

    DAI determines the validity of an ARP packet based on the valid MAC address-to-IP address bindings stored in the CAM table.


    正确答案: F,E
    解析: 暂无解析

相关内容