单选题You are not able to telnet to the interface IP address of your device from a PC on the same subnet. What iscausing the problem？（）A Telnet is not being permitted by self policy.B Telnet is not being permitted by security policy.C Telnet is not allowed b

第1题：

第2题：

Which of the following is not a valid reason for a packet to be punted？（）

• A、The TCAM has reached capacity
• B、An unknown destination MAC address
• C、A packet being discarded due to a security violation
• D、A Telnet packet from a session being initiated with the switch
• E、Routing protocols sending broadcast traffic
• F、A packet belonging to a GRE tunnel

第3题：

You are not able to telnet to the interface IP of your JUNOS software with enhanced services devicefrom a PC on the same subnet. What is causing the problem? （）

• A、Telnet is not being permitted by self policy.
• B、Telnet is not being permitted by security policy.
• C、Telnet is not allowed because it is not considered secure.
• D、Telnet is not enabled as a host-inbound service on the zone.

第4题：

Multiple users are trying to telnet to the AIX server. They are able to ping the server successfully， but are getting the following error message：  telnet： connect： A remote host refused an attempted connect operation   Which of the following could be the cause of this problem？（）

• A、The routing table on the AIX server is incorrect.
• B、The IP address on the network adapter is incorrect.
• C、The portmap daemon is not running on the AIX server.
• D、The inetd daemon is not running on the AIX server.

第5题：

You are not able to telnet to the interface IP address of your device from a PC on the same subnet. What iscausing the problem？（）

• A、Telnet is not being permitted by self policy.
• B、Telnet is not being permitted by security policy.
• C、Telnet is not allowed because it is not considered secure.
• D、Telnet is not enabled as a host-inbound service on the zone

第6题：

You are the network administrator for Humongous Insurance. The network consists of a single Active Directory domain named humongous.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You configure several Group Policy objects （GPOs） to enforce the use of IPSec for certain types of communication between specified computers.   A server named Server2 runs the Telnet service. A GPO is supposed to ensure that all Telnet connections to Server2 are encrypted by using IPSec. However， when you monitor network traffic， you notice that Telnet connections are not being encrypted.You need to view all of the IPSec settings that are applied to Server2 by GPOs. Which tool should you use？（）

• A、the IP Security Policy Management console
• B、the IP Security Monitor console
• C、the Resultant Set of Policy console
• D、Microsoft Baseline Security Analyzer （MBSA）

第7题：

Multiple users are trying to telnet to the AIX server. They are able to ping the server successfully， but are  getting  the  following  error  message：  telnet：  connect：  A remote  host  refused  an  attempted  connect   operation Which of the following options could be the cause of this problem（）

• A、The routing table on the AIX server is incorrect.
• B、The IP address in the /etc/hosts file is incorrect，
• C、The portmap daemon is not running on the AIX server.
• D、The inetd daemon is not running on the AIX server.

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

第14题：

You are unable to telnet to a router at address 203.125.12.1 from a workstation with the IP address 203.125.12.23. You suspect that there is a problem with your protocol stack. Which of the following actions is most likely to confirm your diagnosis?（）

• A、ping 127.0.0.0
• B、ping 203.125.12.1
• C、telnet 127.0.0.1
• D、ping 127.0.0.1
• E、tracert 203.125.12.1

第15题：

You issue the command telnet interface ge-1/1/0 10.10.10.1 source 192.168.100.1 bypass-routing. Which statement is correct?（）

• A、The bypass-routing parameter is ignored when using private IP addressing.
• B、The telnet session will have the source IP address 10.10.10.1.
• C、The telnet session will connect to the neighboring device's interface ge-1/1/0.
• D、Return traffic for the telnet session might not arrive at interface ge-1/1/0.

第16题：

Which statement best describes configuring access control lists to control Telnet traffic destined to therouter itself？（）

• A、The ACL applied to the vty lines has no in or out option like ACL being applied to an interface.
• B、The ACL is applied to the Telnet port with the ip access-group command.
• C、The ACL must be applied to each vty line individually.
• D、The ACL should be applied to all vty lines in the in direction to prevent an unwanted user from connecting to an unsecured port.

第17题：

Given the configuration shown in the exhibit， which statement is true about traffic from host_ato host_b？（） [edit security policies from-zone HR to-zone trust] user@host# showpolicy two { match { source-address subnet_a； destination-address host_b； application [ junos-telnet junos-ping ]； } then { reject； } } policy one { match { source-address host_a； destination-address subnet_b； application any； } then { permit； } } host_a is in subnet_a and host_b is in subnet_b.

• A、DNS traffic is denied.
• B、Telnet traffic is denied.
• C、SMTP traffic is denied.
• D、Ping traffic is permitted

第18题：

Your company has a single Active Directory Domain Services （AD DS） domain and 1，000 client computers.   You are planning to deploy Windows 7 Enterprise to the client computers.   You need to design a custom image that will enable users to connect to a Telnet server.   What should you do？（）

• A、 Configure Windows Firewall to allow the Telnet program through Windows Firewall before capturing the image.
• B、 Change User Account Control settings before capturing the image.
• C、 Turn on the Telnet Server feature in the image.
• D、 Turn on the Telnet Client feature in the image.

第19题：

第20题：

第21题：

第22题：

第23题：

第24题：