网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
多选题
Which three advanced permit actions within security policies are valid?()
A
Mark permitted traffic for firewall user authentication.
B
Mark permitted traffic for SCREEN options.
C
Associate permitted traffic with an IPsec tunnel.
D
Associate permitted traffic with a NAT rule.
E
Mark permitted traffic for IDP processing.
参考答案
参考解析
解析:
暂无解析
更多 “多选题Which three advanced permit actions within security policies are valid?()AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic with a NAT rule.EMark permitted traffic for IDP processing.” 相关考题
考题
Click the Exhibit button.Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? ()(Choose two.)A. DNS traffic is denied.B. HTTP traffic is denied.C. FTP traffic is permitted.D. SMTP traffic is permitted.
考题
Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.)
A. MIME patternB. file extensionC. IP spoofingD. POP3E. protocol command
考题
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)
A. Traffic is permitted from the trust zone to the untrust zone.B. Intrazone traffic in the trust zone is permitted.C. All traffic through the device is denied.D. The policy is matched only when no other matching policies are found.
考题
Referring to the exhibit, you are asked to rate-limit traffic from Web-Server to the subnet where Mal-User is located. All other traffic should be permitted. Which firewall filter configuration do you use?()A.B.C.D.
考题
Referring to the exhibit, you want to block HTTP access to Web-Server from the subnet where Mal-User is located. All other traffic should be permitted.Which firewall filter configuration do you use?()
A.B.C.D.
考题
Which three advanced permit actions within security policies are valid?() (Choose three.)
A. Mark permitted traffic for firewall user authentication.B. Mark permitted traffic for SCREEN options.C. Associate permitted traffic with an IPsec tunnel.D. Associate permitted traffic with a NAT rule.E. Mark permitted traffic for IDP processing.
考题
Click the Exhibit button.host_a is in subnet_a and host_b is in subnet_b.Given the configuration shown in the exhibit, which statement is true about traffic from host_a to host_b?()
A. DNS traffic is denied.B. Telnet traffic is denied.C. SMTP traffic is denied.D. Ping traffic is permitted.
考题
Based on the configuration shown in the exhibit, what will happen to the traffic matching the securitypolicy?()
A. The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.B. The traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.C. The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.D. The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.
考题
Refer to the exhibit. Which statement is true? ()
A. Only traffic with a destination from 10.10.0.0/19 will be permitted.B. Router RAR1 will accept only route 10.10.0.0/19 from its BGP neighbor.C. Only traffic going to 10.10.0.0/19 will be permitted.D. Router RAR1 will send only route 10.10.0.0/19 to its BGP neighbor.
考题
On the serial interface of a router, an inbound access list is configured to deny all traffic from UDP and TCP ports 21, 23, and 25. All other traffic is permitted. Based on this information, which types of traffic will be allowed through this interface?()A.SMTPB.DNSC.FTPD.TelnetE.HTTPF.POP3
考题
Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thursday { start-time 07:00:00 stop-time 18:00:00; } } [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }A、The traffic is permitted through the myTunnel IPsec tunnel only on Tuesdays.B、The traffic is permitted through the myTunnel IPsec tunnel daily, with the exception of Mondays.C、The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.D、The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am
考题
Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true?() [edit security policies from-zone HR to-zone trust] user@host# show policy one { match { source-address any; destination-address any; application [ junos-http junos-ftp ]; } then { permit; } } policy two { match { source-address host_a; destination-address host_b; application [ junos-http junos-smtp ]; } then { deny; } }A、DNS traffic is denied.B、HTTP traffic is denied.C、FTP traffic is permitted.D、SMTP traffic is permitted.
考题
Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }A、set policy tunnel-traffic then tunnel remote-vpnB、set policy tunnel-traffic then permit tunnel remote-vpnC、set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permitD、set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn
考题
Which statement describes the Authentication Proxy feature?()A、All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.B、A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.C、Prior to responding to a proxy ARP,the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.D、The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.
考题
Which three advanced permit actions within security policies are valid?() (Choose three.)A、Mark permitted traffic for firewall user authentication.B、Mark permitted traffic for SCREEN options.C、Associate permitted traffic with an IPsec tunnel.D、Associate permitted traffic with a NAT rule.E、Mark permitted traffic for IDP processing.
考题
Which three advanced permit actions within security policies are valid?()A、Mark permitted traffic for firewall user authentication.B、Mark permitted traffic for SCREEN options.C、Associate permitted traffic with an IPsec tunnel.D、Associate permitted traffic with a NAT rule.E、Mark permitted traffic for IDP processing.
考题
A firewall filter is applied as an input filter on a transit interface. What three types of traffic will this affect? ()A、inbound traffic transiting the routerB、outbound traffic transiting the routerC、traffic destined to the Routing EngineD、traffic destined to the interface address on which the filter is applied
考题
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)A、Traffic is permitted from the trust zone to the untrust zone.B、Intrazone traffic in the trust zone is permitted.C、All traffic through the device is denied.D、The policy is matched only when no other matching policies are found.
考题
Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.)A、MIME patternB、file extensionC、IP spoofingD、POP3E、protocol command
考题
Given the configuration shown in the exhibit, which statement is true about traffic from host_ato host_b?() [edit security policies from-zone HR to-zone trust] user@host# showpolicy two { match { source-address subnet_a; destination-address host_b; application [ junos-telnet junos-ping ]; } then { reject; } } policy one { match { source-address host_a; destination-address subnet_b; application any; } then { permit; } } host_a is in subnet_a and host_b is in subnet_b.A、DNS traffic is denied.B、Telnet traffic is denied.C、SMTP traffic is denied.D、Ping traffic is permitted
考题
单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching the security policy?()A
The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.B
The traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.C
The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.D
The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.
考题
多选题Click the Exhibit button. host_a is in subnet_a and host_b is in subnet_b. Given the configuration shown in the exhibit, which statement is true about traffic from host_a to host_b?()ADNS traffic is denied.BTelnet traffic is denied.CSMTP traffic is denied.DPing traffic is permitted.
考题
多选题Which three advanced permit actions within security policies are valid?()AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic with a NAT rule.EMark permitted traffic for IDP processing.
考题
多选题Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true?() [edit security policies from-zone HR to-zone trust] user@host# show policy one { match { source-address any; destination-address any; application [ junos-http junos-ftp ]; } then { permit; } } policy two { match { source-address host_a; destination-address host_b; application [ junos-http junos-smtp ]; } then { deny; } }ADNS traffic is denied.BHTTP traffic is denied.CFTP traffic is permitted.DSMTP traffic is permitted.
考题
多选题On the serial interface of a router, an inbound access list is configured to deny all traffic from UDP and TCP ports 21, 23, and 25. All other traffic is permitted. Based on this information, which types of traffic will be allowed through this interface?()ASMTPBDNSCFTPDTelnetEHTTPFPOP3
考题
多选题Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.)AMIME patternBfile extensionCIP spoofingDPOP3Eprotocol command
考题
多选题Which three advanced permit actions within security policies are valid?() (Choose three.)AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic with a NAT rule.EMark permitted traffic for IDP processing.
考题
多选题Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)ATraffic is permitted from the trust zone to the untrust zone.BIntrazone traffic in the trust zone is permitted.CAll traffic through the device is denied.DThe policy is matched only when no other matching policies are found.
热门标签
最新试卷
