Which three advanced permit actions within security policies are valid?() (Choose three.)A、Mark permitted traffic for firewall user authentication.B、Mark permitted traffic for SCREEN options.C、Associate permitted traffic with an IPsec tunnel.D、Associate permitted traffic with a NAT rule.E、Mark permitted traffic for IDP processing.
Which three advanced permit actions within security policies are valid?() (Choose three.)
- A、Mark permitted traffic for firewall user authentication.
- B、Mark permitted traffic for SCREEN options.
- C、Associate permitted traffic with an IPsec tunnel.
- D、Associate permitted traffic with a NAT rule.
- E、Mark permitted traffic for IDP processing.
相关考题:
Click the Exhibit button.Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? ()(Choose two.)A. DNS traffic is denied.B. HTTP traffic is denied.C. FTP traffic is permitted.D. SMTP traffic is permitted.
Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.) A. MIME patternB. file extensionC. IP spoofingD. POP3E. protocol command
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.) A. Traffic is permitted from the trust zone to the untrust zone.B. Intrazone traffic in the trust zone is permitted.C. All traffic through the device is denied.D. The policy is matched only when no other matching policies are found.
Referring to the exhibit, you are asked to rate-limit traffic from Web-Server to the subnet where Mal-User is located. All other traffic should be permitted. Which firewall filter configuration do you use?()A.B.C.D.
Referring to the exhibit, you want to block HTTP access to Web-Server from the subnet where Mal-User is located. All other traffic should be permitted.Which firewall filter configuration do you use?() A.B.C.D.
Which three advanced permit actions within security policies are valid?() (Choose three.) A. Mark permitted traffic for firewall user authentication.B. Mark permitted traffic for SCREEN options.C. Associate permitted traffic with an IPsec tunnel.D. Associate permitted traffic with a NAT rule.E. Mark permitted traffic for IDP processing.
On which three traffic types does firewall pass-through authentication work? ()(Choose three.) A. pingB. FTPC. TelnetD. HTTPE. HTTPS
Based on the configuration shown in the exhibit, what will happen to the traffic matching the securitypolicy?() A. The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.B. The traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.C. The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.D. The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.
What are three characteristics of a service tunnel? ()(Choose three.) A. It is bidirectional.B. It carries optimized traffic.C. It can carry traffic using UDP.D. It is formed only within a community
What are three benefits of the Cisco Adaptive Threat Defense strategy? (Choose three.) ()A、 using QoS techniques such as Traffic Policing to rate limit suspected traffic to prevent DoS attacksB、 automatic reconfiguration s of the security devices based on current security threatsC、 containment and control of security threatsD、 application securityE、 anti-x defense F- virtual firewall
Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thursday { start-time 07:00:00 stop-time 18:00:00; } } [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }A、The traffic is permitted through the myTunnel IPsec tunnel only on Tuesdays.B、The traffic is permitted through the myTunnel IPsec tunnel daily, with the exception of Mondays.C、The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.D、The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am
Which three statistics does the Executive report summarize?() (Choose three.)A、latency and lossB、compression resultsC、traffic (by application)D、CRC and alignment errorsE、user access (by username)
Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true?() [edit security policies from-zone HR to-zone trust] user@host# show policy one { match { source-address any; destination-address any; application [ junos-http junos-ftp ]; } then { permit; } } policy two { match { source-address host_a; destination-address host_b; application [ junos-http junos-smtp ]; } then { deny; } }A、DNS traffic is denied.B、HTTP traffic is denied.C、FTP traffic is permitted.D、SMTP traffic is permitted.
On which three traffic types does firewall pass-through authentication work? ()(Choose three.)A、pingB、FTPC、TelnetD、HTTPE、HTTPS
Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }A、set policy tunnel-traffic then tunnel remote-vpnB、set policy tunnel-traffic then permit tunnel remote-vpnC、set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permitD、set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn
Which three advanced permit actions within security policies are valid?()A、Mark permitted traffic for firewall user authentication.B、Mark permitted traffic for SCREEN options.C、Associate permitted traffic with an IPsec tunnel.D、Associate permitted traffic with a NAT rule.E、Mark permitted traffic for IDP processing.
What are three characteristics of a service tunnel? ()(Choose three.)A、It is bidirectional.B、It carries optimized traffic.C、It can carry traffic using UDP.D、It is formed only within a community
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)A、Traffic is permitted from the trust zone to the untrust zone.B、Intrazone traffic in the trust zone is permitted.C、All traffic through the device is denied.D、The policy is matched only when no other matching policies are found.
Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.)A、MIME patternB、file extensionC、IP spoofingD、POP3E、protocol command
Given the configuration shown in the exhibit, which statement is true about traffic from host_ato host_b?() [edit security policies from-zone HR to-zone trust] user@host# showpolicy two { match { source-address subnet_a; destination-address host_b; application [ junos-telnet junos-ping ]; } then { reject; } } policy one { match { source-address host_a; destination-address subnet_b; application any; } then { permit; } } host_a is in subnet_a and host_b is in subnet_b.A、DNS traffic is denied.B、Telnet traffic is denied.C、SMTP traffic is denied.D、Ping traffic is permitted
单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching the security policy?()A The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.B The traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.C The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.D The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.
多选题What are three benefits of the Cisco Adaptive Threat Defense strategy? (Choose three.) ()Ausing QoS techniques such as Traffic Policing to rate limit suspected traffic to prevent DoS attacksBautomatic reconfiguration s of the security devices based on current security threatsCcontainment and control of security threatsDapplication securityEanti-x defense F- virtual firewall
多选题Which three advanced permit actions within security policies are valid?()AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic with a NAT rule.EMark permitted traffic for IDP processing.
多选题On which three traffic types does firewall pass-through authentication work? ()(Choose three.)ApingBFTPCTelnetDHTTPEHTTPS
多选题Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.)AMIME patternBfile extensionCIP spoofingDPOP3Eprotocol command
多选题Which three advanced permit actions within security policies are valid?() (Choose three.)AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic with a NAT rule.EMark permitted traffic for IDP processing.
多选题Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)ATraffic is permitted from the trust zone to the untrust zone.BIntrazone traffic in the trust zone is permitted.CAll traffic through the device is denied.DThe policy is matched only when no other matching policies are found.