移动端

  • 题王微信公众号

    微信搜“题王网”真题密题、最新资讯、考试攻略、轻松拿下考试

计算机考试 | juniper认证考试

模式切换

0 0 0
我的错题 我的收藏 学习笔记

章节目录

单选题 Under which configuration hierarchy is an access profile configured for firewall user authentication?()

A

[edit access]

B

[edit security access]

C

[edit firewall access]

D

[edit firewall-authentication]

多选题 Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()

A

data integrity

B

data confidentiality

C

data authentication

D

outer IP header confidentiality

E

outer IP header authentication

单选题 You have been tasked with installing two SRX 5600 platforms in a high-availability cluster. Which requirement must be met for a successful installation?()

A

You must enable SPC detect within the configuration.

B

You must enable active-active failover for redundancy.

C

You must ensure all SPCs use the same slot placement.

D

You must configure auto-negotiation on the control ports of both devices

多选题 Which two firewall user authentication objects can be referenced in a security policy?()

A

access profile

B

client group

C

client

D

default profile

多选题 Which two statements about the use of SCREEN options are correct?()

A

SCREEN options are deployed at the ingress and egress sides of a packet flow.

B

Although SCREEN options are very useful, their use can result in more session creation.

C

SCREEN options offer protection against various attacks at the ingress zone of a packet flow.

D

SCREEN options examine traffic prior to policy processing, thereby resulting in fewer resouces used formalicious packet processing.

单选题 You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in the Untrust zone. How do you create this policy?()

A

Specify the IP address (172.19.1.1/32) as the destination address in the policy.

B

Specify the DNS entry (hostb.example.com.) as the destination address in the policy.

C

Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

D

Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy

多选题 Which three advanced permit actions within security policies are valid?()

A

Mark permitted traffic for firewall user authentication.

B

Mark permitted traffic for SCREEN options.

C

Associate permitted traffic with an IPsec tunnel.

D

Associate permitted traffic with a NAT rule.

E

Mark permitted traffic for IDP processing.

单选题 Regarding a route-based versus policy-based IPsec VPN, which statement is true?()

A

A route-based VPN generally uses less resources than a policy-based VPN.

B

A route-based VPN cannot have a deny action in a policy; a policy-based VPN can have a deny action.

C

A route-based VPN is better suited for dialup or remote access compared to a policy-based VPN.

D

A route-based VPN uses a policy referencing the IPsec VPN; a policy-based VPN policy does not use apolicy referencing the IPsec VPN

多选题 Which two parameters are configured in IPsec policy?()

A

mode

B

IKE gateway

C

security proposal

D

Perfect Forward Secrecy

多选题 You have been tasked with performing an update to the IDP attack database. Which three requirements areincluded as part of this task?()

A

The IDP security package must be installed after it is downloaded.

B

The device must be rebooted to complete the update.

C

The device must be connected to a network.

D

An IDP license must be installed on your device.

E

You must be logged in as the root user

1 2 3 4 5 下一页 尾页 /

到第