考题
单选题Which statement is true about source NAT?()A
Source NAT works only with source pools.B
Destination NAT is required to translate the reply traffic.C
Source NAT does not require a security policy to function.D
The egress interface IP address can be used for source NAT
考题
单选题Prior to applying SCREEN options to drop traffic, you want to determine how your configuration will affect traffic. Which mechanism would you configure to achieve this objective?()A
the log option for the particular SCREEN optionB
the permit option for the particular SCREEN optionC
the SCREEN option, because it does not drop traffic by defaultD
the alarm-without-drop option for the particular SCREEN option
考题
单选题Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }A
set policy tunnel-traffic then tunnel remote-vpnB
set policy tunnel-traffic then permit tunnel remote-vpnC
set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permitD
set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn
考题
单选题What is the functionality of redundant interfaces (reth) in a chassis cluster?()A
reth interfaces are used only for VRRP.B
reth interfaces are the same as physical interfaces.C
reth interfaces are pseudo-interfaces that are considered the parent interface for two physical interfaces.D
Each cluster member has a reth interface that can be used to share session state information with the other cluster members.
考题
单选题By default, which condition would cause a session to be removed from the session table?()A
Route entry for the session changed.B
Security policy for the session changed.C
The ARP table entry for the source IP address timed out.D
No traffic matched the session during the timeout period.
考题
单选题What is the purpose of a zone in JUNOS Software?()A
A zone defines a group of security devices with a common management.B
A zone defines the geographic region in which the security device is deployed.C
A zone defines a group of network segments with similar security requirements.D
A zone defines a group of network segments with similar class-of-service requirements.