单选题Click the Exhibit button. Based on the exhibit, client PC 192.168.10.10 cannot ping 1.1.1.2. Which is a potential cause for this problem?（）A The untrust zone does not have a management policy configured.B The trust zone does not have ping enabled as

A. Traffic is permitted from the trust zone to the untrust zone.

B. Intrazone traffic in the trust zone is permitted.

C. All traffic through the device is denied.

D. The policy is matched only when no other matching policies are found.

A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone.Which configuration statement would correctly accomplish this task?（）

A. from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

B. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

C. from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }

D. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

A. [edit] user@host# set applications application voicecube inactivity-timeout never

B. [edit] user@host# set applications application voicecube inactivity-timeout 2

C. [edit] user@host# set applications application voicecube destination-port 5060

D. [edit] user@host# set security policies from-zone trust to-zone trust policy intrazone then timeout never

Click the Exhibit button.In the exhibit, the Compression > Basic > Endpoints page shows an icon of a red "X" under the tunnel status "IN" column. The error message displays, "No Request Received".What does this indicate?（）

A. There are no devices at the remote site.

B. The remote side does not have QoS enabled.

C. The remote side is not configured for compression to this endpoint.

D. The remote side is not configured for decompression to this endpoint.

A. Telnet is not being permitted by self policy.

B. Telnet is not being permitted by security policy.

C. Telnet is not allowed because it is not considered secure.

D. Telnet is not enabled as a host-inbound service on the zone

A. The untrust zone does not have a management policy configured.

B. The trust zone does not have ping enabled as host-inbound-traffic service.

C. The security policy from the trust zone to the untrust zone does not permit ping.

D. No security policy exists for the ICMP reply packet from the untrust zone to the trust zone.

Click the Exhibit button.Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? （）(Choose two.)

A. DNS traffic is denied.

B. HTTP traffic is denied.

C. FTP traffic is permitted.

D. SMTP traffic is permitted.