Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?() A. The new sessions matching the policy are denied. The existing sessions are dropped.B. The new sessions matching the policy are denied. The existingsessions, not being allowed tocarry any traffic, simply timeout.C. The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.D. The new sessions matching the policy are denied. The existing sessions continue until they are completed or their time.
Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?()
A. The new sessions matching the policy are denied. The existing sessions are dropped.
B. The new sessions matching the policy are denied. The existingsessions, not being allowed tocarry any traffic, simply timeout.
C. The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.
D. The new sessions matching the policy are denied. The existing sessions continue until they are completed or their time.
相关考题:
Intheconfigurationshownintheexhibit,youdecidedtoeliminatethejunos-ftpapplicationfromthematchconditionofthepolicyMyTraffic.[editsecuritypolicies]user@hostlshowfrom-zonePrivateto-zoneExternal{policyMyTraffic{match{source-addressmyHosts;destination-addressExtServers;application[junos-ftpjunos-bgp];}then{permit{tunnel{ipsec-vpnvpnTunnel;}}}}}policy-rematch;WhatwillhappentotheexistingFTPandBGPsessions?()A.TheexistingFTPandBGPsessionswillcontinue.B.TheexistingFTPandBGPsessionswillbere-evaluatedandonlyFTPsessionswillbedropped.C.TheexistingFTPandBGPsessionswillbere-evaluatedandallsessionswillbedropped.D.TheexistingFTPsessionswillcontinueandonlytheexistingBGPsessionswillbedropped.
Intheexhibit,youdecidedtochangemyHostsaddresses.[editsecuritypolicies]user@hostshowfrom-zonePrivateto-zoneExternal{policyMyTraffic{match{source-addressmyHosts;destination-addressExtServers;application[junos-ftpjunos-bgp];}then{permit{tunnel{ipsec-vpnvpnTunnel;}}}}}policy-rematch;Whatwillhappentothenewsessionsmatchingthepolicyandin-progresssessionsthathadalreadymatchedthepolicy?()A.Newsessionswillbeevaluated.In-progresssessionswillbere-evaluated.B.Newsessionswillbeevaluated.Allin-progresssessionswillcontinue.C.Newsessionswillbeevaluated.Allin-progresssessionswillbedropped.D.Newsessionswillhaltuntilallin-progresssessionsarere-evaluated.In-progresssessionswillbere-evaluatedandpossiblydropped.
A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone.Which configuration statement would correctly accomplish this task?()A. from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }B. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }C. from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }D. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing a security policy change?() A. policy-rematchB. policy-evaluateC. rematch-policyD. evaluate-policy
Whichactionoccurswhenthepolicymain-policyevaluatestheBGProute10.0.55.2/32?()[editpolicy-options]policy-statementtest{from{route-filter10.0.0.016/orlongeraccept;route-filter10.0.67.0/24orlangerreject;route-filter10.0.0.0/8orlanger;}then{metric10;communityaddno-advertise;accept;}}policy-statementmain-policy{termonly-want-certain-routes{from{policytest;}then{communityaddharry-402;accept;}}}communitynoadvertisemembersno-advertise;communityharry-402members666:402;[editprotocols]bgp{exportmain-policy;}
ABGProuterhasthefollowingconfiguration:protocols{bgp{export[policy-1policy-2policy-3];}}policy-options{policy-statementpolicy-2{termget-statics{fromprotocolstatic;thenaccept;}termreject-all{thenreject;}}policy-statementpolicy-1{termget-aggregate{fromprotocolaggregate;thenaccept;}termreject-all{thenreject;}}policy-statementpolicy-3{termget-ospf{fromprotocolospf;thenaccept;}termreject-all{thenreject;}}}Whichpolicytermisevaluatedfirstwhenexportingroutes?()
WhenconfiguringdualVIOserverstoconnecttoSANbaseddiskinfailovermode,whatsettingmustbeapplied?() A.algorithm=failoverB.algorithm=round_robinC.reserve_policy=no_reserveD.reserve_policy=single_path
ASA/PIXversion7.0introducedModularPolicyFramework(MPF)asanextensiblewaytoclassifytraffic,andthenapplypolicies(oractions)tothattraffic.MPFataminimum requireswhichthreecommands?() A.http-map,tcp-map,class-mapB.class-map,tcp-map,policy-mapC.class-map,policy-map,service-mapD.class-map,service-policy,policy-map
下面是路由器Huawei的部分配置信息,关于该配置信息描述错误的是()system-view[HUAWEI]ip as-path-filter 2 permit_200_300[HUAWEI]route-policy test permit node 10[Huawei-route-policy]if-match as-path-filter 2 A.设置序列号为2的AS路径过滤器,允许路由信息中包含AS200和AS300B.定义一个名为test的Route-Policy,该节点序列好为10C.该Route-Policy的10号节点引用AS路径过滤器为2,并定义了一个if-match子句D.该Route-Policy只能在OSPF进程中进行调用
3、Q-learning属于哪种算法A.On-policy算法B.Off-policy 算法C.Model-based 算法D.Value-based 算法