IPsec Routing
Access Control
IP Address Pool
Source Interface
第1题:
You have a firewall enforcer protecting sensitive internal resources in a data center. The network traversed by endpoint traffic is semi-trusted, so you need to encrypt the traffic between the endpoints accessing the resources and the firewall enforcer.Which type of policies provide this level of protection?()
A. resource access policies
B. Host Enforcer policies
C. source IP enforcement policies
D. IPsec enforcement policies
第2题:
A. dial-up VPN
B. IKE authentication
C. XAuth authentication
D. shared IKE authentication
第3题:
A. to specify the destination addresses to which access is permitted
B. to specify the source address permitted to access the resource
C. to specify the services to which access is permitted
D. to inform the enforcer to expect policy information from the Junos Pulse Access Control Service
第4题:
When using the Cisco SDM Quick Setup Siteto-Site VPN wizard, which three parameters do you configure?()
第5题:
A. You do not need to configure a RADIUS client policy.
B. You must know the exact model number of the Infranet Enforcer.
C. You must specify the NACN password of the device in the RADIUS client policy.
D. You do not need to designate a location group to which the Infranet Enforcer will belong.
第6题:
You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()
A. Resource access policy on the MAG Series device
B. IPsec routing policy on the MAG Series device
C. General traffic policy blocking access through the firewall enforcer
D. Auth table entry on the firewall enforcer
第7题:
A. IPsec Routing
B. Access Control
C. IP Address Pool
D. Source Interface
第8题:
You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service.What must you add to complete the security policy configuration?()
A. The intranet-auth authentication option
B. The redirect-portal application service
C. The uac-policy application service
D. The ipsec-vpn tunnel
第9题:
You need to configure a GRE tunnel on a IPSec router. When you are using the SDM to configurea GRE tunnel over IPsec, which two parameters are required when defining the tunnel interfaceinformation?()
第10题:
The LAN-side of the Teleworker router is assigned private IP address space (RFC1918), and the VPN topology is IPSec-only (no GRE protocol). When is it required to configure NAT/pNAT on the Teleworker router?()