问题:多选题An IPsec tunnel is established on an SRX Series Gateway on an interface whose IP address was obtained using DHCP.Which two statements are true? ()(Choose two.)AOnly main mode can be used for IKE negotiationBA local-identity must be definedCIt must be the initiator for IKEDA remote-identity must be defined
Saturday, December 16, 2023
问题:单选题Which Web-filtering technology can be used at the same time as integrated Web filtering on a single branch SRX Series device?()A Websense redirect Web filteringB local Web filtering (blacklist or whitelist)C firewall user authenticationD ICAP
Friday, May 10, 2024
问题:单选题What is the correct syntax for applying node-specific parameters to each node in a chassis cluster?()A set apply-groups node$B set apply-groups (node)C set apply-groups $(node)D set apply-groups (node)all
Sunday, January 21, 2024
问题:单选题Which statement is true regarding the Junos OS for security platforms?()A SRX Series devices can store sessions in a session table.B SRX Series devices accept all traffic by default.C SRX Series devices must operate only in packet-based mode.D SRX Series devices must operate only in flow-based mode.
问题:单选题You want to allow your device to establish OSPF adjacencies with a neighboring device connected to interface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()A [edit security policies from-zone HR to-zone HR]B [edit security zones functional-zone management protocols]C [edit security zones protocol-zone HR host-inbound-traffic]D [edit security zones security-zone HR host-inbound-traffic protocols]
Sunday, March 17, 2024
问题:单选题A user wants to establish an HTTP session to a server behind an SRX device but is being pointed to Web page on the SRX device for additional authentication.Which type of user authentication is configured?()A pass-through with Web redirectB WebAuth with HTTP redirectC WebAuthD pass-through
Saturday, March 30, 2024
问题:多选题Which two statements regarding symmetric key encryption are true?() (Choose two.)AThe same key is used for encryption and decryption.BIt is commonly used to create digital certificate signatures.CIt uses two keys: one for encryption and a different key for decryption.DAn attacker can decrypt data if the attacker captures the key used for encryption.
问题:单选题Which security or functional zone name has special significance to the Junos OS?()A selfB trustC untrustD junos-global
Thursday, December 28, 2023
问题:多选题Which two statements are true about hierarchical architecture? ()(Choose two.)AYou can assign a logical interface to multiple zones.BYou cannot assign a logical interface to multiple zones.CYou can assign a logical interface to multiple routing instances.DYou cannot assign a logical interface to multiple routing instances.
问题:单选题For which network anomaly does Junos provide a SCREEN?()A a telnet to port 80B a TCP packet with the SYN and ACK flags setC an SNMP getnext requestD an ICMP packet larger than 1024 bytes
Wednesday, April 17, 2024
问题:单选题Which command do you use to manually remove antivirus patterns?()A request security utm anti-virus juniper-express-engine pattern-deleteB request security utm anti-virus juniper-express-engine pattern-reloadC request security utm anti-virus juniper-express-engine pattern-removeD delete security utm anti-virus juniper-express-engine antivirus-pattern
问题:单选题A network administrator has configured source NAT, translating to an address that is on a locally connected subnet.The administrator sees the translation working, but traffic does not appear to come back. What is causing the problem?()A The host needs to open the telnet port.B The host needs a route for the translated address.C The administrator must use a proxy-arp policy for the translated address.D The administrator must use a security policy, which will allow communication between the zones.
问题:单选题Which command do you use to display the status of an antivirus database update?()A show security utm anti-virus statusB show security anti-virus database statusC show security utm anti-virus databaseD show security utm anti-virus update
问题:单选题What is the default session timeout for TCP sessions?()A 1 minuteB 15 minutesC 30 minutesD 90 minutes
问题:单选题When using UTM features in an HA cluster, which statement is true for installing the licenses on the cluster members?()A One UTM cluster license will activate UTM features on both members.B Each device will need a UTM license generated for its serial number.C Each device will need a UTM license generated for the cluster, but licenses can be applied to either member.D HA clustering automatically comes with UTM licensing, no additional actions are needed.
问题:多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?() (Choose three.)Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
问题:多选题Which two functions of the Junos OS are handled by the data plane? ()(Choose two.)ANATBOSPFCSNMPDSCREEN options
问题:多选题Which three parameters are configured in the IKE policy? ()(Choose three.)AmodeBpreshared keyCexternal interfaceDsecurity proposalsEdead peer detection settings
问题:单选题Under which Junos hierarchy level are security policies configured?()A [edit security]B [edit protocols]C [edit firewall]D [edit policy-options]