多选题At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)A[edit security idp]B[edit security zones security-zone trust interfaces ge-0/0/0.0]C[edit security zones security-zone trust]D[edit security
题目
[edit security idp]
[edit security zones security-zone trust interfaces ge-0/0/0.0]
[edit security zones security-zone trust]
[edit security screen]
相似考题
参考答案和解析
更多“多选题At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)A[edit security idp]B[edit security zones security-zone trust interfaces ge-0/0/0.0]C[edit security zones security-zone trust]D[edit security ”相关问题
-
第1题:
At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)A. [edit security idp]
B. [edit security zones security-zone trust interfaces ge-0/0/0.0]
C. [edit security zones security-zone trust]
D. [edit security screen]
参考答案:B, C
-
第2题:
You want to allow your device to establish OSPF adjacencies with a neighboring device connected to interface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()
A. [edit security policies from-zone HR to-zone HR]
B. [edit security zones functional-zone management protocols]
C. [edit security zones protocol-zone HR host-inbound-traffic]
D. [edit security zones security-zone HR host-inbound-traffic protocols]
参考答案:D
-
第3题:
You want to test a configured screen value prior to deploying.Which statement will allow you to accomplish this?()
- A、[edit security screen] user@host# show ids-option untrust-screen { alarm-test-only; }
- B、[edit security screen] user@host# show ids-option untrust-screen { alarm-without-drop; }
- C、[edit security screen] user@host# show ids-option untrust-screen { alarm-no-drop; }
- D、[edit security screen] user@host# show ids-option untrust-screen { test-without-drop; }
正确答案:B -
第4题:
You want to allow your device to establish OSPF adjacencies with a neighboring device connected tointerface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()
- A、[edit security policies from-zone HR to-zone HR]
- B、[edit security zones functional-zone management protocols]
- C、[edit security zones protocol-zone HR host-inbound-traffic]
- D、[edit security zones security-zone HR host-inbound-traffic protocols]
正确答案:D -
第5题:
You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality?()
- A、[edit interfaces]
- B、[edit security zones]
- C、[edit system services]
- D、[edit security interfaces]
正确答案:B -
第6题:
You are configuring new BGP neighbor and want to view the configuration for the interface ge-0/0/0.42.Which command do you use to achieve this result?()
- A、[edit protocols bgp group external] user@router# set interfaces ge-0/0/0.42 ?
- B、[edit protocols bgp group external] user@router# edit show interfaces ge-0/0/0.42
- C、[edit protocols bgp group external] user@router# top show interfaces ge-0/0/0.42
- D、[edit protocols bgp group external] user@router# show interfaces ge0/0/0.42
正确答案:C -
第7题:
You are required to configure a SCREEN option that enables IP source route option detection.Which twoconfigurations meet this requirement?() (Choose two.)
- A、[edit security screen] user@host# show ids-option protectFromFlood { ip { loose-source-route-option; strict-source-route-option; } }
- B、[edit security screen] user@host# show ids-option protectFromFlood { ip { source-route-option; } }
- C、[edit security screen] user@host# show ids-option protectFromFlood { ip { record-route-option; security-option; } }
- D、[edit security screen] user@host# show ids-option protectFromFlood { ip { strict-source-route-option; record-route-option; } }
正确答案:A,B -
第8题:
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)
- A、Traffic is permitted from the trust zone to the untrust zone.
- B、Intrazone traffic in the trust zone is permitted.
- C、All traffic through the device is denied.
- D、The policy is matched only when no other matching policies are found.
正确答案:C,D -
第9题:
单选题Under which Junos hierarchy level are security policies configured?()A[edit security]
B[edit protocols]
C[edit firewall]
D[edit policy-options]
正确答案: D解析: 暂无解析 -
第10题:
单选题You want to create an out-of-band management zone and assign the ge-0/0/0.0 interface to that zone.From the [edit] hierarchy, which command do you use to configure this assignment?()Aset security zones management interfaces ge-0/0/0.0
Bset zones functional-zone management interfaces ge-0/0/0.0
Cset security zones functional-zone management interfaces ge-0/0/0.0
Dset security zones functional-zone out-of-band interfaces ge-0/0/0.0
正确答案: C解析: 暂无解析 -
第11题:
多选题You are required to configure a SCREEN option that enables IP source route option detection.Which twoconfigurations meet this requirement?() (Choose two.)A[edit security screen] user@host# show ids-option protectFromFlood { ip { loose-source-route-option; strict-source-route-option; } }
B[edit security screen] user@host# show ids-option protectFromFlood { ip { source-route-option; } }
C[edit security screen] user@host# show ids-option protectFromFlood { ip { record-route-option; security-option; } }
D[edit security screen] user@host# show ids-option protectFromFlood { ip { strict-source-route-option; record-route-option; } }
正确答案: D,B解析: 暂无解析 -
第12题:
单选题You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge-0/0/0.0 IP address.Where do you configure this functionality?()A[edit interfaces]
B[edit security zones]
C[edit system services]
D[edit security interfaces]
正确答案: A解析: 暂无解析 -
第13题:
Under which Junos hierarchy level are security policies configured?()A. [edit security]
B. [edit protocols]
C. [edit firewall]
D. [edit policy-options]
参考答案:A
-
第14题:
Auserwantstobepermanentlyaddedtothedbagroup.Whichofthefollowingcommandsorprocessescanbeusedtoaccomplishthis()A.chgrp
B.chuser
C.edit/etc/user
D.edit/etc/security/group
参考答案:B
-
第15题:
You are configuring a new BGP neighbor and want to view the configuration of interface ge-0/0/0.42. Which command do you use to achieve this result?()
- A、[edit protocols bgp group external] user@router# set interfaces ge-0/0/0.42
- B、[edit protocols bgp group external] user@router# edit show interfaces ge-0/0/0.42
- C、[edit protocols bgp group external] user@router# top show interfaces ge-0/0/0.42
- D、[edit protocols bgp group external] user@router# show interfaces ge-0/0/0.42
正确答案:C -
第16题:
Under which configuration hierarchy is an access profile configured for firewall user authentication?()
- A、[edit access]
- B、[edit security access]
- C、[edit firewall access]
- D、[edit firewall-authentication]
正确答案:A -
第17题:
At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)
- A、[edit security idp]
- B、[edit security zones security-zone trust interfaces ge-0/0/0.0]
- C、[edit security zones security-zone trust]
- D、[edit security screen]
正确答案:B,C -
第18题:
Which two statements are true regarding IDP?()
- A、IDP can be used in conjunction with other JUNOS Software security features such as SCREEN options,zones, and security policy.
- B、IDP cannot be used in conjunction with other JUNOS Software security features such as SCREEN options, zones, and security policy.
- C、IDP inspects traffic up to the Presentation layer.
- D、IDP inspects traffic up to the Application layer.
正确答案:A,D -
第19题:
You want to create an out-of-band management zone and assign the ge-0/0/0.0 interface to that zone.From the [edit] hierarchy, which command do you use to configure this assignment?()
- A、set security zones management interfaces ge-0/0/0.0
- B、set zones functional-zone management interfaces ge-0/0/0.0
- C、set security zones functional-zone management interfaces ge-0/0/0.0
- D、set security zones functional-zone out-of-band interfaces ge-0/0/0.0
正确答案:C -
第20题:
Under which Junos hierarchy level are security policies configured?()
- A、[edit security]
- B、[edit protocols]
- C、[edit firewall]
- D、[edit policy-options]
正确答案:A -
第21题:
多选题Which two statements are true regarding IDP?()AIDP can be used in conjunction with other JUNOS Software security features such as SCREEN options,zones, and security policy.
BIDP cannot be used in conjunction with other JUNOS Software security features such as SCREEN options, zones, and security policy.
CIDP inspects traffic up to the Presentation layer.
DIDP inspects traffic up to the Application layer.
正确答案: A,B解析: 暂无解析 -
第22题:
多选题At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)A[edit security idp]
B[edit security zones security-zone trust interfaces ge-0/0/0.0]
C[edit security zones security-zone trust]
D[edit security screen]
正确答案: B,D解析: 暂无解析 -
第23题:
单选题Under which configuration hierarchy is an access profile configured for firewall user authentication?()A[edit access]
B[edit security access]
C[edit firewall access]
D[edit firewall-authentication]
正确答案: A解析: 暂无解析 -
第24题:
多选题Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)ATraffic is permitted from the trust zone to the untrust zone.
BIntrazone traffic in the trust zone is permitted.
CAll traffic through the device is denied.
DThe policy is matched only when no other matching policies are found.
正确答案: C,A解析: 暂无解析