单选题What is the purpose of an address book?()A It holds security policies for particular hosts.B It holds statistics about traffic to and from particular hosts.C It defines hosts in a zone so they can be referenced by policies.D It maps hostnames to IP add

题目
单选题
What is the purpose of an address book?()
A

It holds security policies for particular hosts.

B

It holds statistics about traffic to and from particular hosts.

C

It defines hosts in a zone so they can be referenced by policies.

D

It maps hostnames to IP addresses to serve as a backup to DNS resolution.

相似考题

1.The network administrator has configured port security on a Ezonexam switch. Why would a network administrator configure port security on this Ezonexam device?A.To prevent unauthorized hosts from getting access to the LANB.To limit the number of Layer 2 broadcasts on a particular switch portC.To prevent unauthorized Telnet or SSH access to a switch portD.To prevent the IP and MAC address of the switch and associated portsE.None of the above

2.You want to create a policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in theUntrust zone. How do you do create this policy? ()A. Specify the IP address (172.19.1.1/32) as the destination address in the policy.B. Specify the DNS entry (hostb.example.com.) as the destination address in the policy.C. Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.D. Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

3.A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1?()A. Configure port Fa0/1 to accept connections only from the static IP address of the server.B. Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.C. Configure the MAC address of the server as a static entry associated with port Fa0/1.D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.E. Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.F. Configure an access list on the switch to deny server traffic from entering any port other than Fa0/1.

4.Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)A. Traffic is permitted from the trust zone to the untrust zone.B. Intrazone traffic in the trust zone is permitted.C. All traffic through the device is denied.D. The policy is matched only when no other matching policies are found.

更多“单选题What is the purpose of an address book?()A It holds security policies for particular hosts.B It holds statistics about traffic to and from particular hosts.C It defines hosts in a zone so they can be referenced by policies.D It maps hostnames to IP add”相关问题

  • 第1题:

    Why would a network administrator configure port security on a switch?()

    • A、to prevent unauthorized Telnet access to a switch port
    • B、to limit the number of Layer 2 broadcasts on a particular switch port
    • C、to prevent unauthorized hosts from accessing the LAN
    • D、to protect the IP and MAC address of the switch and associated ports
    • E、to block unauthorized access to the switch management interfaces over common TCP ports

    正确答案:C

  • 第2题:

    What is the purpose of an address book?()

    • A、It holds security policies for particular hosts.
    • B、It holds statistics about traffic to and from particular hosts.
    • C、It defines hosts in a zone so they can be referenced by policies.
    • D、It maps hostnames to IP addresses to serve as a backup to DNS resolution.

    正确答案:C

  • 第3题:

    Which configuration shows the correct application of a security policy scheduler?()

    • A、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } scheduler-name now; } } }
    • B、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }
    • C、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn scheduler-name now; } } } }
    • D、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; scheduler-name now; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }myTunnel;

    正确答案:B

  • 第4题:

    What is the purpose of a zone in JUNOS Software?()

    • A、A zone defines a group of security devices with a common management.
    • B、A zone defines the geographic region in which the security device is deployed.
    • C、A zone defines a group of network segments with similar security requirements.
    • D、A zone defines a group of network segments with similar class-of-service requirements.

    正确答案:C

  • 第5题:

    Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)

    • A、Traffic is permitted from the trust zone to the untrust zone.
    • B、Intrazone traffic in the trust zone is permitted.
    • C、All traffic through the device is denied.
    • D、The policy is matched only when no other matching policies are found.

    正确答案:C,D

  • 第6题:

    单选题
    What is the purpose of assigning an IP address to a switch?()
    A

    Provides local hosts with a default gateway address

    B

    Allows remote management of the switch.

    C

    Allows the switch to respond to ARP requests between two hosts

    D

    Ensures that hosts on the same LAN can communicate with each other.


    正确答案: C
    解析: 暂无解析

  • 第7题:

    单选题
    In a DNS environment, the zone file that maps hostnames to IP address (sometimes called the named.hosts file), is created on which of the following servers?()
    A

    Cache

    B

    Primary

    C

    Secondary

    D

    Primary and secondary


    正确答案: B
    解析: 暂无解析

  • 第8题:

    单选题
    You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com (172.19.1.1) in the Untrust zone. How do you create this policy?()
    A

    Specify the IP address (172.19.1.1/32) as the destination address in the policy.

    B

    Specify the DNS entry (hostb.example.com) as the destination address in the policy.

    C

    Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

    D

    Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.


    正确答案: D
    解析: 暂无解析

  • 第9题:

    单选题
    A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in azone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUSTzone to the UNTRUST zone. Which configuration would correctly accomplish this task?()
    A

    A

    B

    B

    C

    C

    D

    D


    正确答案: B
    解析: 暂无解析

  • 第10题:

    单选题
    You want to create a policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in theUntrust zone. How do you do create this policy? ()
    A

    Specify the IP address (172.19.1.1/32) as the destination address in the policy.

    B

    Specify the DNS entry (hostb.example.com.) as the destination address in the policy.

    C

    Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

    D

    Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.


    正确答案: D
    解析: 暂无解析

  • 第11题:

    单选题
    Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone by using an IPsec VPN and log information at the time of session close.Which configuration meets this requirement?()
    A

    [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts;destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } log { session-init; } } }

    B

    [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } count { session-close; } } }

    C

    [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN;} } log { session-close; } } }

    D

    [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; log; count session-close; } } } }


    正确答案: A
    解析: 暂无解析

  • 第12题:

    单选题
    What is the purpose of a zone in JUNOS Software?()
    A

    A zone defines a group of security devices with a common management.

    B

    A zone defines the geographic region in which the security device is deployed.

    C

    A zone defines a group of network segments with similar security requirements.

    D

    A zone defines a group of network segments with similar class-of-service requirements.


    正确答案: B
    解析: 暂无解析

  • 第13题:

    Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true?() [edit security policies from-zone HR to-zone trust] user@host# show policy one { match { source-address any; destination-address any; application [ junos-http junos-ftp ]; } then { permit; } } policy two { match { source-address host_a; destination-address host_b; application [ junos-http junos-smtp ]; } then { deny; } }

    • A、DNS traffic is denied.
    • B、HTTP traffic is denied.
    • C、FTP traffic is permitted.
    • D、SMTP traffic is permitted.

    正确答案:A,C

  • 第14题:

    In a DNS environment, the zone file that maps hostnames to IP address (sometimes called the named.hosts file), is created on which of the following servers?()

    • A、Cache
    • B、Primary
    • C、Secondary
    • D、Primary and secondary

    正确答案:B

  • 第15题:

    Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone by using an IPsec VPN and log information at the time of session close.Which configuration meets this requirement?()

    • A、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts;destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } log { session-init; } } }
    • B、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } count { session-close; } } }
    • C、[edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN;} } log { session-close; } } }
    • D、[edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; log; count session-close; } } } }

    正确答案:C

  • 第16题:

    You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in the Untrust zone. How do you create this policy?()

    • A、Specify the IP address (172.19.1.1/32) as the destination address in the policy.
    • B、Specify the DNS entry (hostb.example.com.) as the destination address in the policy.
    • C、Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.
    • D、Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy

    正确答案:D

  • 第17题:

    Given the configuration shown in the exhibit, which statement is true about traffic from host_ato host_b?() [edit security policies from-zone HR to-zone trust] user@host# showpolicy two { match { source-address subnet_a; destination-address host_b; application [ junos-telnet junos-ping ]; } then { reject; } } policy one { match { source-address host_a; destination-address subnet_b; application any; } then { permit; } } host_a is in subnet_a and host_b is in subnet_b.

    • A、DNS traffic is denied.
    • B、Telnet traffic is denied.
    • C、SMTP traffic is denied.
    • D、Ping traffic is permitted

    正确答案:B

  • 第18题:

    单选题
    Given the configuration shown in the exhibit, which statement is true about traffic from host_ato host_b?() [edit security policies from-zone HR to-zone trust] user@host# showpolicy two { match { source-address subnet_a; destination-address host_b; application [ junos-telnet junos-ping ]; } then { reject; } } policy one { match { source-address host_a; destination-address subnet_b; application any; } then { permit; } } host_a is in subnet_a and host_b is in subnet_b.
    A

    DNS traffic is denied.

    B

    Telnet traffic is denied.

    C

    SMTP traffic is denied.

    D

    Ping traffic is permitted


    正确答案: C
    解析: 暂无解析

  • 第19题:

    单选题
    Which configuration shows the correct application of a security policy scheduler?()
    A

    [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } scheduler-name now; } } }

    B

    [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }

    C

    [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn scheduler-name now; } } } }

    D

    [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; scheduler-name now; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }myTunnel;


    正确答案: C
    解析: 暂无解析

  • 第20题:

    单选题
    Why would a network administrator configure port security on a switch?()
    A

    to prevent unauthorized Telnet access to a switch port

    B

    to limit the number of Layer 2 broadcasts on a particular switch port

    C

    to prevent unauthorized hosts from accessing the LAN

    D

    to protect the IP and MAC address of the switch and associated ports

    E

    to block unauthorized access to the switch management interfaces over common TCP ports


    正确答案: D
    解析: 暂无解析

  • 第21题:

    单选题
    What is the IPv6 address FF02::2 used for?()
    A

    all routers in a local segment

    B

    all routers in an autonomous system

    C

    all hosts in a local segment

    D

    all hosts in a particular multicast group


    正确答案: C
    解析: 暂无解析

  • 第22题:

    多选题
    A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1?()
    A

    Configure port Fa0/1 to accept connections only from the static IP address of the server.

    B

    Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.

    C

    Configure the MAC address of the server as a static entry associated with port Fa0/1.

    D

    Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.

    E

    Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.

    F

    Configure an access list on the switch to deny server traffic from entering any port other than Fa0/1.


    正确答案: A,C
    解析: 暂无解析

  • 第23题:

    多选题
    Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)
    A

    Traffic is permitted from the trust zone to the untrust zone.

    B

    Intrazone traffic in the trust zone is permitted.

    C

    All traffic through the device is denied.

    D

    The policy is matched only when no other matching policies are found.


    正确答案: C,A
    解析: 暂无解析

相关内容