单选题You have configured a UTM profile called Block-Spam, which has the appropriate antispam configuration to block undesired spam e-mails.Which configuration would protect an SMTP server in the dmz zone from spam originating in the untrust zone?（）A set sec

题目

单选题

You have configured a UTM profile called Block-Spam, which has the appropriate antispam configuration to block undesired spam e-mails.Which configuration would protect an SMTP server in the dmz zone from spam originating in the untrust zone?（）

set security policies from-zone dmz to-zone untrust policy anti-spam then permit application- services utm-policy Block-Spam

set security policies from-zone untrust to-zone dmz policy anti-spam then permit application- services utm-policy Block-Spam

set security policies from-zone untrust to-zone dmz policy anti-spam then permit application- services anti-spam-policy

set security policies from-zone untrust to-zone dmz policy anti-spam then permit application- services Block-Spam

如果没有搜索结果或未解决您的问题，请直接联系老师获取答案。

相似问题和答案

第1题：

Which three are necessary for antispam to function properly on a branch SRX Series device? ()(Choose three.)

A. an antispam license

B. DNS servers configured on the SRX Series device

C. SMTP services on SRX

D. a UTM profile with an antispam configuration in the appropriate security policy

E. antivirus (full or express)

参考答案：A, B, D

第2题：

Click the Exhibit button.Based on the exhibit, client PC 192.168.10.10 cannot ping 1.1.1.2.Which is a potential cause for this problem?()

A. The untrust zone does not have a management policy configured.

B. The trust zone does not have ping enabled as host-inbound-traffic service.

C. The security policy from the trust zone to the untrust zone does not permit ping.

D. No security policy exists for the ICMP reply packet from the untrust zone to the trust zone.

参考答案：C

第3题：

Click the Exhibit button.Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? （）(Choose two.)

A. DNS traffic is denied.

B. HTTP traffic is denied.

C. FTP traffic is permitted.

D. SMTP traffic is permitted.

参考答案：A, C

第4题：

Which three are necessary for antispam to function properly on a branch SRX Series device? （）(Choose three.)

A、an antispam license
B、DNS servers configured on the SRX Series device
C、SMTP services on SRX
D、a UTM profile with an antispam configuration in the appropriate security policy
E、antivirus (full or express)

正确答案:A,B,D

第5题：

A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone. Which configuration statement would correctly accomplish this task?（）

A、from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
B、from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }
C、from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }
D、from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

正确答案:B

第6题：

A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone.Which configuration statement would correctly accomplish this task?（）

A. from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

B. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

C. from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }

D. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

参考答案：B

第7题：

Assume the default-policy has not been configured.Given the configuration shown in the exhibit， which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true？（） [edit security policies from-zone HR to-zone trust] user@host# show policy one { match { source-address any； destination-address any； application [ junos-http junos-ftp ]； } then { permit； } } policy two { match { source-address host_a； destination-address host_b； application [ junos-http junos-smtp ]； } then { deny； } }

A、DNS traffic is denied.
B、HTTP traffic is denied.
C、FTP traffic is permitted.
D、SMTP traffic is permitted.

正确答案:A,C

第8题：

In the Junos OS, which statement is true?()

A. vlan.0 belongs to the untrust zone.

B. You must configure Web authentication to allow inbound traffic in the untrust zone.

C. The zone name "untrust" has no special meaning.

D. The untrust zone is not configurable.

参考答案：C

第9题：

In the Junos OS, which statement is true?（）

A、vlan.0 belongs to the untrust zone.
B、You must configure Web authentication to allow inbound traffic in the untrust zone.
C、The zone name "untrust" has no special meaning.
D、The untrust zone is not configurable.

正确答案:C

第10题：

Which three situations will trigger an e-mail to be flagged as spam if a branch SRX Series device has been properly configured with antispam inspection enabled for the appropriate security policy? （）(Choose three.)

A、The server sending the e-mail to the SRX Series device is a known open SMTP relay.
B、The server sending the e-mail to the SRX Series device is running unknown SMTP server software.
C、The server sending the e-mail to the SRX Series device is on an IP address range that is known to be dynamically assigned.
D、The e-mail that the server is sending to the SRX Series device has a virus in its attachment.
E、The server sending the e-mail to the SRX Series device is a known spammer IP address.

正确答案:A,C,E

单选题You have configured a UTM profile called Block-Spam, which has the appropriate antispam configuration to block undesired spam e-mails.Which configuration would protect an SMTP server in the dmz zone from spam originating in the untrust zone?（）A set sec

题目

相似问题和答案

更多相关问题

相关内容