What is enabled when you configure an EX Series switch as a firewall enforcer?
A. filters for MAC authentication realms
B. logs of all user sessions
C. Layer 3 enforcement by user role
D. stateful firewalling of user traffic
正解:C
質問 2:
You have an SRX Series Layer 2 enforcer providing 802.1X authentication for connected endpoints. Your security policy requires that users who fail their authentication be placed in a specific VLAN.
On the Layer 2 enforcer, at the [edit protocols dot1x authenticator interface] hierarchy for each participating interface, what provides this functionality?
A. server-reject-vlan
B. server-fail-vlan
C. auth-fail-vlan
D. guest-vlan
正解:A
質問 3:
You have configured the Odyssey Access Client with a profile which has the "Disable Server Verification" setting cleared.
What will be the result if the device certificate on the MAG Series device has expired and the user attempts to authenticate?
A. The user will successfully authenticate and have full network access.
B. The user will fail authentication.
C. The user will be instructed to call the network administrator.
D. The user will be prompted to install a new device certificate on the MAG Series device.
正解:B
質問 4:
You are setting up Junos Pulse client access to your Junos Pulse Access Control Service. Due to security policy, you need to ensure clients can only connect to the service when they are connected to the corporate network.
Which configuration steps meet the requirement?
A. Configure Junos Pulse Location Awareness with DHCP server and endpoint protection options.
B. Configure Junos Pulse Location Awareness with DNS server and endpoint address options.
C. Configure Junos Pulse agentless access with DNS server and endpoint address options.
D. Configure Junos Pulse agentless access with DHCP server and endpoint protection options.
正解:B
質問 5:
Users have been randomly failing authentication and you are attempting to determine the cause.
Which three Junos Pulse Access Control Service statistics would indicate the cause? (Choose three.)
A. system uptime
B. critical log errors
C. maximum licensed users
D. system version
E. concurrent user count
正解:B,C,E
質問 6:
A user's Junos Pulse client uses 802.1X to access a wired network and is failing to authenticate. You run a packet capture from the user's PC and notice that immediately after the client machine sends an EAPoL-start packet, an EAP-failure packet is returned. You review the RADIUS troubleshooting logs on the MAG Series device and do not see any authentication attempts from the user. Other users on the same Ethernet switch are successfully authenticating.
Which device is sending the EAP-failure packet to the workstation?
A. The workstation's network adapter
B. The RADIUS server
C. The EAPoL server
D. The Ethernet switch
正解:D
質問 7:
Which three authentication server types are supported for retrieving user attributes used in role-mapping rules? (Choose three.)
A. TACACS+
B. SiteMinder
C. RADIUS
D. S/Key
E. LDAP
正解:B,C,E
森*花 -
JN0-314とても見やすく内容もわかりやすい
効率的にまとまっているJN0-314参考書だと思います。