Define a default policy for the zone.
Assign logical interfaces to the zone.
Assign physical interfaces to the zone.
Define the zone as a security or functional zone
第1题:
Which statement best describes Cisco IOS Zone-Based Policy Firewall?()
第2题:
Which two steps are performed when configuring a zone?()
第3题:
At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? ()(Choose two.)
第4题:
Which statement describes a security zone?()
第5题:
You want to create an out-of-band management zone and assign the ge-0/0/0.0 interface to that zone.From the [edit] hierarchy, which command do you use to configure this assignment?()
第6题:
Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)
第7题:
You have configured a UTM profile called Block-Spam, which has the appropriate antispam configuration to block undesired spam e-mails.Which configuration would protect an SMTP server in the dmz zone from spam originating in the untrust zone?()
第8题:
It controls inter-zone traffic.
It controls intra-zone traffic.
It is named with a system-defined name.
It controls traffic destined to the device's ingress interface.
第9题:
Pass
Flow
Allow
Inspect
第10题:
from a zone to the device itself
from a zone to the same zone
from a zone to a different zone
from one interface to another interface
第11题:
Define a default policy for the zone.
Assign logical interfaces to the zone.
Assign physical interfaces to the zone.
Define the zone as a security or functional zone
第12题:
from a zone to the router itself
from a zone to the same zone
from a zone to a different zone
from one interface to another interface
第13题:
Which type of zone is used by traffic transiting the device?()
第14题:
Which two statements are true for a security policy? ()(Choose two.)
第15题:
Users can define policy to control traffic flow between which two components?()
第16题:
Regarding secure tunnel (st) interfaces, which statement is true?()
第17题:
Users can define policy to control traffic flow between which two components? ()(Choose two.)
第18题:
Regarding zone types, which statement is true?()
第19题:
DNS traffic is denied.
HTTP traffic is denied.
FTP traffic is permitted.
SMTP traffic is permitted.
第20题:
A security zone can contain one or more interfaces.
A security zone can contain interfaces in multiple routing instances.
A security zone must contain two or more interfaces.
A security zone must contain bridge groups.
第21题:
[edit security idp]
[edit security zones security-zone trust interfaces ge-0/0/0.0]
[edit security zones security-zone trust]
[edit security screen]
第22题:
You cannot assign an interface to a functional zone.
You can specifiy a functional zone in a security policy.
Security zones must have a scheduler applied.
You can use a security zone for traffic destined for the device itself.
第23题:
Traffic is permitted from the trust zone to the untrust zone.
Intrazone traffic in the trust zone is permitted.
All traffic through the device is denied.
The policy is matched only when no other matching policies are found.
第24题:
DNS traffic is denied.
HTTP traffic is denied.
FTP traffic is permitted.
SMTP traffic is permitted.