The endpoints can use agentless access.
Encrypted traffic flows between the endpoint and the enforcer.
Encrypted traffic flows between the endpoint and the protected resource
The endpoints can use the Odyssey Access Client.
第1题:
A.The SRX Series device has been configured correctly, the Junos Pulse Access Control Service is reachable on the network, and the SRX Series device is waiting to receive the initial connection from the Junos Pulse Access Control Service.
B.The SRX Series device has confirmed that the Junos Pulse Access Control Service is configured and is reachable on the network, the SRX Series device is waiting to receive the connection from the Junos Pulse Access Control Service, and all that remains to be accomplished is to configure the SRX Series device.
C.The SRX Series device is configured correctly and connected to the Junos Pulse Access Control Service. All that remains to be done to complete the configuration is to configure the SRX Series device on the Junos Pulse Access Control Service.
D.Both the Junos Pulse Access Control Service and the SRX Series device are configured correctly and communicating with each other.
第2题:
You have an SRX Series Layer 2 enforcer providing 802.1X authentication for connected endpoints. Your security policy requires that users who fail their authentication be placed in a specific VLAN.On the Layer 2 enforcer, at the [edit protocols dot1x authenticator interface] hierarchy for each participating interface, what provides this functionality?()
A. guest-vlan
B. auth-fail-vlan
C. server-reject-vlan
D. server-fail-vlan
第3题:
A. express AV
B. full AV
C. desktop AV
D. ICAP
第4题:
Which statement is true regarding NAT?()
第5题:
A. Multiple Infranet Enforcer instances are created with a single serial number of an SRX Series device defined in each configuration.
B. A single Infranet Enforcer instance is created with both serial numbers of the clustered SRX Series devices defined in the configuration.
C. Multiple Infranet Enforcer instances are created with a single IP address of an SRX Series device defined in each configuration.
D. A single Infranet enforcer instance is created with the VIP of the clustered SRX Series device defined in the configuration.
第6题:
A. NAT is not supported on SRX Series devices.
B. NAT requires special hardware on SRX Series devices.
C. NAT is processed in the control plane.
D. NAT is processed in the data plane.
第7题:
You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.Which two elements must exist so the user can access the resource?()
A. Resource access policy on the MAG Series device
B. IPsec routing policy on the MAG Series device
C. General traffic policy blocking access through the firewall enforcer
D. Auth table entry on the firewall enforcer
第8题:
Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()
A. Source IP and browser
B. Source IP and certificate
C. Certificate and Host Checker
D. Host Checker and source IP
第9题:
What would you use to enforce security-policy compliance on all devices that seek to access the network?()
第10题:
You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service. What must you add to complete the security policy configuration?()