单选题You are not able to telnet to the interface IP of your JUNOS software with enhanced services devicefrom a PC on the same subnet. What is causing the problem? （）A Telnet is not being permitted by self policy.B Telnet is not being permitted by security p

第1题：

Which of the following is not a valid reason for a packet to be punted？（）

• A、The TCAM has reached capacity
• B、An unknown destination MAC address
• C、A packet being discarded due to a security violation
• D、A Telnet packet from a session being initiated with the switch
• E、Routing protocols sending broadcast traffic
• F、A packet belonging to a GRE tunnel

第2题：

You are not able to telnet to the interface IP of your JUNOS software with enhanced services devicefrom a PC on the same subnet. What is causing the problem? （）

• A、Telnet is not being permitted by self policy.
• B、Telnet is not being permitted by security policy.
• C、Telnet is not allowed because it is not considered secure.
• D、Telnet is not enabled as a host-inbound service on the zone.

第3题：

Which statement is true about interface-based source NAT？（）

• A、PAT is a requirement.
• B、It requires you to configure address entries in the junos-nat zone.
• C、It requires you to configure address entries in the junos-global zone.
• D、The IP addresses being translated must be in the same subnet as the egress interface.

第4题：

Several users are sending emails to CompTIA.org. but they are not being received. Which of thefollowing commands could be used to verify that the company is able to connect to the mailservice at CompTIA.org?（）

• A、Ping
• B、Arp
• C、Dig
• D、telnet

第5题：

Which statement is true about interface-based static NAT? （）

• A、It also supports PAT.
• B、It requires you to configure address entries in the junos-nat zone.
• C、It requires you to configure address entries in the junos-global zone.
• D、The IP addresses being translated must be in the same subnet as the incoming interface.

第6题：

You need to design a remote administration solution for servers on the internal network. Your solution must meet business and security requirements. What should you do？（）

• A、Permit administrators to use an HTTP interface to manage servers remotely
• B、Permit only administrators to connect to the servers’ Telnet service
• C、Permit administrators to manage the servers by using Microsoft NetMeeting
• D、Require administrators to use Remote Desktop for Administration connections to manage the servers

第7题：

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

You are unable to telnet to a router at address 203.125.12.1 from a workstation with the IP address 203.125.12.23. You suspect that there is a problem with your protocol stack. Which of the following actions is most likely to confirm your diagnosis?（）

• A、ping 127.0.0.0
• B、ping 203.125.12.1
• C、telnet 127.0.0.1
• D、ping 127.0.0.1
• E、tracert 203.125.12.1

第14题：

You issue the command telnet interface ge-1/1/0 10.10.10.1 source 192.168.100.1 bypass-routing. Which statement is correct?（）

• A、The bypass-routing parameter is ignored when using private IP addressing.
• B、The telnet session will have the source IP address 10.10.10.1.
• C、The telnet session will connect to the neighboring device's interface ge-1/1/0.
• D、Return traffic for the telnet session might not arrive at interface ge-1/1/0.

第15题：

Which statement best describes configuring access control lists to control Telnet traffic destined to therouter itself？（）

• A、The ACL applied to the vty lines has no in or out option like ACL being applied to an interface.
• B、The ACL is applied to the Telnet port with the ip access-group command.
• C、The ACL must be applied to each vty line individually.
• D、The ACL should be applied to all vty lines in the in direction to prevent an unwanted user from connecting to an unsecured port.

第16题：

You are not able to telnet to the interface IP address of your device from a PC on the same subnet. What iscausing the problem？（）

• A、Telnet is not being permitted by self policy.
• B、Telnet is not being permitted by security policy.
• C、Telnet is not allowed because it is not considered secure.
• D、Telnet is not enabled as a host-inbound service on the zone

第17题：

You are the network administrator for Humongous Insurance. The network consists of a single Active Directory domain named humongous.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You configure several Group Policy objects （GPOs） to enforce the use of IPSec for certain types of communication between specified computers.   A server named Server2 runs the Telnet service. A GPO is supposed to ensure that all Telnet connections to Server2 are encrypted by using IPSec. However， when you monitor network traffic， you notice that Telnet connections are not being encrypted.You need to view all of the IPSec settings that are applied to Server2 by GPOs. Which tool should you use？（）

• A、the IP Security Policy Management console
• B、the IP Security Monitor console
• C、the Resultant Set of Policy console
• D、Microsoft Baseline Security Analyzer （MBSA）

第18题：

Your company has a single Active Directory Domain Services （AD DS） domain and 1，000 client computers.   You are planning to deploy Windows 7 Enterprise to the client computers.   You need to design a custom image that will enable users to connect to a Telnet server.   What should you do？（）

• A、 Configure Windows Firewall to allow the Telnet program through Windows Firewall before capturing the image.
• B、 Change User Account Control settings before capturing the image.
• C、 Turn on the Telnet Server feature in the image.
• D、 Turn on the Telnet Client feature in the image.

第19题：

第20题：

第21题：

第22题：

第23题：

第24题：