站内搜索
JN0-330 问题列表
问题
单选题Based on the configuration shown in the exhibit, what will happen to the traffic matching the security policy?()A
The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.B
The traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.C
The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.D
The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.
问题
单选题You want to create a policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in theUntrust zone. How do you do create this policy? ()A
Specify the IP address (172.19.1.1/32) as the destination address in the policy.B
Specify the DNS entry (hostb.example.com.) as the destination address in the policy.C
Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.D
Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.
问题
单选题In a JSRP cluster with two J6350 routers, the interface ge-7/0/0 belongs to which device? ()A
This interface is a system-created interface.B
This interface belongs to NODE0 of the cluster.C
This interface belongs to NODE1 of the cluster.D
This interface will not exist because J6350 routers have only six slots.
问题
单选题A route-based VPN is required for which scenario? ()A
when the remote VPN peer is behind a NAT deviceB
when multiple networks need to be reached across the tunnelC
when the remote VPN peer is a dialup or remote access clientD
when a dynamic routing protocol such as OSPF is required across the VPN
问题
多选题Click the Exhibit button. host_a is in subnet_a and host_b is in subnet_b. Given the configuration shown in the exhibit, which statement is true about traffic from host_a to host_b?()ADNS traffic is denied.BTelnet traffic is denied.CSMTP traffic is denied.DPing traffic is permitted.
问题
单选题Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessionswhen you change the policy action from permit to deny? ()A
The new sessions matching the policy are denied. The existing sessions are dropped.B
The new sessions matching the policy are denied. The existing sessions, not being allowed to carry any traffic, simply timeout.C
The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.D
The new sessions matching the policy are denied. The existing sessions continue until they are completed or their timeout is reached.
问题
单选题Click the Exhibit button. In the exhibit, what is the purpose of this OSPF configuration?()A
The router sends the file debugOSPF (containing hellos sent and LSA updates) to the syslog server.B
The router traces both OSPF hellos sent and LSA updates, and stores the results in the debugOSPFfile.C
The router traces both OSPF hellos sent and LSA updates, and sends the results to the syslog process with the debugOSPF facility.D
The router traces all OSPF operations, stores the results in the debugOSPF file, and marks both hellos sent and LSAupdates in the file with a special flag.
问题
多选题Users can define policy to control traffic flow between which two components? ()(Choose two.)Afrom a zone to the router itselfBfrom a zone to the same zoneCfrom a zone to a different zoneDfrom one interface to another interface
问题
多选题Which three security concerns can be addressed by a tunnel mode IPSec VPN secured by AH?()(Choose three.)Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
问题
多选题On which three traffic types does firewall pass-through authentication work? ()(Choose three.)ApingBFTPCTelnetDHTTPEHTTPS
问题
单选题Which parameters must you select when configuring operating system probes SCREEN options?()A
syn-fin, syn-flood, and tcp-no-fragB
syn-fin, port-scan, and tcp-no-flagC
syn-fin, fin-no-ack, and tcp-no-fragD
syn-fin, syn-ack-ack-proxy, and tcp-no-frag
问题
多选题Which two are components of the enhanced services software architecture?() (Choose two.)ALinux kernelBrouting protocol daemonCsession-based forwarding moduleDseparate routing and security planes
问题
单选题Host A opens a Telnet connection to Host B. Host A then opens another Telnet connection to Host B. These connections are the only communication between Host A and Host B. The security policy configuration permits both connections. How many flows exist between Host A and Host B? ()A
1B
2C
3D
4
问题
单选题Interface ge-0/0/2.0 of your router is attached to the Internet and is configured with an IP address and network mask of 71.33.252.17/24. A host with IP address 10.20.20.1 is running an HTTP service on TCP port 8080. This host isattached to the ge-0/0/0.0 interface of your router. You must use interface-based static NAT to make the HTTP service on the host reachable from the Internet. On which IP address and TCP port can Internet hosts reach the HTTP service?()A
IP address 10.10.10.1 and TCP port 8080B
IP address 71.33.252.17 and TCP port 80C
IP address 71.33.251.19 and TCP port 80D
IP address 71.33.252.19 and TCP port 8080
问题
单选题A traditional router is better suited than a firewall device for which function? ()A
VPN establishmentB
packet-based forwardingC
stateful packet processingD
network address translation