多选题Which three advanced permit actions within security policies are valid?()AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic 

题目
多选题
Which three advanced permit actions within security policies are valid?()
A

Mark permitted traffic for firewall user authentication.

B

Mark permitted traffic for SCREEN options.

C

Associate permitted traffic with an IPsec tunnel.

D

Associate permitted traffic with a NAT rule.

E

Mark permitted traffic for IDP processing.

相似考题

1.Click the Exhibit button.Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? ()(Choose two.)A. DNS traffic is denied.B. HTTP traffic is denied.C. FTP traffic is permitted.D. SMTP traffic is permitted.

2.Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)A. Traffic is permitted from the trust zone to the untrust zone.B. Intrazone traffic in the trust zone is permitted.C. All traffic through the device is denied.D. The policy is matched only when no other matching policies are found.

3.Referring to the exhibit, you are asked to rate-limit traffic from Web-Server to the subnet where Mal-User is located. All other traffic should be permitted. Which firewall filter configuration do you use?()A.B.C.D.

4.Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.)A. MIME patternB. file extensionC. IP spoofingD. POP3E. protocol command

更多“多选题Which three advanced permit actions within security policies are valid?()AMark permitted traffic for firewall user authentication.BMark permitted traffic for SCREEN options.CAssociate permitted traffic with an IPsec tunnel.DAssociate permitted traffic ”相关问题

  • 第1题:

    Referring to the exhibit, you want to block HTTP access to Web-Server from the subnet where Mal-User is located. All other traffic should be permitted.Which firewall filter configuration do you use?()

    A.

    B.

    C.

    D.


    参考答案:D

  • 第2题:

    Click the Exhibit button.host_a is in subnet_a and host_b is in subnet_b.Given the configuration shown in the exhibit, which statement is true about traffic from host_a to host_b?()

    A. DNS traffic is denied.

    B. Telnet traffic is denied.

    C. SMTP traffic is denied.

    D. Ping traffic is permitted.


    参考答案:B, D

  • 第3题:

    Refer to the exhibit. Which statement is true? ()

    A. Only traffic with a destination from 10.10.0.0/19 will be permitted.

    B. Router RAR1 will accept only route 10.10.0.0/19 from its BGP neighbor.

    C. Only traffic going to 10.10.0.0/19 will be permitted.

    D. Router RAR1 will send only route 10.10.0.0/19 to its BGP neighbor.


    参考答案:B

  • 第4题:

    Based on the configuration shown in the exhibit, what will happen to the traffic matching thesecurity policy?() [edit schedulers] user@host# showscheduler now { monday all-day; tuesday exclude; wednesday { start-time 07:00:00 stop-time 18:00:00; } thursday { start-time 07:00:00 stop-time 18:00:00; } } [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn myTunnel; } } } scheduler-name now; }

    • A、The traffic is permitted through the myTunnel IPsec tunnel only on Tuesdays.
    • B、The traffic is permitted through the myTunnel IPsec tunnel daily, with the exception of Mondays.
    • C、The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.
    • D、The traffic is permitted through the myTunnel IPsec tunnel all day on Mondays and Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am

    正确答案:C

  • 第5题:

    Which command is needed to change this policy to a tunnel policy for a policy-based VPN?() [edit security policies from-zone trust to-zone untrust] user@host# show policy tunnel-traffic { match { source-address local-net; destination-address remote-net; application any; then { permit; } }

    • A、set policy tunnel-traffic then tunnel remote-vpn
    • B、set policy tunnel-traffic then permit tunnel remote-vpn
    • C、set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permit
    • D、set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn

    正确答案:D

  • 第6题:

    Which three advanced permit actions within security policies are valid?() (Choose three.)

    • A、Mark permitted traffic for firewall user authentication.
    • B、Mark permitted traffic for SCREEN options.
    • C、Associate permitted traffic with an IPsec tunnel.
    • D、Associate permitted traffic with a NAT rule.
    • E、Mark permitted traffic for IDP processing.

    正确答案:A,C,E

  • 第7题:

    A firewall filter is applied as an input filter on a transit interface. What three types of traffic will this affect? ()

    • A、inbound traffic transiting the router
    • B、outbound traffic transiting the router
    • C、traffic destined to the Routing Engine
    • D、traffic destined to the interface address on which the filter is applied

    正确答案:A,C,D

  • 第8题:

    Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.)

    • A、MIME pattern
    • B、file extension
    • C、IP spoofing
    • D、POP3
    • E、protocol command

    正确答案:A,B,E

  • 第9题:

    单选题
    Based on the configuration shown in the exhibit, what will happen to the traffic matching the security policy?()
    A

    The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.

    B

    The traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.

    C

    The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.

    D

    The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.


    正确答案: D
    解析: 暂无解析

  • 第10题:

    多选题
    Which three advanced permit actions within security policies are valid?()
    A

    Mark permitted traffic for firewall user authentication.

    B

    Mark permitted traffic for SCREEN options.

    C

    Associate permitted traffic with an IPsec tunnel.

    D

    Associate permitted traffic with a NAT rule.

    E

    Mark permitted traffic for IDP processing.


    正确答案: C,E
    解析: 暂无解析

  • 第11题:

    多选题
    On the serial interface of a router, an inbound access list is configured to deny all traffic from UDP and TCP ports 21, 23, and 25. All other traffic is permitted. Based on this information, which types of traffic will be allowed through this interface?()
    A

    SMTP

    B

    DNS

    C

    FTP

    D

    Telnet

    E

    HTTP

    F

    POP3


    正确答案: B,E,F
    解析: 暂无解析

  • 第12题:

    多选题
    Which three advanced permit actions within security policies are valid?() (Choose three.)
    A

    Mark permitted traffic for firewall user authentication.

    B

    Mark permitted traffic for SCREEN options.

    C

    Associate permitted traffic with an IPsec tunnel.

    D

    Associate permitted traffic with a NAT rule.

    E

    Mark permitted traffic for IDP processing.


    正确答案: B,D
    解析: 暂无解析

  • 第13题:

    Which three advanced permit actions within security policies are valid?() (Choose three.)

    A. Mark permitted traffic for firewall user authentication.

    B. Mark permitted traffic for SCREEN options.

    C. Associate permitted traffic with an IPsec tunnel.

    D. Associate permitted traffic with a NAT rule.

    E. Mark permitted traffic for IDP processing.


    参考答案:A, C, E

  • 第14题:

    Based on the configuration shown in the exhibit, what will happen to the traffic matching the securitypolicy?()

    A. The traffic is permitted through the myTunnel IPSec tunnel only on Tuesdays.

    B. The traffic is permitted through the myTunnel IPSec tunnel daily, with the exception of Mondays.

    C. The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 7:00 am and 6:00 pm, and Thursdays between 7:00 am and 6:00 pm.

    D. The traffic is permitted through the myTunnel IPSec tunnel all day on Mondays, Wednesdays between 6:01 pm and 6:59 am, and Thursdays between 6:01 pm and 6:59 am.


    参考答案:C

  • 第15题:

    On the serial interface of a router, an inbound access list is configured to deny all traffic from UDP and TCP ports 21, 23, and 25. All other traffic is permitted. Based on this information, which types of traffic will be allowed through this interface?()

    A.SMTP

    B.DNS

    C.FTP

    D.Telnet

    E.HTTP

    F.POP3


    参考答案:B, E, F

  • 第16题:

    Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true?() [edit security policies from-zone HR to-zone trust] user@host# show policy one { match { source-address any; destination-address any; application [ junos-http junos-ftp ]; } then { permit; } } policy two { match { source-address host_a; destination-address host_b; application [ junos-http junos-smtp ]; } then { deny; } }

    • A、DNS traffic is denied.
    • B、HTTP traffic is denied.
    • C、FTP traffic is permitted.
    • D、SMTP traffic is permitted.

    正确答案:A,C

  • 第17题:

    Which statement describes the Authentication Proxy feature?()

    • A、All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.
    • B、A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.
    • C、Prior to responding to a proxy ARP,the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.
    • D、The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.

    正确答案:B

  • 第18题:

    Which three advanced permit actions within security policies are valid?()

    • A、Mark permitted traffic for firewall user authentication.
    • B、Mark permitted traffic for SCREEN options.
    • C、Associate permitted traffic with an IPsec tunnel.
    • D、Associate permitted traffic with a NAT rule.
    • E、Mark permitted traffic for IDP processing.

    正确答案:A,C,E

  • 第19题:

    Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)

    • A、Traffic is permitted from the trust zone to the untrust zone.
    • B、Intrazone traffic in the trust zone is permitted.
    • C、All traffic through the device is denied.
    • D、The policy is matched only when no other matching policies are found.

    正确答案:C,D

  • 第20题:

    Given the configuration shown in the exhibit, which statement is true about traffic from host_ato host_b?() [edit security policies from-zone HR to-zone trust] user@host# showpolicy two { match { source-address subnet_a; destination-address host_b; application [ junos-telnet junos-ping ]; } then { reject; } } policy one { match { source-address host_a; destination-address subnet_b; application any; } then { permit; } } host_a is in subnet_a and host_b is in subnet_b.

    • A、DNS traffic is denied.
    • B、Telnet traffic is denied.
    • C、SMTP traffic is denied.
    • D、Ping traffic is permitted

    正确答案:B

  • 第21题:

    多选题
    Click the Exhibit button. host_a is in subnet_a and host_b is in subnet_b. Given the configuration shown in the exhibit, which statement is true about traffic from host_a to host_b?()
    A

    DNS traffic is denied.

    B

    Telnet traffic is denied.

    C

    SMTP traffic is denied.

    D

    Ping traffic is permitted.


    正确答案: B,D
    解析: 暂无解析

  • 第22题:

    多选题
    Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true?() [edit security policies from-zone HR to-zone trust] user@host# show policy one { match { source-address any; destination-address any; application [ junos-http junos-ftp ]; } then { permit; } } policy two { match { source-address host_a; destination-address host_b; application [ junos-http junos-smtp ]; } then { deny; } }
    A

    DNS traffic is denied.

    B

    HTTP traffic is denied.

    C

    FTP traffic is permitted.

    D

    SMTP traffic is permitted.


    正确答案: C,B
    解析: 暂无解析

  • 第23题:

    多选题
    Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content?()(Choose three.)
    A

    MIME pattern

    B

    file extension

    C

    IP spoofing

    D

    POP3

    E

    protocol command


    正确答案: A,D
    解析: 暂无解析

  • 第24题:

    多选题
    Which two statements are true regarding the system-default security policy [edit security policies default-policy]?()(Choose two.)
    A

    Traffic is permitted from the trust zone to the untrust zone.

    B

    Intrazone traffic in the trust zone is permitted.

    C

    All traffic through the device is denied.

    D

    The policy is matched only when no other matching policies are found.


    正确答案: C,A
    解析: 暂无解析

相关内容