You have configured a firewall filter with a single term matching on packets with a source address in the 10.0.0.0/24 subnet. This term only includes the count action.Which two statements are true about traffic evaluated by this firewall filter?()A、Packets within the 10.0.0.0/24 subnet will be accepted.B、Packets within the 10.0.0.0/24 subnet will be rejected.C、Packets within the 10.0.0.0/24 subnet will be counted.D、Packets within the 10.0.0.0/24 subnet will not be counted.
You have configured a firewall filter with a single term matching on packets with a source address in the 10.0.0.0/24 subnet. This term only includes the count action.Which two statements are true about traffic evaluated by this firewall filter?()
- A、Packets within the 10.0.0.0/24 subnet will be accepted.
- B、Packets within the 10.0.0.0/24 subnet will be rejected.
- C、Packets within the 10.0.0.0/24 subnet will be counted.
- D、Packets within the 10.0.0.0/24 subnet will not be counted.
相关考题:
You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI).To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer?()A. CLIB. WebUIC. NSMD. Junos Pulse Access Control Service
You have a firewall filter applied in an inbound direction on a customer interface. You would like this filter to protect your network from a spoofed denial of service attack. Which action should be configured to accomplish your goal?()A. then rejectB. then discardC. then next filterD. then silent-drop
You have a firewall filter containing two terms applied in an inbound direction on a customer interface.You would like this filter to protect your network from a spoofed denial of service attack. Which match criterion should be configured ito identify unwanted packets?()A. from source-portB. from source-addressC. from destination-addressD. from destination-port
You have a firewall filter containing two terms applied in an inbound direction on a customer interface.You would like this filter to protect your network from a spoofed denial of service attack. Which match criterion should be configured ito identify unwanted packets?()A、from source-portB、from source-addressC、from destination-addressD、from destination-port
Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one on the outside interface. BGP has been configured so the two routers should peer, including the correct BGP session endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good first test to see if BGP will work across the firewall?()A、Attempt to TELNET from the router connected to the inside of the firewall to the router connected to the outside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data.B、Ping from the router connected to the inside interface of the firewall to the router connected to the outside interface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transport packets.C、There is no way to make BGP work across a firewall without special configuration, so there is no simple test that will show you if BGP will work or not, other than trying to start the peering session.D、There is no way to make BGP work across a firewall.
You work as a network engineer for the company, you want to configure two BGP speakers to form an EBGP session across a firewall. On the engineer’s network, the firewall always permits TCP sessions that are initiated from the inside network (the network attached to the inside interface of the firewall). What prerequisite is there for enabling BGP to run on this network?()A、EBGP multihop will need to be configured for this to work.B、This should work with normal BGP peering, with no additional configuration on the BGP speakers or the firewall.C、The BGP protocol port must be opened on the firewallD、There is no way to make BGP work across a firewall.
You have a firewall filter applied in an inbound direction on a customer interface. You would like this filter to protect your network from a spoofed denial of service attack. Which action should be configured to accomplish your goal?()A、then rejectB、then discardC、then next filterD、then silent-drop
You have a server that runs Windows Server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do()A、 From Windows Firewall, add an exceptionB、 From windows Firewall enable the block all incoming connections optionC、 From the Windows Firewall with Advanced Security snap-in, create an inbound ruleD、 From the Windows Firewall with Advanced Security snap-in, create an outbound rule.
You have a server that runs windows server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do?()A、From windows firewall, add an exception.B、From windows firewall enable the block all incoming connections option.C、From the windows firewall with advanced security snap-in, create an inbound rule.D、From the windows firewall with advanced security snap-in, create an outbound rule.
Your company has a server that runs Windows Server 2008 R2. The server is configured as a remoteaccess server. The external firewall has TCP port 80 and TCP port 443 open for remoteconnections. You have a home computer that runs Windows 7. You need to establish secure remote accessconnection from the home computer to the remote access server. Which type of connection should you configure? ()A、IPSECB、L2TPC、PPTPD、SSTP
You are the Exchange administrator of the Xxx Corporation’s Exchange 2010 organization.You have configured a Database Availability Group (DAG) named DAG01.You need to change the replication port used by the DAG.What are two things that you must do?()A、Use the Exchange Management Console (EMC) to change the TCP port used for replication.B、Use the Exchange Management Shell to change the TCP port used for replication.C、Modify the Windows Firewall exceptions on each member of the DAG to open the replication port.D、Modify the Windows Firewall exceptions on the witness server of the DAG to open the replication port.E、Use the Exchange Management Shell to configure the DAG IP address of 0.0.0.0.F、Use the Exchange Management Shell to change the DAG IP address to 127.0.0.1.
单选题You have just configured the network interface on systemA . The following information is From systemB, you test the network connectivity by sending ICMP ECHO_REQUEST packets to systemA. The following message is displayed: no answer from systemA What is most likely the problem?()A The interface is not plumbed.B The interface is not configured.C The interface does not have valid routes configured.D The interface is not marked as
多选题You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI). To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer?()ACLIBWebUICNSMDJunos Pulse Access Control Service
单选题You deploy Windows Server 2008 VPN server behind a firewall. Remote users connect to the VPN by using portable computers that run Windows Vista with the latest service pack. The firewall is configured to allow only secured web communications. You need to enable remote users to connect as securely as possible. you must achieve this goal without opening any additional ports on the firewall. What should you do ( )?ACreate an IPsec tunnelBCreate an SSTP VPN connectionCCreate a PPTP VPN connectionDCreate an L2TP VPN connection
单选题You deploy a Windows Server 2008 VPN server behind a firewall. Remote users connect to the VPN by using portable computers that run Windows Vista with the latest service pack. The firewall is configured to allow only secured Web communications. You need to enable remote users to connect as securely as possible. You must achieve this goal without opening any additional ports on the firewall.What should you do?()ACreate an IPsec tunnel.BCreate an SSTP VPN connection.CCreate a PPTP VPN connection.DCreate an L2TP VPN connection.
单选题You have a server that runs Windows Server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do()A From Windows Firewall, add an exceptionB From windows Firewall enable the block all incoming connections optionC From the Windows Firewall with Advanced Security snap-in, create an inbound ruleD From the Windows Firewall with Advanced Security snap-in, create an outbound rule.
单选题The LAN-side of the Teleworker router is assigned private IP address space (RFC1918), and the VPN topology is IPSec-only (no GRE protocol). When is it required to configure NAT/pNAT on the Teleworker router?()Awhen all access to the Internet is through the IPSec tunnelBwhen there is direct Internet access via split-tunnelingCwhen there is no Internet access configured through the Teleworker routerDwhenever you have IOS-Firewall (CBAC) configured
多选题You have configured a firewall filter with a single term matching on packets with a source address in the 10.0.0.0/24 subnet. This term only includes the count action.Which two statements are true about traffic evaluated by this firewall filter?()APackets within the 10.0.0.0/24 subnet will be accepted.BPackets within the 10.0.0.0/24 subnet will be rejected.CPackets within the 10.0.0.0/24 subnet will be counted.DPackets within the 10.0.0.0/24 subnet will not be counted.
单选题Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one on the outside interface. BGP has been configured so the two routers should peer, including the correct BGP session endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good first test to see if BGP will work across the firewall?()AAttempt to TELNET from the router connected to the inside of the firewall to the router connected to the outside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data.BPing from the router connected to the inside interface of the firewall to the router connected to the outside interface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transport packets.CThere is no way to make BGP work across a firewall without special configuration, so there is no simple test that will show you if BGP will work or not, other than trying to start the peering session.DThere is no way to make BGP work across a firewall.
多选题You are the Exchange administrator of the Xxx Corporation’s Exchange 2010 organization.You have configured a Database Availability Group (DAG) named DAG01.You need to change the replication port used by the DAG.What are two things that you must do?()AUse the Exchange Management Console (EMC) to change the TCP port used for replication.BUse the Exchange Management Shell to change the TCP port used for replication.CModify the Windows Firewall exceptions on each member of the DAG to open the replication port.DModify the Windows Firewall exceptions on the witness server of the DAG to open the replication port.EUse the Exchange Management Shell to configure the DAG IP address of 0.0.0.0.FUse the Exchange Management Shell to change the DAG IP address to 127.0.0.1.