Assume the default-policy has not been configured.Given

多项选择题

Assume the default-policy has not been configured.Given the configuration shown in the exhibit， which two statements about traffic from host_a inthe HR zone to host_b in the trust zone are true？（）
[edit security policies from-zone HR to-zone trust]
user@host# show
policy one {
match {
source-address any；
destination-address any；
application [ junos-http junos-ftp ]；
}
then {
permit；
}
}
policy two {
match {
source-address host_a；
destination-address host_b；
application [ junos-http junos-smtp ]；
}
then {
deny；
}
}

A.DNS traffic is denied.
B.HTTP traffic is denied.
C.FTP traffic is permitted.
D.SMTP traffic is permitted.

相关考题

单项选择题 Given the configuration shown in the exhibit， which statement is true about traffic from host_ato host_b？（） [edit security policies from-zone HR to-zone trust] user@host# showpolicy two { match { source-address subnet_a； destination-address host_b； application [ junos-telnet junos-ping ]； } then { reject； } } policy one { match { source-address host_a； destination-address subnet_b； application any； } then { permit； } } host_a is in subnet_a and host_b is in subnet_b.

单项选择题 In the configuration shown in the exhibit， you decided to eliminate the junos-ftp applicationfrom the match condition of the policy MyTraffic. [edit security policies] user@hostl# show from-zone Private to-zone External { policy MyTraffic { match { source-address myHosts； destination-address ExtServers； application [ junos-ftp junos-bgp ]； } then { permit { tunnel { ipsec-vpn vpnTunnel； } } } } } policy-rematch； What will happen to the existing FTP and BGP sessions？（）

单项选择题 Usingapolicywiththepolicy-rematchflagenabled，whathappenstotheexistingandnewsessionswhenyouchangethepolicyactionfrompermittodeny？（）

JN0-331