当前分类: JN0-331
问题:单选题Which statement is true about source NAT?()A Source NAT works only with source pools.B Destination NAT is required to translate the reply traffic.C Source NAT does not require a security policy to function.D The egress interface IP address can be used ...
查看答案
问题:多选题Which two parameters are configured in IPsec policy?()AmodeBIKE gatewayCsecurity proposalDPerfect Forward Secrecy...
问题:多选题What are two uses of NAT?()Aconserving public IP addressesBallowing stateful packet inspectionCpreventing unauthorized connections from outside the networkDallowing networks with overlapping private address space to communicate...
问题:单选题What is the default session timeout for UDP sessions?()A 30 secondsB 1 minuteC 5 minutesD 30 minutes...
问题:多选题Which two statements are true regarding firewall user authentication?()AWhen configured for pass-through firewall user authentication, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.B...
问题:多选题Which two steps are performed when configuring a zone?()ADefine a default policy for the zone.BAssign logical interfaces to the zone.CAssign physical interfaces to the zone.DDefine the zone as a security or functional zone...
问题:多选题Users can define policy to control traffic flow between which two components?()Afrom a zone to the device itselfBfrom a zone to the same zoneCfrom a zone to a different zoneDfrom one interface to another interface...
问题:多选题Which two configuration options must be present for IPv4 transit traffic to pass between the ge-0/0/0.0 andge-0/0/2.0 interfaces?()Afamily inetBa security zoneCa routing instanceDhost-inbound-traffic...
问题:多选题Which two statements about the Diffie-Hellman (DH) key exchange process are correct?()AIn the DH key exchange process, the session key is never passed across the network.BIn the DH key exchange process, the public and private keys are mathematically re...
问题:单选题Which zone is a system-defined zone?()A null zoneB trust zoneC untrust zoneD management zone...
问题:多选题Which three statements are true when working with high-availability clusters?()AThe valid cluster-id range is between 0 and 255.BJUNOS security devices can belong to more than one cluster if cluster virtualization is enabled.CIf the cluster-id value is...
问题:多选题Which three methods of source NAT does JUNOS Software support?()Ainterface-based source NATBsource NAT with address shiftingCsource NAT using static source poolDinterface-based source NAT without PATEsource NAT with address shifting and PAT...
问题:单选题In a chassis cluster with two SRX 5800 devices, the interface ge-13/0/0 belongs to which device?()A This interface is a system-created interface.B This interface belongs to node 0 of the cluster.C This interface belongs to node 1 of the cluster.D This ...
问题:多选题What are three main phases of an attack?()ADoSBexploitCpropagationDport scanningEreconnaissance...
问题:多选题Which two security policy actions are valid?()AdenyBdiscardCrejectDclose...
问题:单选题Which statement regarding the implementation of an IDP policy template is true?()A IDP policy templates are automatically installed as the active IDP policy.B IDP policy templates are enabled using a commit script.C IDP policy templates can be download...
问题:单选题Which statement describes the behavior of source NAT with address shifting?()A Source NAT with address shifting translates both the source IP address and the source port of a packet.B Source NAT with address shifting defines a one-to-one mapping from a...
问题:多选题Which two statements regarding external authentication servers for firewall userauthentication are true?()AUp to three external authentication server types can be used simultaneously.BOnly one external authentication server type can be used simultaneou...
问题:单选题When devices are in cluster mode, which new interfaces are created?()A No new interface is created.B Only the st interface is created.C fxp1, fab0, and fab1 are created.D st,fxp1,reth,fab0,and fab1 are created....
问题:多选题Which two statements about JUNOS Software packet handling are correct?()AJUNOS Software applies service ALGs only for the first packet of a flow.BJUNOS Software uses fast-path processing only for the first packet of a flow.CJUNOS Software performs rout...
