单选题Which statement accurately describes firewall user authentication？（）A Firewall user authentication provides another layer of security in a network.B Firewall user authentication provides a means for accessing a JUNOS Software-based security device.C Fi

第1题：

第2题：

Which two firewall user authentication objects can be referenced in a security policy？（）

• A、access profile
• B、client group
• C、client
• D、default profile

第3题：

Which two statements are true regarding firewall user authentication?（） (Choose two.)

• A、When configured for pass-through firewall user authentication, the user must first open a connection to the Junos security remote network resource.
• B、When configured for Web firewall user authentication only, the user must first open a connection to the Junos security remote network resource.
• C、If a Junos security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted .
• D、If a Junos security device is configured for Web firewall user authentication, new sessions are automatically intercepted.

第4题：

Which statement describes the Authentication Proxy feature？（）

• A、All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.
• B、A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.
• C、Prior to responding to a proxy ARP，the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.
• D、The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.

第5题：

Which two statements regarding firewall user authentication client groups are true？（）

• A、Individual clients are configured under client groups in the configuration hierarchy.
• B、Client groups are configured under individual clients in the configuration hierarchy.
• C、Client groups are referenced in security policy in the same manner in which individual clients are referenced.
• D、Client groups are used to simplify configuration by enabling firewall user authentication without security policy.

第6题：

Given the configuration shown in the exhibit， which configuration object would be used to associate bothNancy and Walter with firewall user authentication within a security policy？（） profile ftp-users { client nancy { firewall-user { password "$9$lJ8vLNdVYZUHKMi.PfzFcyrvX7"； ## SECRET-DATA } } client walter { firewall-user { password "$9$a1UqfTQnApB36pBREKv4aJUk.5QF"； ## SECRET-DATA } } session-options { client-group ftp-group； } } firewall-authentication { pass-through { default-profile ftp-users；ftp { banner { login "JUNOS Rocks!"； } } } }

• A、ftp-group
• B、ftp-users
• C、firewall-user
• D、nancy and walter

第7题：

Which three advanced permit actions within security policies are valid？（）

• A、Mark permitted traffic for firewall user authentication.
• B、Mark permitted traffic for SCREEN options.
• C、Associate permitted traffic with an IPsec tunnel.
• D、Associate permitted traffic with a NAT rule.
• E、Mark permitted traffic for IDP processing.

第8题：

Which three firewall user authentication objects can be referenced in a security policy? （）(Choose three.)

• A、access profile
• B、client group
• C、client
• D、default profile
• E、external

第9题：

第10题：

第11题：

第12题：

第13题：

Which two statements regarding firewall user authentication client groups are true?（） (Choose two.)

• A、A client group is a list of clients associated with a group.
• B、A client group is a list of groups associated with a client.
• C、Client groups are referenced in security policy in the same manner in which individual clients are referenced.
• D、Client groups are used to simplify configuration by enabling firewall user authentication without security policy.

第14题：

Which two commands can be used to monitor firewall user authentication？（）

• A、show access firewall-authentication
• B、show security firewall-authentication users
• C、show security audit log
• D、show security firewall-authentication history

第15题：

Which two traffic types trigger pass-through firewall user authentication？（）

• A、SSH
• B、Telnet
• C、ICMP
• D、OSPF
• E、HTTP

第16题：

Kerberos is a form of user authentication that:（）

• A、Provides users access to network resources.
• B、Performs router commands after user authentication.
• C、Provides users with remote access only capabilities.
• D、Does not require an authentication server

第17题：

Under which configuration hierarchy is an access profile configured for firewall user authentication？（）

• A、[edit access]
• B、[edit security access]
• C、[edit firewall access]
• D、[edit firewall-authentication]

第18题：

Which two external authentication server types are supported by JUNOS Software for firewall user authentication？（）

• A、RADIUS
• B、TACACS+
• C、LDAP
• D、IIS

第19题：

Which two statements are true regarding firewall user authentication？（）

• A、When configured for pass-through firewall user authentication， the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.
• B、When configured for Web firewall user authentication only， the user must first open a connection to the JUNOS security platform before connecting to a remote network resource.
• C、If a JUNOS security device is configured for pass-through firewall user authentication， new sessions are automatically intercepted to perform authentication.
• D、If a JUNOS security device is configured for Web firewall user authentication， new sessions are automatically intercepted to perform authentication.

第20题：

Which statement accurately describes firewall user authentication？（）

• A、Firewall user authentication provides another layer of security in a network.
• B、Firewall user authentication provides a means for accessing a JUNOS Software-based security device.
• C、Firewall user authentication enables session-based forwarding.
• D、Firewall user authentication is used as a last resort security method in a network.

第21题：

第22题：

第23题：