单选题You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?()A[edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }B[edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }C[edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }D[edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }

单选题
You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?()
A

[edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }

B

[edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }

C

[edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }

D

[edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }

参考解析

解析: 暂无解析

相关考题:

Click the Exhibit button.Referring to the exhibit, which statement contains the correct gateway parameters?() A. [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }B. [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }C. [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }D. [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }
查看答案
Click the Exhibit button.A network administrator receives complaints that the application voicecube is timing out after being idle for 30 minutes.Referring to the exhibit, what is a resolution?() A. [edit] user@host# set applications application voicecube inactivity-timeout neverB. [edit] user@host# set applications application voicecube inactivity-timeout 2C. [edit] user@host# set applications application voicecube destination-port 5060D. [edit] user@host# set security policies from-zone trust to-zone trust policy intrazone then timeout never
查看答案
You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?() A. [edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }B. [edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }C. [edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }D. [edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }
查看答案
You are required to configure a SCREEN option that enables IP source route option detection.Which twoconfigurations meet this requirement?() (Choose two.) A. [edit security screen] user@host# show ids-option protectFromFlood { ip { loose-source-route-option; strict-source-route-option; } }B. [edit security screen] user@host# show ids-option protectFromFlood { ip { source-route-option; } }C. [edit security screen] user@host# show ids-option protectFromFlood { ip { record-route-option; security-option; } }D. [edit security screen] user@host# show ids-option protectFromFlood { ip { strict-source-route-option; record-route-option; } }
查看答案
If both nodes in a chassis cluster initialize at different times, which configuration example will allow you to ensure that the node with the higher priority will become primary for your RGs other than RG0?()A. [edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150;preempt; }B. [edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; monitoring; }C. [edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; control-link-recovery; }D. [edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; strict-priority; }
查看答案
At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.) A. [edit security idp]B. [edit security zones security-zone trust interfaces ge-0/0/0.0]C. [edit security zones security-zone trust]D. [edit security screen]
查看答案
You want to allow your device to establish OSPF adjacencies with a neighboring device connected to interface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()A. [edit security policies from-zone HR to-zone HR]B. [edit security zones functional-zone management protocols]C. [edit security zones protocol-zone HR host-inbound-traffic]D. [edit security zones security-zone HR host-inbound-traffic protocols]
查看答案
The display screen is the most common (72) device used to show you what the computer is doing.A.inputB.printingC.outputD.electronic
查看答案
You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?()A、[edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }B、[edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }C、[edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }D、[edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }
查看答案
Which two statements about the use of SCREEN options are correct? ()(Choose two.)A、SCREEN options offer protection against various attacksB、SCREEN options are deployed prior to route and policy processing in first path packet processingC、SCREEN options are deployed at the ingress and egress sides of a packet flowD、SCREEN options, you must take special care to protect OSPF
查看答案
You want to allow your device to establish OSPF adjacencies with a neighboring device connected tointerface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()A、[edit security policies from-zone HR to-zone HR]B、[edit security zones functional-zone management protocols]C、[edit security zones protocol-zone HR host-inbound-traffic]D、[edit security zones security-zone HR host-inbound-traffic protocols]
查看答案
Which configuration shows the correct application of a security policy scheduler?()A、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } scheduler-name now; } } }B、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }C、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn scheduler-name now; } } } }D、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; scheduler-name now; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }myTunnel;
查看答案
Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone by using an IPsec VPN and log information at the time of session close.Which configuration meets this requirement?()A、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts;destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } log { session-init; } } }B、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } count { session-close; } } }C、[edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN;} } log { session-close; } } }D、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; log; count session-close; } } } }
查看答案
You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality?()A、[edit interfaces]B、[edit security zones]C、[edit system services]D、[edit security interfaces]
查看答案
At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)A、[edit security idp]B、[edit security zones security-zone trust interfaces ge-0/0/0.0]C、[edit security zones security-zone trust]D、[edit security screen]
查看答案
You are required to configure a SCREEN option that enables IP source route option detection.Which twoconfigurations meet this requirement?() (Choose two.)A、[edit security screen] user@host# show ids-option protectFromFlood { ip { loose-source-route-option; strict-source-route-option; } }B、[edit security screen] user@host# show ids-option protectFromFlood { ip { source-route-option; } }C、[edit security screen] user@host# show ids-option protectFromFlood { ip { record-route-option; security-option; } }D、[edit security screen] user@host# show ids-option protectFromFlood { ip { strict-source-route-option; record-route-option; } }
查看答案
Prior to applying SCREEN options to drop traffic, you want to determine how your configuration will affect traffic. Which mechanism would you configure to achieve this objective?()A、the log option for the particular SCREEN optionB、the permit option for the particular SCREEN optionC、the SCREEN option, because it does not drop traffic by defaultD、the alarm-without-drop option for the particular SCREEN option
查看答案
单选题Which type of source NAT is configured in the exhibit?() [edit security nat source] user@host# show rule-set 1 { from interface ge-0/0/2.0; to zone untrust; rule 1A {match { destination-address 1.1.70.0/24; } then { source-nat interface; } } }Ainterface-based source NATBstatic source NATCpool-based source NAT with PATDpool-based source NAT without PAT
查看答案
单选题Which configuration shows the correct application of a security policy scheduler?()A[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } scheduler-name now; } } }B[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }C[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn scheduler-name now; } } } }D[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; scheduler-name now; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }myTunnel;
查看答案
单选题Prior to applying SCREEN options to drop traffic, you want to determine how your configuration will affect traffic. Which mechanism would you configure to achieve this objective?()Athe log option for the particular SCREEN optionBthe permit option for the particular SCREEN optionCthe SCREEN option, because it does not drop traffic by defaultDthe alarm-without-drop option for the particular SCREEN option
查看答案
单选题Click the Exhibit button. Referring to the exhibit, which statement contains the correct gateway parameters?()A [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }B [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike-policy1; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }C [edit security ike] user@host# show gateway ike-phase1-gateway { policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }D [edit security ike] user@host# show gateway ike-phase1-gateway { ike-policy ike1-policy; address 10.10.10.1; dead-peer-detection { interval 20; threshold 5; } external-interface ge-1/0/1.0; }
查看答案
多选题At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)A[edit security idp]B[edit security zones security-zone trust interfaces ge-0/0/0.0]C[edit security zones security-zone trust]D[edit security screen]
查看答案
单选题You want to allow your device to establish OSPF adjacencies with a neighboring device connected to interface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()A[edit security policies from-zone HR to-zone HR]B[edit security zones functional-zone management protocols]C[edit security zones protocol-zone HR host-inbound-traffic]D[edit security zones security-zone HR host-inbound-traffic protocols]
查看答案
单选题Which type of source NAT is configured in the exhibit?() [edit security nat destination] user@host# show pool A { address 10.1.10.5/32; } rule-set 1 { from zone untrust; rule 1A { match { destination-address 100.0.0.1/32; } then { destination-nat pool A; } } }Astatic destination NATBstatic source NATCpool-based destination NAT without PATDpool-based destination NAT with PAT
查看答案
单选题You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality?()A[edit interfaces]B[edit security zones]C[edit system services]D[edit security interfaces]
查看答案
单选题If both nodes in a chassis cluster initialize at different times, which configuration example will allow you to ensure that the node with the higher priority will become primary for your RGs other than RG0?()A[edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150;preempt; }B[edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; monitoring; }C[edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; control-link-recovery; }D[edit chassis cluster] user@host# show redundancy-group 1 { node 0 priority 200; node 1 priority 150; strict-priority; }
查看答案
单选题Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone by using an IPsec VPN and log information at the time of session close.Which configuration meets this requirement?()A[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts;destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } log { session-init; } } }B[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } count { session-close; } } }C[edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN;} } log { session-close; } } }D[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; log; count session-close; } } } }
查看答案
热门标签