网友您好, 请在下方输入框内输入要搜索的题目:

题目内容 (请给出正确答案)
单选题
The SRX device receives a packet and determines that it does not match an existing session.After SCREEN options are evaluated, what is evaluated next?()
A

source NAT

B

destination NAT

C

route lookup

D

zone lookup

参考答案

参考解析
解析: 暂无解析
更多 “单选题The SRX device receives a packet and determines that it does not match an existing session.After SCREEN options are evaluated, what is evaluated next?()A source NATB destination NATC route lookupD zone lookup” 相关考题
考题 Router VE1 has just received a packet and needs to route it. What two actions must this router take in order to route incoming packets? (Choose two)A. Inspect the routing table to select the best path to the destination network addresses.B. Validate sources of routing information.C. Inspect the ARP table to verify a legitimate source MAC address for each packet.D. Identify the destination network address of each packet.E. Verify the receipt of routed packets by the next hop router.F. Identify the source network address of each packet.
查看答案
考题 Which element occurs first during the first-packet-path processing?() A. destination NATB. forwarding lookupC. route lookupD. SCREEN options
查看答案
考题 When an SRX series device receives an ESP packet, what happens?() A. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, it willB. If the destination IP address in the outer IP header of ESP does not match the IP address of the ingress interface, it willC. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based packet.D. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based of inner header, it will decrypt the packet.
查看答案
考题 Intheexhibit,youdecidedtochangemyHostsaddresses.[editsecuritypolicies]user@hostshowfrom-zonePrivateto-zoneExternal{policyMyTraffic{match{source-addressmyHosts;destination-addressExtServers;application[junos-ftpjunos-bgp];}then{permit{tunnel{ipsec-vpnvpnTunnel;}}}}}policy-rematch;Whatwillhappentothenewsessionsmatchingthepolicyandin-progresssessionsthathadalreadymatchedthepolicy?()A.Newsessionswillbeevaluated.In-progresssessionswillbere-evaluated.B.Newsessionswillbeevaluated.Allin-progresssessionswillcontinue.C.Newsessionswillbeevaluated.Allin-progresssessionswillbedropped.D.Newsessionswillhaltuntilallin-progresssessionsarere-evaluated.In-progresssessionswillbere-evaluatedandpossiblydropped.
查看答案
考题 A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone.Which configuration statement would correctly accomplish this task?()A. from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }B. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }C. from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }D. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
查看答案
考题 After applying the policy-rematch statement under the security policies stanza, what would happen to an existing flow if the policy source address or the destination address is changed and committed?()A. The Junos OS drops any flow that does not match the source address or destination address.B. All traffic is dropped.C. All existing sessions continue.D. The Junos OS does a policy re-evaluation.
查看答案
考题 The SRX device receives a packet and determines that it does not match an existing session.After SCREEN options are evaluated, what is evaluated next?() A. source NATB. destination NATC. route lookupD. zone lookup
查看答案
考题 What happens to the 66.66.66/24 route when it is evaluated by this policy? () A. The route does not match this policy.B. The route is rejected.C. The route is accepted.D. The route is accepted, then rejected.
查看答案
考题 Regarding PAR (Positive Acknowledgement and Re-transmission), which of the answer choices below are correct?() A. The source device will only retransmit lost packets on the request of the destination device.B. The source device starts a timer when it sends a segment and retransmits if an acknowledgment is not received before the timer expires.C. The destination device acknowledges receipt of a segment by sending a packet with a new sequence number and the ACK bit sent.D. The destination device acknowledges receipt of a segment by sending a packet that indicates the next sequence number it expects.E. If the destination device does not receive a segment, all segments are retransmitted.F. The source device keeps a record of all segments sent and expects and acknowledgment of each.
查看答案
考题 After applying the policy-rematch statement under the security policies stanza, what would happen to an existing flow if the policy source address or the destination address is changed and committed?()A、The Junos OS drops any flow that does not match the source address or destination address.B、All traffic is dropped.C、All existing sessions continue.D、The Junos OS does a policy re-evaluation.
查看答案
考题 In the exhibit, you decided to change myHosts addresses. [edit security policies] user@host# show from-zone Private to-zone External { policy MyTraffic { match { source-address myHosts; destination-address  ExtServers;application  [ junos-ftp junos-bgp ]; } then { permit { tunnel { ipsec-vpn vpnTunnel; } } } } } policy-rematch; What will happen to the new sessions matching the policy and in-progress sessions that hadalready matched the policy?()A、New sessions will be evaluated. In-progress sessions will be re-evaluated.B、New sessions will be evaluated. All in-progress sessions will continue.C、New sessions will be evaluated. All in-progress sessions will be dropped.D、New sessions will halt until all in-progress sessions are re-evaluated. In-progress sessions will be re-evaluated and possibly dropped.
查看答案
考题 A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone. Which configuration statement would correctly accomplish this task?()A、from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }B、from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }C、from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }D、from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
查看答案
考题 Which element occurs first during the first-packet-path processing?()A、destination NATB、forwarding lookupC、route lookupD、SCREEN options
查看答案
考题 Given the following policy, what happens when the 1.1/17 route is evaluated?() [edit policy-options] policy-statement test { from { route-filter 0/0 orlonger accept; route-filter 1.1/17 upto /24 reject; route-filter 1.1/18 exact; } then { metric 6; accept; }A、The route does not match this policy.B、The route is accepted.C、The route is rejected.D、The route is accepted with a metric of 6.
查看答案
考题 The SRX device receives a packet and determines that it does not match an existing session.After SCREEN options are evaluated, what is evaluated next?()A、source NATB、destination NATC、route lookupD、zone lookup
查看答案
考题 Which type of source NAT is configured in the exhibit?() [edit security nat destination] user@host# show pool A { address 10.1.10.5/32; } rule-set 1 { from zone untrust; rule 1A { match { destination-address 100.0.0.1/32; } then { destination-nat pool A; } } }A、static destination NATB、static source NATC、pool-based destination NAT without PATD、pool-based destination NAT with PAT
查看答案
考题 In the configuration shown in the exhibit, you decided to eliminate the junos-ftp applicationfrom the match condition of the policy MyTraffic. [edit security policies] user@hostl# show from-zone Private to-zone External { policy MyTraffic { match { source-address myHosts; destination-address ExtServers; application [ junos-ftp junos-bgp ]; } then { permit { tunnel { ipsec-vpn vpnTunnel; } } } } } policy-rematch; What will happen to the existing FTP and BGP sessions?()A、The existing FTP and BGP sessions will continue.B、The existing FTP and BGP sessions will be re-evaluated and only FTP sessions will be dropped.C、The existing FTP and BGP sessions will be re-evaluated and all sessions will be dropped.D、The existing FTP sessions will continue and only the existing BGP sessions will be dropped.
查看答案
考题 If the PFE does not have a route to the destination address of a packet, which action will be taken?()A、The PFE floods the packet out of all interfaces.B、The PFE drops the packet and sends a destination unreachable notification back to source device.C、The PFE forwards the packet to the routing engine for furtherprocessing.D、The PFE queues the packet and sends are quest for a layer3 lookup to the routing engine.
查看答案
考题 Which type of source NAT is configured in the exhibit?() [edit security nat source] user@host# show rule-set 1 { from interface ge-0/0/2.0; to zone untrust; rule 1A {match { destination-address 1.1.70.0/24; } then { source-nat interface; } } }A、interface-based source NATB、static source NATC、pool-based source NAT with PATD、pool-based source NAT without PAT
查看答案
考题 When an SRX series device receives an ESP packet, what happens?()A、If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, it willB、If the destination IP address in the outer IP header of ESP does not match the IP address of the ingress interface, it willC、If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based packet.D、If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based of inner header, it will decrypt the packet.
查看答案
考题 单选题In the configuration shown in the exhibit, you decided to eliminate the junos-ftp applicationfrom the match condition of the policy MyTraffic. [edit security policies] user@hostl# show from-zone Private to-zone External { policy MyTraffic { match { source-address myHosts; destination-address ExtServers; application [ junos-ftp junos-bgp ]; } then { permit { tunnel { ipsec-vpn vpnTunnel; } } } } } policy-rematch; What will happen to the existing FTP and BGP sessions?()A The existing FTP and BGP sessions will continue.B The existing FTP and BGP sessions will be re-evaluated and only FTP sessions will be dropped.C The existing FTP and BGP sessions will be re-evaluated and all sessions will be dropped.D The existing FTP sessions will continue and only the existing BGP sessions will be dropped.
查看答案
考题 单选题A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone. Which configuration statement would correctly accomplish this task?()A from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }B from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }C from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }D from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
查看答案
考题 单选题After applying the policy-rematch statement under the security policies stanza, what would happen to an existing flow if the policy source address or the destination address is changed and committed?()A The Junos OS drops any flow that does not match the source address or destination address.B All traffic is dropped.C All existing sessions continue.D The Junos OS does a policy re-evaluation.
查看答案
考题 单选题If the PFE does not have a route to the destination address of a packet, which action will be taken?()A The PFE floods the packet out of all interfaces.B The PFE drops the packet and sends a destination unreachable notification back to source device.C The PFE forwards the packet to the routing engine for furtherprocessing.D The PFE queues the packet and sends are quest for a layer3 lookup to the routing engine.
查看答案
考题 单选题When an SRX series device receives an ESP packet, what happens?()A If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, it willB If the destination IP address in the outer IP header of ESP does not match the IP address of the ingress interface, it willC If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based packet.D If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based of inner header, it will decrypt the packet.
查看答案
考题 单选题In the exhibit, you decided to change myHosts addresses. [edit security policies] user@host# show from-zone Private to-zone External { policy MyTraffic { match { source-address myHosts; destination-address  ExtServers;application  [ junos-ftp junos-bgp ]; } then { permit { tunnel { ipsec-vpn vpnTunnel; } } } } } policy-rematch; What will happen to the new sessions matching the policy and in-progress sessions that hadalready matched the policy?()A New sessions will be evaluated. In-progress sessions will be re-evaluated.B New sessions will be evaluated. All in-progress sessions will continue.C New sessions will be evaluated. All in-progress sessions will be dropped.D New sessions will halt until all in-progress sessions are re-evaluated. In-progress sessions will be re-evaluated and possibly dropped.
查看答案
考题 单选题Given the following policy, what happens when the 1.1/17 route is evaluated?() [edit policy-options] policy-statement test { from { route-filter 0/0 orlonger accept; route-filter 1.1/17 upto /24 reject; route-filter 1.1/18 exact; } then { metric 6; accept; }A The route does not match this policy.B The route is accepted.C The route is rejected.D The route is accepted with a metric of 6.
查看答案
热门标签
最新试卷