当前分类: JN0-331
问题:多选题You are creating a destination NAT rule-set. Which two are valid for use with the from clause?()Asecurity policyBinterfaceCrouting-instanceDIP address...
查看答案
问题:单选题Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net...
问题:单选题An attacker sends a low rate of TCP SYN segments to hosts, hoping that at least one port replies. Which type of an attack does this scenario describe?()A DoSB SYN floodC port scanningD IP address sweep...
问题:多选题Which two statements are true about pool-based destination NAT?()AIt also supports PAT.BPAT is not supported.CIt allows the use of an address pool.DIt requires you to configure an address in the junos-global zone....
问题:单选题You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality?()A [edit interfaces]B [edit security zones]C [edit system services]D [edit security interfaces]...
问题:单选题Your task is to provision the JUNOS security platform to permit transit packets from the Private zone to theExternal zone by using an IPsec VPN and log information at the time of session close. Which configurationmeets this requirement?()A AB BC CD ...
问题:多选题Which two commands can be used to monitor firewall user authentication?()Ashow access firewall-authenticationBshow security firewall-authentication usersCshow security audit logDshow security firewall-authentication history...
问题:单选题Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing asecurity policy change?()A policy-rematchB policy-evaluateC rematch-policyD evaluate-policy...
问题:单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thur...
问题:多选题Which two statements describe the purpose of a security policy?()AIt enables traffic counting and logging.BIt enforces a set of rules for transit traffic.CIt controls host inbound services on a zone.DIt controls administrator rights to access the devic...
问题:多选题Which two statements regarding firewall user authentication client groups are true?()AIndividual clients are configured under client groups in the configuration hierarchy.BClient groups are configured under individual clients in the configuration hiera...
问题:单选题Which statement is true about a NAT rule action of off?()A The NAT action of off is only supported for destination NAT rule-sets.B The NAT action of off is only supported for source NAT rule-sets.C The NAT action of off is useful for detailed control o...
问题:多选题Which two functions of JUNOS Software are handled by the data plane?()ANATBOSPFCSNMPDSCREEN options...
问题:单选题What is the functionality of redundant interfaces (reth) in a chassis cluster?()A reth interfaces are used only for VRRP.B reth interfaces are the same as physical interfaces.C reth interfaces are pseudo-interfaces that are considered the parent interf...
问题:单选题Which attribute is required for all IKE phase 2 negotiations?()A proxy-IDB preshared keyC Diffie-Hellman group keyD main or aggressive mode...
问题:多选题Which two configuration elements are required for a policy-based VPN?()AIKE gatewayBsecure tunnel interfaceCsecurity policy to permit the IKE trafficDsecurity policy referencing the IPsec VPN tunnel...
问题:单选题You must configure a SCREEN option that would protect your device from a session table flood.Which configuration meets this requirement?()A AB BC CD D...
问题:单选题In a chassis cluster with two SRX 5800 devices, the interface ge-13/0/0 belongs to which device?()A This interface is a system-created interface.B This interface belongs to node 0 of the cluster.C This interface belongs to node 1 of the cluster.D This ...
问题:多选题Which two statements are true regarding firewall user authentication?()AWhen configured for pass-through firewall user authentication, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.B...
问题:单选题Given the configuration shown in the exhibit, which configuration object would be used to associate bothNancy and Walter with firewall user authentication within a security policy?() profile ftp-users { client nancy { firewall-user { password "$9$lJ8vL...
