Which zone is a system-defined zone?()
第1题:
A. vlan.0 belongs to the untrust zone.
B. You must configure Web authentication to allow inbound traffic in the untrust zone.
C. The zone name "untrust" has no special meaning.
D. The untrust zone is not configurable.
第2题:
A.security
B.functional
C.junos-global
D.management
第3题:
若要建立正向区域和反向区域,应在下列哪个文件中编辑()。
A.named.conf
B.named.rfc1912.zone
C.local.zone
D.named.zone
第4题:
Which type of zone is used by traffic transiting the device?()
第5题:
A. The untrust zone does not have a management policy configured.
B. The trust zone does not have ping enabled as host-inbound-traffic service.
C. The security policy from the trust zone to the untrust zone does not permit ping.
D. No security policy exists for the ICMP reply packet from the untrust zone to the trust zone.
第6题:
A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone.Which configuration statement would correctly accomplish this task?()
A. from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
B. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
C. from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }
D. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
第7题:
A. from a zone to the router itself
B. from a zone to the same zone
C. from a zone to a different zone
D. from one interface to another interface
第8题:
A. Traffic is permitted from the trust zone to the untrust zone.
B. Intrazone traffic in the trust zone is permitted.
C. All traffic through the device is denied.
D. The policy is matched only when no other matching policies are found.
第9题:
If the radio signal ground wave extends out for less distance than the minimum skywave distance,there is an area in which no signal is received.This is called the ______.
A.Skip zone
B.Blackout zone
C.Diffraction zone
D.Shadow zone
第10题:
A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone. Which configuration statement would correctly accomplish this task?()