A. It proxies the authentication information between the supplicant and the authentication server.
B. It controls physical access to the network.
C. It communicates with the authentication server only.
D. It is responsible for verifying the identity of the supplicant through the use of an internal database.
第1题
A. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, it will
B. If the destination IP address in the outer IP header of ESP does not match the IP address of the ingress interface, it will
C. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based packet.
D. If the destination address of the outer IP header of the ESP packet matches the IP address of the ingress interface, based of inner header, it will decrypt the packet.
第2题
A. Select "Require and Enforce" for the Host Checker Policy in the realm authentication policy.
B. Select "Evaluate Policies" for the Host Checker policy in the realm authentication policy.
C. Configure the Host Checker policy as a role restriction for the Employee role.
D. Configure the Host Checker policy as a resource access policy for the Employee role.
第3题
A. antispam
B. antivirus
C. IPS
D. application firewalling
E. Web filtering
第4题
chconditionofthepolicyMyTraffic.[editsecuritypolicies]user@hostlshowfrom-zonePrivateto-zoneExternal{policyMyTraffic{match{source-addressmyHosts;destination-addressExtServers;application[junos-ftpjunos-bgp];}then{permit{tunnel{ipsec-vpnvpnTunnel;}}}}}policy-rematch;WhatwillhappentotheexistingFTPandBGPsessions?()
A.TheexistingFTPandBGPsessionswillcontinue.
B.TheexistingFTPandBGPsessionswillbere-evaluatedandonlyFTPsessionswillbedropped.
C.TheexistingFTPandBGPsessionswillbere-evaluatedandallsessionswillbedropped.
D.TheexistingFTPsessionswillcontinueandonlytheexistingBGPsessionswillbedropped.
第5题
A. Do-Not-Fragment flag is set.
B. Both SYN and FIN flags are set.
C. Both ACK and PSH flags are set.
D. FIN flag is set and ACK flag is not set.
第6题
r. You configure the Junos Pulse Access Control Service to assign roles to each user class and require that a specific wireless SSID be preconfigured for the Odyssey Access Client based on the role.Which configuration method should you use to satisfy this scenario?()
A. Create a "Settings Update file" in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".
B. Configure a wired adapter and assign the required SSID under "User Roles" > "Agent" > "Odyssey Settings".
C. Create a script in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".
D. Create a "Preconfiguration file" in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".
第7题
A. Configure a location group
B. Createan authentication protocol set
C. Configure the RADIUS AV pair list
D. Configure RADIUS clients
E. Configure role and role-mapping rules
第8题
A. redirect Web filtering
B. integrated Web filtering
C. categorized Web filtering
D. local Web filtering
第9题
A. When priority settings are equal and the members participating in a cluster are initialized at the same time, the primary assigned to node 0.
B. The preempt option determines the primary and secondary roles for redundancy group 0 during a failure and recovery
C. Redundancy group 0 manages the control plane failover between the nodes of a cluster.
D. The primary role can be shared for redundancy group 0 when the active-active option is enabled.
第10题
()[editsecuritypoliciesfrom-zoneHRto-zonetrust]user@hostshowpolicytwo{match{source-addresssubnet_a;destination-addresshost_b;application[junos-telnetjunos-ping];}then{reject;}}policyone{match{source-addresshost_a;destination-addresssubnet_b;applicationany;}then{permit;}}host_aisinsubnet_aandhost_bisinsubnet_b.
A.DNStrafficisdenied.
B.Telnettrafficisdenied.
C.SMTPtrafficisdenied.
D.Pingtrafficispermitted
为了保护您的账号安全,请在“上学吧”公众号进行验证,点击“官网服务”-“账号验证”后输入验证码“”完成验证,验证成功后方可继续查看答案!