You cannot assign an interface to a functional zone.
You can specifiy a functional zone in a security policy.
Security zones must have a scheduler applied.
You can use a security zone for traffic destined for the device itself.
第1题:
Which type of zone is used by traffic transiting the device?()
第2题:
Which two actions can be configured to allow traffic to traverse an interface when zone-based security isbeing employed?()
第3题:
You are installing a MAG Series device for access control using an SRX Series device as the firewall enforcer. The MAG Series device resides in the same security zone as users. However, the users reside in different subnets and use the SRX Series device as an IP gateway.Which statement is true?()
第4题:
Which two steps are performed when configuring a zone?()
第5题:
Which two statements are true regarding IDP?()
第6题:
Regarding secure tunnel (st) interfaces, which statement is true?()
第7题:
Which two statements are true about hierarchical architecture? ()(Choose two.)
第8题:
Regarding zone types, which statement is true?()
第9题:
A security zone can contain one or more interfaces.
A security zone can contain interfaces in multiple routing instances.
A security zone must contain two or more interfaces.
A security zone must contain bridge groups.
第10题:
[edit security idp]
[edit security zones security-zone trust interfaces ge-0/0/0.0]
[edit security zones security-zone trust]
[edit security screen]
第11题:
You cannot assign an interface to a functional zone.
You can specifiy a functional zone in a security policy.
Security zones must have a scheduler applied.
You can use a security zone for traffic destined for the device itself.
第12题:
Define a default policy for the zone.
Assign logical interfaces to the zone.
Assign physical interfaces to the zone.
Define the zone as a security or functional zone
第13题:
You want to allow your device to establish OSPF adjacencies with a neighboring device connected to interface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()
第14题:
You want to allow your device to establish OSPF adjacencies with a neighboring device connected tointerface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.Under which configuration hierarchy must you permit OSPF traffic?()
第15题:
In the Junos OS, which statement is true?()
第16题:
At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)
第17题:
Which statement describes a security zone?()
第18题:
You want to create an out-of-band management zone and assign the ge-0/0/0.0 interface to that zone.From the [edit] hierarchy, which command do you use to configure this assignment?()
第19题:
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)
第20题:
Your company, A. Datum Corporation, has a single Active Directory domain named intranet.adatum.com. The domain has two domain controllers that run Windows Server 2008 R2 operating system. The domain controllers also run DNS servers. The intranet.adatum.com DNS zone is configured as an Active Directoryintegrated zone with the Dynamic updates setting configured to Secure only. A new corporate security policy requires that the intranet.adatum.com DNS zone must be updated only by domain controllers or member servers. You need to configure the intranet.adatum.com zone to meet the new security policy requirement. Which two actions should you perform()
第21题:
set security zones management interfaces ge-0/0/0.0
set zones functional-zone management interfaces ge-0/0/0.0
set security zones functional-zone management interfaces ge-0/0/0.0
set security zones functional-zone out-of-band interfaces ge-0/0/0.0
第22题:
[edit security policies from-zone HR to-zone HR]
[edit security zones functional-zone management protocols]
[edit security zones protocol-zone HR host-inbound-traffic]
[edit security zones security-zone HR host-inbound-traffic protocols]
第23题:
[edit security policies from-zone HR to-zone HR]
[edit security zones functional-zone management protocols]
[edit security zones protocol-zone HR host-inbound-traffic]
[edit security zones security-zone HR host-inbound-traffic protocols]
第24题:
You cannot assign st interfaces to a security zone.
You cannot apply static NAT on an st interface logical unit.
st interfaces are optional when configuring a route-based VPN
A static route can reference the st interface logical unit as the next-hop