Which statement is true about interface-based static NAT?
A. It requires you to configure address entries in the junos-nat zone.
B. It also supports PAT.
C. The IP addresses being translated must be in the same subnet as the incoming interface.
D. It requires you to configure address entries in the junos-global zone.
正解:C
質問 2:
Which statement is true about interface-based static NAT?
A. It requires you to configure address entries in the junos-nat zone.
B. It also supports PAT.
C. The IP addresses being translated must be in the same subnet as the incoming interface.
D. It requires you to configure address entries in the junos-global zone.
正解:C
質問 3:
Which statement describes the behavior of source NAT using static source pool?
A. Source NAT with static source pool allows inbound connections to be initiated to the static source pool IP addresses.
B. Source NAT with static source pool defines a one-to-one mapping from an original source IP address to a translated source IP address.
C. Source NAT with static source pool translates both the source IP address and the source port of a packet.
D. Source NAT with static source pool can translate multiple source IP addresses to the same translated IP address.
正解:B
質問 4:
Click the Exhibit button.
The router creates a log message with the daemon facility and info level.
Given the configuration in the exhibit, which three statements are true? (Choose three.)
A. The message will be sent to the syslog server at 192.168.1.1.
B. The severity level will appear in the log message.
C. The message will be displayed on the CLI sessions of all users that are logged in.
D. The message will be stored in the local file special.
E. The message will be stored in the local file messages.
正解:A,B,D
質問 5:
Your task is to provision the router running JUNOS software with enhanced services to permit transit packets from the Private zone to the External zone by using an IPSec VPN and log information at the time of session close.
Which configuration meets this requirement?
A. [edit security policies from-zone Private to-zone External]
user@host# show
policy allowTransit {
match {
source-address PrivateHosts;
destination-address ExtServers;
application ExtApps;
}
then {
permit {
tunnel {
ipsec-vpn VPN;
}
count {
session-close;
}
B. [edit security policies from-zone Private to-zone External]
user@host# show
policy allowTransit {
match {
source-address PrivateHosts;
destination-address ExtServers;
application ExtApps;
}
then {
permit {
tunnel {
ipsec-vpn VPN;
log;
count session-close;
}
C. [edit security policies from-zone Private to-zone External]
user@host# show
policy allowTransit {
match {
source-address PrivateHosts;
destination-address ExtServers;
application ExtApps;
}
then {
permit {
tunnel {
ipsec-vpn VPN;
}
log {
session-init;
}
D. [edit security policies from-zone Private to-zone External]
user@host# show
policy allowTransit {
match {
source-address PrivateHosts;
destination-address ExtServers;
application ExtApps;
}
then {
permit {
tunnel {
ipsec-vpn VPN;
}
log {
session-close;
}
正解:D
Kuratani -
以前購入したよりもかなり安いです。これのおかげて二週間練習して本番試験受けて合格した。素晴らしい。