juniper认证考试
Which two statements are true regarding firewall user authentication?() (Choose two.)A、When configured for pass-through firewall user authentication, the user must first open a connection to the Junos security remote network resource.B、When configured for
题目
Which two statements are true regarding firewall user authentication?() (Choose two.)
- A、When configured for pass-through firewall user authentication, the user must first open a connection to the Junos security remote network resource.
- B、When configured for Web firewall user authentication only, the user must first open a connection to the Junos security remote network resource.
- C、If a Junos security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted .
- D、If a Junos security device is configured for Web firewall user authentication, new sessions are automatically intercepted.
参考答案和解析
相似问题和答案
第1题:
You have multiple realms configured on a MAG Series device. A user is authenticating with a non- Junos Pulse Access Control Service client. The username does not contain a realm suffix.Which behavior will the user experience?()
A. The user will not be able to log-in, as the Junos Pulse Access Control Service device cannot map the user to a realm when the realm value is empty.
B. The user will be mapped to all realms available to the user.
C. The Junos Pulse Access Control Service device displays a page where the user must choose from a list of realms.
D. The endpoint is assigned to the first realm in the list whose authentication server is a match with the endpoints software.
第2题:
Which two statements regarding firewall user authentication client groups are true?() (Choose two.)
- A、A client group is a list of clients associated with a group.
- B、A client group is a list of groups associated with a client.
- C、Client groups are referenced in security policy in the same manner in which individual clients are referenced.
- D、Client groups are used to simplify configuration by enabling firewall user authentication without security policy.
正确答案:B,C
第3题:
A. When configured for pass-through firewall user authentication, the user must first open a connection to the Junos security remote network resource.
B. When configured for Web firewall user authentication only, the user must first open a connection to the Junos security remote network resource.
C. If a Junos security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted .
D. If a Junos security device is configured for Web firewall user authentication, new sessions are automatically intercepted.
第4题:
Which statement describes the Authentication Proxy feature?()
- A、All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.
- B、A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.
- C、Prior to responding to a proxy ARP,the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.
- D、The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.
正确答案:B
第5题:
Which two commands can be used to monitor firewall user authentication?()
- A、show access firewall-authentication
- B、show security firewall-authentication users
- C、show security audit log
- D、show security firewall-authentication history
正确答案:B,D
第6题:
A company has completed two acquisitions over the previous year. Each of the acquired companies was allowed to keep its own independent authentication server. The network administrator has been asked to roll out the Junos Pulse Access Control Service to users within the original company along with each of the two acquired organizations.The administrator configures three authentication realms, one for each independent authentication server, and associates them all with a single sign-in policy. All of the client endpoints are running Junos Pulse on their Windows XP desktops.When a user signs in to the Junos Pulse Access Control Service, which statement is correct?()
A. The first authentication realm that was added to the sign-in policy is used by default.
B. The user is allowed to choose the correct authentication realm from a list presented by Junos Pulse.
C. When Junos Pulse is initially installed on the desktop, it must be configured with the correct realm.
D. This is not an allowed configuration; the administrator should configure separate sign-in policies for each realm.
第7题:
Which two firewall user authentication objects can be referenced in a security policy?()
- A、access profile
- B、client group
- C、client
- D、default profile
正确答案:B,C
第8题:
A. A client group is a list of clients associated with a group.
B. A client group is a list of groups associated with a client.
C. Client groups are referenced in security policy in the same manner in which individual clients are referenced.
D. Client groups are used to simplify configuration by enabling firewall user authentication without security policy.
第9题:
Which two traffic types trigger pass-through firewall user authentication?()
- A、SSH
- B、Telnet
- C、ICMP
- D、OSPF
- E、HTTP
正确答案:B,E
第10题:
Which two statements regarding firewall user authentication client groups are true?()
- A、Individual clients are configured under client groups in the configuration hierarchy.
- B、Client groups are configured under individual clients in the configuration hierarchy.
- C、Client groups are referenced in security policy in the same manner in which individual clients are referenced.
- D、Client groups are used to simplify configuration by enabling firewall user authentication without security policy.
正确答案:B,C