题目内容（请给出正确答案）

[单选题]

How many IDP policies can be active at one time on an SRX Series device by means of the set security idp active-policy configuration statemen？（）

A.1

B.2

C.4

D.8

查看答案

如搜索结果不匹配，请联系老师获取答案

您可能会需要：

重置密码查看订单联系客服

安装上学吧APP，拍照搜题省时又省心！

更多“How many IDP policies can be a…”相关的问题

第1题

Which two statements regarding firewall user authentication client groups are true?（） (Choose two.)

A. A client group is a list of clients associated with a group.

B. A client group is a list of groups associated with a client.

C. Client groups are referenced in security policy in the same manner in which individual clients are referenced.

D. Client groups are used to simplify configuration by enabling firewall user authentication without security policy.

点击查看答案

第2题

Basedontheconfigurationshownintheexhibit，whatwillhappentothetrafficmatchingthesecuritypoli

cy？（）[editschedulers]user@hostshowschedulernow{mondayall-day；tuesdayexclude；wednesday{start-time07：00：00stop-time18：00：00；}thursday{start-time07：00：00stop-time18：00：00；}}[editsecuritypoliciesfrom-zonePrivateto-zoneExternal]user@hostshowpolicyallowTransit{match{source-addressPrivateHosts；destination-addressExtServers；applicationExtApps；}then{permit{tunnel{ipsec-vpnmyTunnel；}}}scheduler-namenow；}

A.ThetrafficispermittedthroughthemyTunnelIPsectunnelonlyonTuesdays.

B.ThetrafficispermittedthroughthemyTunnelIPsectunneldaily，withtheexceptionofMondays.

C.ThetrafficispermittedthroughthemyTunnelIPsectunnelalldayonMondaysandWednesdays between7：00amand6：00pm，andThursdaysbetween7：00amand6：00pm.

D.ThetrafficispermittedthroughthemyTunnelIPsectunnelalldayonMondaysandWednesdays between6：01pmand6：59am，andThursdaysbetween6：01pmand6：59am

点击查看答案

第3题

Your task is to provision the Junos security platform to permit transit packets from the P

rivate zone to the External zone by using an IPsec VPN and log information at the time of session close.Which configuration meets this requirement?（）

A. [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts;destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } log { session-init; } } }

B. [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } count { session-close; } } }

C. [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN;} } log { session-close; } } }

D. [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; log; count session-close; } } } }

点击查看答案

第4题

A user wants to establish an FTP session to a server behind an SRX device but must authent

icate to a Web page on the SRX device for additional authentication.Which type of user authentication is configured?（）

A. pass-through

B. WebAuth

C. WebAuth with Web redirect

D. pass-through with Web redirect

点击查看答案

第5题

You administer a network with Windows-based endpoints that have custom software images. Yo

u want to use Host Checker to require that endpoints are running the custom software image.Which two Host Checker policy rules would be used to enforce this requirement?（）

A. Isolate a file name unique to the custom image and create a custom rule-type of "File" which matches on the file. Select the "Required" option under the custom rule.

B. Identify the MAC address unique to network cards installed in PCs with the custom image and create a custom rule-type of "MAC Address" which matches on the appropriate MAC address.

Select the "Required" option under the custom rule C. Identify the IP address unique to the network cards installed in PCs with the custom image and create a custom rule-type of "IP Address" which matches on the appropriate IP address. Select the "Required" option under the custom rule.

D. Isolate or create a unique Windows registry key for the custom image and create a custom rule- type of "Registry Setting" which matches on the name of the registry key.

点击查看答案

第6题

Intheexhibit，youdecidedtochangemyHostsaddresses.[editsecuritypolicies]user@hostshowfrom-zo

nePrivateto-zoneExternal{policyMyTraffic{match{source-addressmyHosts；destination-addressExtServers；application[junos-ftpjunos-bgp]；}then{permit{tunnel{ipsec-vpnvpnTunnel；}}}}}policy-rematch；Whatwillhappentothenewsessionsmatchingthepolicyandin-progresssessionsthathadalreadymatchedthepolicy？（）

A.Newsessionswillbeevaluated.In-progresssessionswillbere-evaluated.

B.Newsessionswillbeevaluated.Allin-progresssessionswillcontinue.

C.Newsessionswillbeevaluated.Allin-progresssessionswillbedropped.

D.Newsessionswillhaltuntilallin-progresssessionsarere-evaluated.In-progresssessionswillbere-evaluatedandpossiblydropped.

点击查看答案

第7题

What is the default session timeout for UDP sessions?（）

A. 30 seconds

B. 1 minute

C. 5 minutes

D. 30 minutes

点击查看答案

第8题

A new software engineer has been hired. As part of the normal hiring process, the user was

added to the Active Directory and placed into the Domain Users group and the SW_DEV group. The Domain Users group has access to the company‘s intranet website and time card system. The SW_DEV group has access to the source code library server. You have created roles that correspond to each Active Directory group. The user calls the help desk stating that they cannot access the source code library server.Which two troubleshooting tools would you use on the Junos Pulse Access Control Service to resolve the issue?（）

A. Perform a policy trace for the specific user and review the output to isolate the problem.

B. Review the Events log.

C. Review the Admin Access log to verify that the user has the correct permissions to access the SVVJDEV resource.

D. Review the User Access log to verify that the user is getting mapped to both the Domain User role and the SW_DEV role.

点击查看答案

第9题

Which two statements about the Diffie-Hellman (DH) key exchange process are correct? （）(Choose two.)

A. In the DH key exchange process, the session key is never passed across the network.

B. In the DH key exchange process, the public and private keys are mathematically related using the DH algorithm.

C. In the DH key exchange process, the session key is passed across the network to the peer for confirmation.

D. In the DH key exchange process, the public and private keys are not mathematically related, ensuring higher security

点击查看答案

第10题

You are an administrator of a large campus network. Every switch on a floor within each bu

ilding of your campus has been configured for a different VLAN. During implementation of the Junos Pulse Access Control Service, you must configure a RADIUS return attribute policy to apply a role representing a group of authenticated users that frequently transport their laptops from building to building and floor to floor.In the admin GUI, which policy element would you enable to accommodate these users?（）

A. Add Session-Timeout attribute with value equal to the session lifetime

B. Add Termination-Action attribute with value equal 1

C. VLAN

D. Open port

点击查看答案