单项选择题
Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessionswhen you change the policy action from permit to deny? ()
A. The new sessions matching the policy are denied. The existing sessions are dropped.
B. The new sessions matching the policy are denied. The existing sessions, not being allowed to carry any traffic, simply timeout.
C. The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.
D. The new sessions matching the policy are denied. The existing sessions continue until they are completed or their timeout is reached.
相关考题
-
多项选择题
In JUNOS software with enhanced services, which three packet elements are inspected to determineif a session already exists? ()(Choose three.)
A. IP protocol
B. IP time-to-live
C. source and destination IP address
D. source and destination MAC address
E. source and destination TCP/UDP port -
单项选择题
You want to create a policy allowing traffic from any host in the Trust zone to hostb.example.com(172.19.1.1) in theUntrust zone. How do you do create this policy? ()
A. Specify the IP address (172.19.1.1/32) as the destination address in the policy.
B. Specify the DNS entry (hostb.example.com.) as the destination address in the policy.
C. Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.
D. Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy. -
多项选择题
Click the Exhibit button. host_a is in subnet_a and host_b is in subnet_b. Given the configuration shown in the exhibit, which statement is true about traffic from host_a to host_b?()
A. DNS traffic is denied.
B. Telnet traffic is denied.
C. SMTP traffic is denied.
D. Ping traffic is permitted.
