单项选择题
Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone by using an IPsec VPN and log information at the time of session close.Which configuration meets this requirement?()
A. [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts;destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } log { session-init; } } }
B. [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; } } count { session-close; } } }
C. [edit security policies from-zone Private to-zone External] user@host# showpolicy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN;} } log { session-close; } } }
D. [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then { permit { tunnel { ipsec-vpn VPN; log; count session-close; } } } }
相关考题
-
多项选择题
Which two statements regarding firewall user authentication client groups are true?() (Choose two.)
A. A client group is a list of clients associated with a group.
B. A client group is a list of groups associated with a client.
C. Client groups are referenced in security policy in the same manner in which individual clients are referenced.
D. Client groups are used to simplify configuration by enabling firewall user authentication without security policy. -
单项选择题
How many IDP policies can be active at one time on an SRX Series device by means of the set security idp active-policy configuration statemen?()
A.1
B.2
C.4
D.8 -
多项选择题
Which three are necessary for antispam to function properly on a branch SRX Series device? ()(Choose three.)
A. an antispam license
B. DNS servers configured on the SRX Series device
C. SMTP services on SRX
D. a UTM profile with an antispam configuration in the appropriate security policy
E. antivirus (full or express)
