单选题 You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality?()
[edit interfaces]
[edit security zones]
[edit system services]
[edit security interfaces]
单选题 Which statement is true about a NAT rule action of off?()
The NAT action of off is only supported for destination NAT rule-sets.
The NAT action of off is only supported for source NAT rule-sets.
The NAT action of off is useful for detailed control of NAT
The NAT action of off is useful for disabling NAT when a pool is exhausted.
多选题 Which two statements describe the purpose of a security policy?()
It enables traffic counting and logging.
It enforces a set of rules for transit traffic.
It controls host inbound services on a zone.
It controls administrator rights to access the device.
单选题 What is a redundancy group in JUNOS Software?()
a set of chassis clusters that fail over as a group
a set of devices that participate in a chassis cluster
a set of VRRP neighbors that fail over as a group
a set of chassis cluster objects that fail over as a group
单选题 You want to allow your device to establish OSPF adjacencies with a neighboring device connected tointerface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()
[edit security policies from-zone HR to-zone HR]
[edit security zones functional-zone management protocols]
[edit security zones protocol-zone HR host-inbound-traffic]
[edit security zones security-zone HR host-inbound-traffic protocols]
单选题 Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thursday { start-time 07:00:00 stop-time 18:00:00; } } [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }
The traffic is permitted through the myTunnel IPsec tunnel only on Tuesdays.
The traffic is permitted through the myTunnel IPsec tunnel daily, with the exception of Mondays.
The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.
The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am
单选题 Which attribute is required for all IKE phase 2 negotiations?()
proxy-ID
preshared key
Diffie-Hellman group key
main or aggressive mode
多选题 Which two statements are true about pool-based destination NAT?()
It also supports PAT.
PAT is not supported.
It allows the use of an address pool.
It requires you to configure an address in the junos-global zone.
公众号
Copyright © 2020-2020 深圳市题王科技有限公司 All Right Reserved.
粤公网安备 44030402003701号