站内搜索
JN0-332 问题列表
问题
单选题Which command do you use to display the status of an antivirus database update?()A
show security utm anti-virus statusB
show security anti-virus database statusC
show security utm anti-virus databaseD
show security utm anti-virus update
问题
单选题When using UTM features in an HA cluster, which statement is true for installing the licenses on the cluster members?()A
One UTM cluster license will activate UTM features on both members.B
Each device will need a UTM license generated for its serial number.C
Each device will need a UTM license generated for the cluster, but licenses can be applied to either member.D
HA clustering automatically comes with UTM licensing, no additional actions are needed.
问题
单选题Which command do you use to manually remove antivirus patterns?()A
request security utm anti-virus juniper-express-engine pattern-deleteB
request security utm anti-virus juniper-express-engine pattern-reloadC
request security utm anti-virus juniper-express-engine pattern-removeD
delete security utm anti-virus juniper-express-engine antivirus-pattern
问题
单选题What is the default session timeout for TCP sessions?()A
1 minuteB
15 minutesC
30 minutesD
90 minutes
问题
单选题Under which Junos hierarchy level are security policies configured?()A
[edit security]B
[edit protocols]C
[edit firewall]D
[edit policy-options]
问题
多选题Which two statements are true about the relationship between static NAT and proxy ARP? ()(Choose two.)AIt is necessary to forward ARP requests to remote hosts.BIt is necessary when translated traffic belongs to the same subnet as the ingress interface.CIt is not automatic and you must configure it.DIt is enabled by default and you do not need to configure it.
问题
多选题Which two parameters are configured in IPsec policy? ()(Choose two.)AmodeBIKE gatewayCsecurity proposalDPerfect Forward Secrecy
问题
单选题A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone. Which configuration statement would correctly accomplish this task?()A
from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }B
from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }C
from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }D
from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
问题
多选题Which two parameters are configured in IPsec policy? ()(Choose two.)AmodeBIKE gatewayCsecurity proposalDPerfect Forward Secrecy
问题
多选题Which three methods of source NAT does the Junos OS support?() (Choose three.)Ainterface-based source NATBsource NAT with address shiftingCsource NAT using static source poolDinterface-based source NAT without PATEsource NAT with address shifting and PAT
问题
多选题Which three parameters are configured in the IKE policy? ()(Choose three.)AmodeBpreshared keyCexternal interfaceDsecurity proposalsEdead peer detection settings
问题
多选题Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH?() (Choose three.)Adata integrityBdata confidentialityCdata authenticationDouter IP header confidentialityEouter IP header authentication
问题
多选题Which two statements regarding symmetric key encryption are true?() (Choose two.)AThe same key is used for encryption and decryption.BIt is commonly used to create digital certificate signatures.CIt uses two keys: one for encryption and a different key for decryption.DAn attacker can decrypt data if the attacker captures the key used for encryption.
问题
单选题Which statement is true regarding NAT?()A
NAT is not supported on SRX Series devices.B
NAT requires special hardware on SRX Series devices.C
NAT is processed in the control plane.D
NAT is processed in the data plane.