多选题What are three elements the Junos Pulse Access Control Service uses to establish endpoint access to protected resources?（）Asign-in policyBauthentication realmsCrole restrictionsDpolicy realmsErouting policy

第1题：

第2题：

第3题：

Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?（）

• A、Source IP and browser
• B、Source IP and certificate
• C、Certificate and Host Checker
• D、Host Checker and source IP

第4题：

A customer has purchased a third-party switch to use for Layer 2 access with their Junos Pulse Access Controe Service. When configuring the switch on the Junos Pulse Access Control Service, the customer does not find a make/model entry for it . Which two actions should the customer take to make the switch work with the Junos Pulse Access Control Service?（）

• A、Add the switch to the Junos Pulse Access Control Service as a standard RADIUS.
• B、Add the switch to the Junos Pulse Access Control Service using the "Any" make/model.
• C、Add the switch as a firewall enforcer.
• D、Obtain and configure the RADIUS dictionary for the switch and use that vendor listing for the make/model.

第5题：

Which three types of policies must you configure to allow remote users transparent access to protected resources using IF-MAP Federation between a Junos Pulse Secure Access Service and a Junos Pulse Access Control Service?（）

• A、Session-Export policies on the Junos Pulse Secure Access Service
• B、Session-Export policies on the Junos Pulse Access Control Service
• C、Session-Import policies on the Junos Pulse Secure Access Service
• D、Session-Import policies on the Junos Pulse Access Control Service
• E、Resource access policies on the Junos Pulse Access Control Service

第6题：

What are three benefits of IF-MAP Federation?（）

• A、Enables seamless access for remote access users to firewall enforcer protected resources.
• B、Scales a Junos Pulse Access control Service deployment beyond the capacity of a single cluster.
• C、Enables dynamic configuration synchronization across multiple MAG Series devices.
• D、Provides a substitute for WAN clustering among geographically separated MAG Series devices.
• E、Shares non-localized DP integration and IPsec configuration information between multiple Junos Pulse Access Control Service instances.

第7题：

What are three elements the Junos Pulse Access Control Service uses to establish endpoint access to protected resources?（）

• A、sign-in policy
• B、authentication realms
• C、role restrictions
• D、policy realms
• E、routing policy

第8题：

You are deploying a Junos Pulse Access Control Service cluster in active/passive mode. How do you configure the IP address on the SRX Series devices?（）

• A、Configure a single Junos Pulse Access Control Service instance on the enforcer, specifying the VIP as the IP address the instance.
• B、Configure multiple Junos Pulse Access Control Service instances on the enforcer, specifying the specific IP address each device in a separate instance.
• C、Configure a single Junos Pulse Access Control Service instance on the enforcer, specifying the VIP and active node address in the instance.
• D、Configure a single Junos Pulse Access Control Service instance on the enforcer, specifying the VIP and passive node address in the instance.

第9题：

第10题：

第11题：

第12题：

第13题：

第14题：

In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?（）

• A、to specify the destination addresses to which access is permitted
• B、to specify the source address permitted to access the resource
• C、to specify the services to which access is permitted
• D、to inform the enforcer to expect policy information from the Junos Pulse Access Control Service

第15题：

You want to create a security policy on an SRX240 that redirects unauthenticated users back to the Junos Pulse Access Control Service.Which two steps must you take to accomplish this task?（）

• A、Configure a captive-portal service that redirects all traffic back to the Junos Pulse Access Control Service.
• B、Configure a security policy that references the unified-access-control captive-portal service.
• C、Configure a captive-portal service that redirects unauthenticated traffic back to the Junos Pulse Access Control Service.
• D、Configure a security policy that references the unified-access-control intranet-controller service.

第16题：

Which Junos Pulse feature allows the user to log in once through a Junos Pulse Secure Access Service on the network and then access resources protected by a Junos Pulse Access Control Service without reauthentication?（）

• A、Roaming Session
• B、Session Migration
• C、Location Awareness
• D、Persistent Session

第17题：

A customer has purchased a new Junos Pulse Access Control Service and wants to install it in an existing cluster.After initial configuration, the customer finds that the firmware version running on the Junos Pulse Access Control Service is 4.1 r5, but the existing cluster is running firmware version 4.1 r3. Which two actions must be performed to allow the new Junos Pulse Access Control Service to load the older version of firmware?（）

• A、Install a valid license on the new Junos Pulse Access Control Service.
• B、When loading the older firmware, delete all the existing data on the Junos Pulse Access Control Service.
• C、Add the new Junos Pulse Access Control Service to the existing cluster.
• D、Download the 4.1 r3 version firmware from the Juniper support website.

第18题：

What are two use cases enabled by IF-MAP Federation?（）

• A、Users authenticated to one Junos Pulse Access Control Service can transparently access resources protected by another Junos Pulse Access Control Service.
• B、Users authenticated to a Junos Pulse Access Control Service can transparently access resources protected by a Junos Pulse Secure Access Service.
• C、Remote access users authenticated to a Junos Pulse Secure Access Service can transparently access resources protected by a Junos Pulse Access Control Service.
• D、Remote access users authenticated to one Junos Pulse Secure Access Service can transparently access resources protected by another Junos Pulse Secure Access Service.

第19题：

What is the function of Host Checker?（）

• A、To allow clientless access to the network
• B、To restrict access to protected resources on the network
• C、To scan an endpointfor compliance with security policies
• D、To push a firewall policy to the endpoint's local firewall application

第20题：

You have a Junos Pulse Secure Access Service acting as an IF-MAP client, configured to federate all user roles to a Junos Pulse Access Control Service acting as an IF-MAP Federation server. A remote user using Junos Pulse logs in to the Junos Pulse Secure Access Service; the Junos Pulse Secure Access Service provisions a remote access session for that user.What happens next?（）

• A、The Junos Pulse Secure Access Service redirects the user to the Junos Pulse Secure Access Service for authentication
• B、The Junos Pulse Access Control Service provisions enforcement points to enable resource access for that user.
• C、The Junos Pulse Secure Access Service publishes user session and role information to the IF- MAP Federation server,
• D、The Junos Pulse Secure Access Service provisions enforcement points to enable resource access for that user.

第21题：

第22题：

第23题：

第24题：