单项选择题
Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?()
A. The new sessions matching the policy are denied. The existing sessions are dropped.
B. The new sessions matching the policy are denied. The existingsessions, not being allowed tocarry any traffic, simply timeout.
C. The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.
D. The new sessions matching the policy are denied. The existing sessions continue until they are completed or their time.
相关考题
-
单项选择题
Which statement is true when express AV detects a virus in TCP session?()
A. TCP RST is sent and a session is restarted.
B. TCP connection is closed gracefully and the data content is dropped.
C. TCP traffic is allowed and an SNMP trap is sent.
D. AV scanning is restarted. -
单项选择题
Which CLI command provides a summary of what the content-filtering engine has blocked?()
A. show security utm content-filtering statistics
B. show security flow session
C. show security flow statistics
D. show security utm content-filtering summary -
多项选择题
Which two statements are true for a security policy? ()(Choose two.)
A. It controls inter-zone traffic.
B. It controls intra-zone traffic.
C. It is named with a system-defined name.
D. It controls traffic destined to the device's ingress interface.
