Juniper SEC,Specialist(JNCIS-SEC) - JN0-331무료 덤프문제 풀어보기
Which attribute is optional for IKE phase 2 negotiations?
정답: C
Users can define policy to control traffic flow between which two components? (Choose two.)
정답: A,C
Click the Exhibit button.
[edit security policies from-zone HR to-zone trust]
user@host# show
policy two {
match {
source-address subnet_a;
destination-address host_b;
application [ junos-telnet junos-ping ];
}
then {
reject;
}} policy one {
match {
source-address host_a;
destination-address subnet_b;
application any;
}
then {
permit;
}}
host_a is in subnet_a and host_b is in subnet_b.
Given the configuration shown in the exhibit, which statement is true about traffic from host_a
to host_b?
[edit security policies from-zone HR to-zone trust]
user@host# show
policy two {
match {
source-address subnet_a;
destination-address host_b;
application [ junos-telnet junos-ping ];
}
then {
reject;
}} policy one {
match {
source-address host_a;
destination-address subnet_b;
application any;
}
then {
permit;
}}
host_a is in subnet_a and host_b is in subnet_b.
Given the configuration shown in the exhibit, which statement is true about traffic from host_a
to host_b?
정답: C
Which two statements regarding asymmetric key encryption are true? (Choose two.)
정답: C,D
Which two statements describe the difference between JUNOS Software for security platforms and a traditional router? (Choose two.)
정답: A,B
Click the Exhibit button.
[edit security zones security-zone HR]
user@host# show
host-inbound-traffic {
system-services {
ping;
ssh;
https;
}}
interfaces {
ge-0/0/0.0;
ge-0/0/1.0 {
host-inbound-traffic {
system-services {
ping;
}}}
ge-0/0/2.0 {
host-inbound-traffic {
system-services {
ping;
ftp;
}}}
ge-0/0/3.0 {
host-inbound-traffic {
system-services {
all;
ssh {
except;
}}}
}}
All system services have been enabled.
Given the configuration shown in the exhibit, which interface allows both ping and SSH traffic?
[edit security zones security-zone HR]
user@host# show
host-inbound-traffic {
system-services {
ping;
ssh;
https;
}}
interfaces {
ge-0/0/0.0;
ge-0/0/1.0 {
host-inbound-traffic {
system-services {
ping;
}}}
ge-0/0/2.0 {
host-inbound-traffic {
system-services {
ping;
ftp;
}}}
ge-0/0/3.0 {
host-inbound-traffic {
system-services {
all;
ssh {
except;
}}}
}}
All system services have been enabled.
Given the configuration shown in the exhibit, which interface allows both ping and SSH traffic?
정답: D
A network administrator wants to permit Telnet traffic initiated from the address book entry
the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.
However, the administrator does not want the server to be able to initiate any type of traffic
from the TRUST zone to the UNTRUST zone.
Which configuration would correctly accomplish this task?
the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.
However, the administrator does not want the server to be able to initiate any type of traffic
from the TRUST zone to the UNTRUST zone.
Which configuration would correctly accomplish this task?
정답: D