单选题In the exhibit, you decided to change myHosts addresses. [edit security policies] user@host# show from-zone Private to-zone External { policy MyTraffic { match { source-address myHosts; destination-address ExtServers;application [ junos-ftp junos-bgp ]; } then { permit { tunnel { ipsec-vpn vpnTunnel; } } } } } policy-rematch; What will happen to the new sessions matching the policy and in-progress sessions that hadalready matched the policy?()ANew sessions will be evaluated. In-progress sessions will be re-evaluated.BNew sessions will be evaluated. All in-progress sessions will continue.CNew sessions will be evaluated. All in-progress sessions will be dropped.DNew sessions will halt until all in-progress sessions are re-evaluated. In-progress sessions will be re-evaluated and possibly dropped.
单选题
In the exhibit, you decided to change myHosts addresses. [edit security policies] user@host# show from-zone Private to-zone External { policy MyTraffic { match { source-address myHosts; destination-address ExtServers;application [ junos-ftp junos-bgp ]; } then { permit { tunnel { ipsec-vpn vpnTunnel; } } } } } policy-rematch; What will happen to the new sessions matching the policy and in-progress sessions that hadalready matched the policy?()
A
New sessions will be evaluated. In-progress sessions will be re-evaluated.
B
New sessions will be evaluated. All in-progress sessions will continue.
C
New sessions will be evaluated. All in-progress sessions will be dropped.
D
New sessions will halt until all in-progress sessions are re-evaluated. In-progress sessions will be re-evaluated and possibly dropped.
参考解析
解析:
暂无解析
相关考题:
多选题You are creating a destination NAT rule-set. Which two are valid for use with the from clause?()Asecurity policyBinterfaceCrouting-instanceDIP address
单选题Which statement describes the behavior of a security policy?()AThe implicit default security policy permits all traffic.BTraffic destined to the device itself always requires a security policy.CTraffic destined to the device’s incoming interface does not require a security policy.DThe factory-default configuration permits all traffic from all interfaces.
多选题Which three methods of source NAT does JUNOS Software support?()Ainterface-based source NATBsource NAT with address shiftingCsource NAT using static source poolDinterface-based source NAT without PATEsource NAT with address shifting and PAT
多选题Which two are uses of NAT?()Aenabling network migrationsBconserving public IP addressesCallowing stateful packet inspectionDpreventing unauthorized connections from outside the network
单选题What is the purpose of an address book?()AIt holds security policies for particular hosts.BIt holds statistics about traffic to and from particular hosts.CIt defines hosts in a zone so they can be referenced by policies.DIt maps hostnames to IP addresses to serve as a backup to DNS resolution.
多选题Which two configuration elements are required for a route-based VPN?()Asecure tunnel interfaceBsecurity policy to permit the IKE trafficCa route for the tunneled transit trafficDtunnel policy for transit traffic referencing the IPsec VPN
多选题Which two statements about static NAT are true?()AStatic NAT can only be used with destination NAT.BStatic NAT rules take precedence over overlapping dynamic NAT rules.CDynamic NAT rules take precedence over overlapping static NAT rules.DA reverse mapping is automatically created.
多选题Which two statements are true regarding firewall user authentication?()AWhen configured for pass-through firewall user authentication, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.BWhen configured for Web firewall user authentication only, the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.CIf a JUNOS security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted to perform authentication.DIf a JUNOS security device is configured for Web firewall user authentication, new sessions are automatically intercepted to perform authentication.