A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initia

题目

A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone.Which configuration statement would correctly accomplish this task?()

A. from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

B. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

C. from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }

D. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

相似考题

1.在路由器上建立一个名为test的DHCP地址池,并为其分配IP地址202.112.7.0、24,子网地址中的202.112.7.2~202.112.7.10作为静态地址分配,正确的DHCP配置是A.Router(config)#ip dhcp pool test Router(config)#ip dhcp excluded-address 202.112.7.2-10 Router(dhcp-config)#network 202.112.7.0 255.255.255.0B.Router(config)#ip dhcp excluded-address 202.112.7.2-10 Router(config)#ip dhcp pool test Router(dhcp-config)#network 202.112.7.0/24C.Router(config)#ip dhcp excluded-address 202.112.7.2-10 Router(config)#ip dhcp pool test Router(dhcp-config)#network 202.112.7.0 0.0.0.255D.Router(config)#ip dhcp excluded-address 202.112.7.2-10 Router(config)#ip dhcp pool test Router(dhcp-config)#network 202.112.7.0 255.255.255.0

2.配置DHCP服务器IP地址池的地址为193.45.98.0/24。其中193.45.98.10至193.45.98.30用做静态地址分配,正确的配置语句是______。A.ip dhcp excluded-address 193.45.98.10,193.45.98.30 network193.45.98.0 255.255.255.0B.ip dhcp excluded-address 193.45.98.10,193.45.98.30 network 193.45.98.0/24C.ip dhcp excluded-address 193.45.98.10,193.45.98.30 network 193.45.98.0 0.0.0.255D.ip dhcp excluded-address 193.45.98.10,193.45.98.30 network 193.45.98.0 255.255.255.0

3.TheBGProutingtableconsistsofthefollowingnetworkroutes:Whatisthecorrectcommandtosummarizetheseprefixesintoasinglesummaryprefixof192.168.12.0/22whilealsoallowingfortheadvertisementofthemorespecificprefixes?()A.network192.168.12.0mask255.255.252.0B.network192.168.12.0mask0.0.3.255C.network192.168.12.0D.aggregate-address192.168.12.0255.255.252.0E.aggregate-address192.168.12.0255.255.252.0summary-onlyF.aggregate-address192.168.12.0255.255.252.0as-set

4.( 23 ) 配置 DHCP 服务器 IP 地址池的地址为 193.45.98.0/24 。 其中 193.45.98.10 至 193.45.98.30 用作静态地址分配,正确的配置语句是A ) ip dhcp excluded-address 193.45.98.10,193.45.98.30network 193.45.98.0 255.255.255.0B ) ip dhcp excluded-address 193.45.98.10,193.45.98.30network 193.45.98.0/24C ) ip dhcp excluded-address 193.45.98.10,193.45.98.30network 193.45.98.0 0.0.0.255D ) ip dhcp excluded-address 193.45.98.10 193.45.98.30network 193.45.98.0 255.255.255.0

更多“A network administrator wants to permit Telnet traffic initiated from the address book ent ”相关问题

  • 第1题:

    Followingticketconsistsofaproblemdescriptionandexistingconfigurationonthedevice.

    Figure1

    Figure2

    TroubleTicketStatement

    Client1isnotabletoreachtheWebServer.InitialtroubleshootingshowsthatDSW1canpingtheFa0/1interfaceofR4butnotthes0/0/0/0.34interface.

    ConfigurationonDSW1

    routereigrp10

    network10.1.4.40.0.0.0

    network10.2.1.10.0.0.0

    network10.2.4.130.0.0.0

    noauto-summary

    ConfigurationonDSW2

    routereigrp10

    network10.1.4.80.0.0.0

    network10.2.2.10.0.0.0

    network10.2.4.140.0.0.0

    noauto-summary

    ConfigurationonR4

    routereigrp10

    network10.1.4.50.0.0.0

    noauto-summary

    redistributeospf1metric1001025511500route-mapEIGRP_to_OSPF!

    routerospf1

    network10.1.1.80.0.0.0area34

    redistributeeigrp10subnets!

    route-mapEIGRP→OSPF

    matchipaddress1!

    access-list1permit10.0.0.00.255.255.255

    access-list1permit209.0.0.00.255.255.255

    Whatisthesolutionofthefaultcondition?()


    参考答案:B

  • 第2题:

    配置DHCP服务器IP地址池的地址为193.45.98.0/24,其中193.45.98.10至193.45.98.30用作静态地址分配,正确的配置语句是

    A.ip dhcp excluded-address 193.45.98.10,193.45.98.30 network 193.45.98.0 255.255.255.0

    B.ip dhcp excluded-address 193.45.98.10,193.45.98.30 network 193.45.98.0 /24

    C.ip dhcp excluded-address 193.45.98.10 193.45.98.30 network 193.45.98.0 0.0.0.255

    D.ip dhcp excluded-address 193.45.98.10 193.45.98.30 network 193.45.98.0 255.255.255.0


    正确答案:D
    P187

  • 第3题:

    使用哪组命令可将路由器配置为 DHCP 路由器,从而将 IPv4 地址分配给 192.168.100.0/23 LAN,同时为静态分配保留前 10 个和最后一个地址?

    A.dhcp pool LAN-POOL-100 ipdhcp excluded-address 192.168.100.1 192.168.100.9 ipdhcp excluded-address 192.168.100.254 network 192.168.100.0 255.255.254.0 default-router 192.168.101.1#B.ipdhcp excluded-address 192.168.100.1 192.168.100.10 ipdhcp excluded-address 192.168.100.254 ipdhcp pool LAN-POOL-100 network 192.168.100.0 255.255.254.0 default-router 192.168.100.1#C.ipdhcp excluded-address 192.168.100.1 192.168.100.10 ipdhcp exclu
    A. ip route-static

  • 第4题:

    配置DHCP服务器IP地址池的地址为193.45.98.0/24,其中193.45.98.10~193.45.98.30用做静态地址分配,正确的配置语句是______。

    A.ip dhcp excluded-address 193.45.98.10.193.45.98.30 network 193.45.98.0 255.255.255.0

    B.ip dhcp excluded-address 193.45.98.10.193.45.98.30 network 193.45.98.0/24

    C.ip dhcp excluded-address 193.45.98.10 193.45.98.30 network 193.45.98.0 0.0.0.255

    D.ip dhcp excluded-address 193.45.98.10 193.45.98.30 network 193.45.98.0 255.255.255.0


    正确答案:D
    解析:本试题中,地址块“193.45.98.0/24”的“/24”是子网掩码255.255.255.0的简化表达形式。在DHCP Pool配置模式下,使用命令networknetwork-number>[mask|/prefix-length]配置分配给DHCP客户的有效IP地址池的子网地址和子网掩码。其中,子网掩码参数允许以点分十进制数、掩码前缀长度两种形式表达。因此,DHCP服务器IP地址池的地址为193.45.98.0/24的配置语句,如下所示:
      Router (dhcp-config)# network l93.45.98.0 255.255.255.0
      或:
      Router (dhcp-eonfig)# network 193.45.98.0/24
      在全局配置模式“Router(config)#”下,使用命令ip dhcp excluded-address low-address [high-address]将所要保留的IP地址从预定义的IP地址池中排除,使之成为不能动态分配的IP地址。若将IP地址池中 193.45.98.10~193.45.98.30用做静态地址分配,则相关的配置语句如下:
      Router (confiq)#ip dhcp excluded-address 193.45.98.10 193.45.98.30
      本试题选项A、选项B、选项C的配置语句,分别存在不符合以上两条命令的语法格式。

  • 第5题:

    使用哪组命令可将路由器配置为 DHCP 路由器,从而将 IPv4 地址分配给 192.168.100.0/23 LAN,同时为静态分配保留前 10 个和最后一个地址?

    A.ip dhcp excluded-address 192.168.100.1 192.168.100.10 ip dhcp excluded-address 192.168.100.254 ip dhcp pool LAN-POOL-100 network 192.168.100.0 255.255.255.0 ip default-gateway 192.168.100.1#B.ip dhcp excluded-address 192.168.100.1 192.168.100.10 ip dhcp excluded-address 192.168.101.254 ip dhcp pool LAN-POOL-100 network 192.168.100.0 255.255.254.0 default-router 192.168.100.1#C.dhcp pool LAN-POOL-100 ip dhcp excluded-address 192.
    C

相关内容