Implement a RADIUS request attribute policy to assist with realm selection and create different role-mapping rules for the user in each realm.
Implement a directory/attribute server on the realm and set up this server to determine by group membership the proper role to which a user should be mapped.
Reorder the role-mapping rules to allow for the more open role to be mapped first and then enable the stop processing rules when this rule matches function on this role.
Implement a Host Checker policy on the realm that determines the geographic location of the device and restricts the user based on the results of the policy.
第1题:
You are an administrator of a large campus network. Every switch on a floor within each building of your campus has been configured for a different VLAN. During implementation of the Junos Pulse Access Control Service, you must configure a RADIUS return attribute policy to apply a role representing a group of authenticated users that frequently transport their laptops from building to building and floor to floor.In the admin GUI, which policy element would you enable to accommodate these users?()
A. Add Session-Timeout attribute with value equal to the session lifetime
B. Add Termination-Action attribute with value equal 1
C. VLAN
D. Open port
第2题:
End users want to map a network drive on their PCs when they are connected to the Junos Pulse Access Control Service. The mapped drive must be removed when users disconnect their session.Which feature addresses this requirement?()
A. agent session scripts
B. preconfiguration installer
C. Junos Pulse component set
D. agent actions
第3题:
You are the administrator of a Junos Pulse Access Control Service implementation. You must restrict authenticated users connected from the branch offices to a few specific resources within the data center. However, when the authenticated users are connected at the corporate office, they are allowed more access to the data center resources.You have created two roles with different levels of access and are trying to determine the best way of controlling when a user is mapped to a specific role. Having the user prompted to manually select their role is possible, but you want to automate the process.Which configuration solves this problem?()
A. Implement a RADIUS request attribute policy to assist with realm selection and create different role-mapping rules for the user in each realm.
B. Implement a directory/attribute server on the realm and set up this server to determine by group membership the proper role to which a user should be mapped.
C. Reorder the role-mapping rules to allow for the more open role to be mapped first and then enable the "stop processing rules when this rule matches" function on this role.
D. Implement a Host Checker policy on the realm that determines the geographic location of the device and restricts the user based on the results of the policy.
第4题:
You notice that during peak hours, some firewall enforcers contain a high number of auth table entries. As you investigate the issue, you discover that all users are getting auth table mappings to all firewalls, which is not acceptable. What should you do on the Junos Pulse Access Control Service to resolve this problem?()
第5题:
You are an administrator of a large campus network. Every switch on a floor within each building of your campus has been configured for a different VLAN. During implementation of the Junos Pulse Access Control Service, you must configure a RADIUS return attribute policy to apply a role representing a group of authenticated users that frequently transport their laptops from building to building and floor to floor. In the admin GUI, which policy element would you enable to accommodate these users?()
第6题:
A.The SRX Series device has been configured correctly, the Junos Pulse Access Control Service is reachable on the network, and the SRX Series device is waiting to receive the initial connection from the Junos Pulse Access Control Service.
B.The SRX Series device has confirmed that the Junos Pulse Access Control Service is configured and is reachable on the network, the SRX Series device is waiting to receive the connection from the Junos Pulse Access Control Service, and all that remains to be accomplished is to configure the SRX Series device.
C.The SRX Series device is configured correctly and connected to the Junos Pulse Access Control Service. All that remains to be done to complete the configuration is to configure the SRX Series device on the Junos Pulse Access Control Service.
D.Both the Junos Pulse Access Control Service and the SRX Series device are configured correctly and communicating with each other.
第7题:
Which three types of policies must you configure to allow remote users transparent access to protected resources using IF-MAP Federation between a Junos Pulse Secure Access Service and a Junos Pulse Access Control Service?()
A. Session-Export policies on the Junos Pulse Secure Access Service
B. Session-Export policies on the Junos Pulse Access Control Service
C. Session-Import policies on the Junos Pulse Secure Access Service
D. Session-Import policies on the Junos Pulse Access Control Service
E. Resource access policies on the Junos Pulse Access Control Service
第8题:
You notice that during peak hours, some firewall enforcers contain a high number of auth table entries. As you investigate the issue, you discover that all users are getting auth table mappings to all firewalls, which is not acceptable.What should you do on the Junos Pulse Access Control Service to resolve this problem?()
A. Delete the default auth table mapping policy
B. Create auth table mapping policies that route users to specific resources
C. Create Resource Access policies that permit access to specific resources
D. Create Source Interface policies that route users to specific resources
第9题:
Your IT director has decided to allow employees to use their laptops at home as well as in the office. You have deployed the Junos Pulse client to allow access to the offices 802.1X-enabled wired network. Your company also has the Junos Pulse Secure Access Service deployed. You want the Junos Pulse client to automatically launch the appropriate access method depending on each users location. Which three are supported to determine the users location?()
第10题:
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()