单选题Given the configuration shown in the exhibit， which configuration object would be used to associate bothNancy and Walter with firewall user authentication within a security policy？（） profile ftp-users { client nancy { firewall-user { password "$9$lJ8vL

第1题：

第2题：

Which two statements regarding firewall user authentication client groups are true?（） (Choose two.)

• A、A client group is a list of clients associated with a group.
• B、A client group is a list of groups associated with a client.
• C、Client groups are referenced in security policy in the same manner in which individual clients are referenced.
• D、Client groups are used to simplify configuration by enabling firewall user authentication without security policy.

第3题：

Which two commands can be used to monitor firewall user authentication？（）

• A、show access firewall-authentication
• B、show security firewall-authentication users
• C、show security audit log
• D、show security firewall-authentication history

第4题：

Which statement describes the Authentication Proxy feature？（）

• A、All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.
• B、A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.
• C、Prior to responding to a proxy ARP，the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.
• D、The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.

第5题：

Under which configuration hierarchy is an access profile configured for firewall user authentication？（）

• A、[edit access]
• B、[edit security access]
• C、[edit firewall access]
• D、[edit firewall-authentication]

第6题：

Which three advanced permit actions within security policies are valid?（） (Choose three.)

• A、Mark permitted traffic for firewall user authentication.
• B、Mark permitted traffic for SCREEN options.
• C、Associate permitted traffic with an IPsec tunnel.
• D、Associate permitted traffic with a NAT rule.
• E、Mark permitted traffic for IDP processing.

第7题：

Which three firewall user authentication objects can be referenced in a security policy? （）(Choose three.)

• A、access profile
• B、client group
• C、client
• D、default profile
• E、external

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

第14题：

Which two firewall user authentication objects can be referenced in a security policy？（）

• A、access profile
• B、client group
• C、client
• D、default profile

第15题：

You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. All client computers run Windows XP Professional, and all client computer objects are store din the Clients organizational unit (OU). Client computers receive critical security patches from servers at Microsoft. A server named Testking1 runs Software Update Services (SUS). You enable Testking1 to obtain and store security patches for distribution on the internal network. Now you need to ensure that all client computers receive future security patches from Testking1 only. You open the Group Policy object (GPO) for the Clients OU. Which setting should you configure?（）

• A、Computer Configuration/Software Settings/Software Installation
• B、User Configuration/Software Settings/Software Installation
• C、Computer Configuration/Administrative Templates/Windows Components/Windows Installer
• D、User Configuration/Administrative Templates/Windows Components/Windows Installer
• E、Computer Configuration/Administrative Templates/Windows Components/Windows Update
• F、User Configuration/Administrative Templates/Windows Components/Windows Update

第16题：

Which two statements regarding firewall user authentication client groups are true？（）

• A、Individual clients are configured under client groups in the configuration hierarchy.
• B、Client groups are configured under individual clients in the configuration hierarchy.
• C、Client groups are referenced in security policy in the same manner in which individual clients are referenced.
• D、Client groups are used to simplify configuration by enabling firewall user authentication without security policy.

第17题：

Given the configuration shown in the exhibit， which configuration object would be used to associate bothNancy and Walter with firewall user authentication within a security policy？（） profile ftp-users { client nancy { firewall-user { password "$9$lJ8vLNdVYZUHKMi.PfzFcyrvX7"； ## SECRET-DATA } } client walter { firewall-user { password "$9$a1UqfTQnApB36pBREKv4aJUk.5QF"； ## SECRET-DATA } } session-options { client-group ftp-group； } } firewall-authentication { pass-through { default-profile ftp-users；ftp { banner { login "JUNOS Rocks!"； } } } }

• A、ftp-group
• B、ftp-users
• C、firewall-user
• D、nancy and walter

第18题：

Which three advanced permit actions within security policies are valid？（）

• A、Mark permitted traffic for firewall user authentication.
• B、Mark permitted traffic for SCREEN options.
• C、Associate permitted traffic with an IPsec tunnel.
• D、Associate permitted traffic with a NAT rule.
• E、Mark permitted traffic for IDP processing.

第19题：

Which statement accurately describes firewall user authentication？（）

• A、Firewall user authentication provides another layer of security in a network.
• B、Firewall user authentication provides a means for accessing a JUNOS Software-based security device.
• C、Firewall user authentication enables session-based forwarding.
• D、Firewall user authentication is used as a last resort security method in a network.

第20题：

第21题：

第22题：

第23题：

第24题：