多选题
Which two statements describe the purpose of a security policy?()
It enables traffic counting and logging.
It enforces a set of rules for transit traffic.
It controls host inbound services on a zone.
It controls administrator rights to access the device.
单选题
You want to allow your device to establish OSPF adjacencies with a neighboring device connected tointerface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()
[edit security policies from-zone HR to-zone HR]
[edit security zones functional-zone management protocols]
[edit security zones protocol-zone HR host-inbound-traffic]
[edit security zones security-zone HR host-inbound-traffic protocols]
单选题
What is a redundancy group in JUNOS Software?()
a set of chassis clusters that fail over as a group
a set of devices that participate in a chassis cluster
a set of VRRP neighbors that fail over as a group
a set of chassis cluster objects that fail over as a group
多选题
Which two statements are true about pool-based destination NAT?()
It also supports PAT.
PAT is not supported.
It allows the use of an address pool.
It requires you to configure an address in the junos-global zone.
单选题
Which attribute is required for all IKE phase 2 negotiations?()
proxy-ID
preshared key
Diffie-Hellman group key
main or aggressive mode
多选题
Which two statements are true regarding firewall user authentication?()
When configured for pass-through firewall user authentication, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.
When configured for Web firewall user authentication only, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.
If a JUNOS security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted to perform authentication.
If a JUNOS security device is configured for Web firewall user authentication, new sessions are automatically intercepted to perform authentication.
多选题
Which two functions of JUNOS Software are handled by the data plane?()
NAT
OSPF
SNMP
SCREEN options
单选题
When applying the configuration in the exhibit and initializing a chassis cluster, which statement is correct?() [edit chassis] user@host# show cluster { reth-count 3; redundancy-group 1 { node 0 priority 1; node 1 priority 100; } }
Three physical interfaces are redundant.
You must define an additional redundancy group.
node 0 will immediately become primary for redundancy group 1.
You must issue an operational command and reboot the system for the above configuration to take effect.
单选题
Using a policy with the policy-rematch flag enabled, what happens to the existing and newsessions when you change the policy action from permit to deny?()
The new sessions matching the policy are denied. The existing sessions are dropped.
The new sessions matching the policy are denied. The existing sessions, not being allowed to carry any traffic, simply timeout.
The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.
The new sessions matching the policy are denied. The existing sessions continue until they are completed or their timeout is reached.
