Which firewall filter configuration do you use?

Referring to the exhibit, you want to block HTTP access to Web-Server from the subnet where
Mal-User is located. All other traffic should be permitted.
Which firewall filter configuration do you use?

Referring to the exhibit, you want to block HTTP access to Web-Server from the subnet where
Mal-User is located. All other traffic should be permitted.
Which firewall filter configuration do you use?

A.
[edit firewall family inet filter STOP-MAL-USER]
user@router# show
term one {
from {
source-address {
200.200.200.0/24;
}
destination-address {
100.100.100.10/32;
}
protocoltcp;
destination-port http;
}
then accept;
}
term two {
then {
reject;
}}

B.
[edit firewall family inet filter STOP-MAL-USER]
user@router# show
term one {
from {
source-address {
100.100.100.0/24;
}
destination-address {
200.200.200.1/32;
}
protocoltcp;
destination-port http;
}
then accept;
}
term two {
then {
reject;
}}

C.
[edit firewall family inet filter STOP-MAL-USER]
user@router# show
term one {
from {
source-address {
100.100.100.0/24;
}
destination-address {
200.200.200.1/32;
}
protocoltcp;
destination-port http;
}
then reject;
}
term two {
then {
accept;
}}

D.
[edit firewall family inet filter STOP-MAL-USER]
user@router# show
term one {
from {
source-address {
200.200.200.0/24;
}

destination-address {
100.100.100.10/32;
}
protocoltcp;
destination-port http;
}
then reject;
}
term two {
then {
accept;
}}



Leave a Reply 5

Your email address will not be published. Required fields are marked *


Anton

Anton

It must be “D”

Estean

Estean

agreed term in A are wrong 🙂

Guadalupe

Guadalupe

New JN0-102 Exam Questions and Answers Updated Recently (8/May/2017):

NEW QUESTION 359
Which two ping command parameters whould be used to troubleshoot MTU issues? (Choose two.)

A. ping do-not-fragment
B. ping rapid
C. ping verbose
D. ping size

Answer: AD

NEW QUESTION 360
Which command prompt indicates that you are in operational mode?

A. user @ router &
B. user @ router #
C. user @ router $
D. user @ router >

Answer: D

NEW QUESTION 361
Which keystroke combination allows users to move the cursor to the beginning of the command line without deleting text?

A. Ctrl + u
B. Ctrl + w
C. Ctrl + a
D. Ctrl + b

Answer: C

NEW QUESTION 362
What is the subnet mask for the 172.45.32.6/19 address?

A. 255.255.224.0
B. 255.255.240.0
C. 255.224.0.0
D. 255.240.0.0

Answer: A

NEW QUESTION 363
Click the Exhibit button. Referring to the exhibit, what happens when ping packets are sent to the management interface address of the local router?
user@router> show route protocol static
inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
99.0.0.0/17 *[Static/5] 00:00:11
————— > to 10.1.1.2 via ge-0/0/1.0
99.0.0.0/19 *[Static/5] 00:00:11
————— > to 10.1.2.2 via ge-0/0/2.0
99.0.0.0/24 *[Static/5] 00:00:11
————— > to 10.1.3.2 via ge-0/0/3.0
99.0.0.0/26 *[Static/5] 00:00:11
————— > to 10.1.4.2 via ge-0/0/4.0
Referring to the exhibit, which next-hop interface will be used to reach the 10.21.14.16 destination?

A. ge-0/0/1.0
B. ge-0/0/0.0
C. ge-0/0/3.0
D. ge-0/0/2.0

Answer: A

NEW QUESTION 364
What is the default firewall filter behavior when a term is matched but no terminating action is specified?

A. an implicit deny and the filter evaluation terminates
B. an implicit accept and the filter evaluation terminates
C. an implicit accept and the filter evaluation continues to the next term
D. an implicit deny and the filter evaluation continues to the next term

Answer: C

NEW QUESTION 365
What are three interface prefixes for a 40-gigabit interface? (Choose three.)

A. et
B. es
C. fte
D. xe
E. xle

Answer: ABE

NEW QUESTION 366
Which source of routing information is preferred by default?

A. static
B. RIP
C. direct
D. BGP

Answer: C

NEW QUESTION 367
For the interface ge-1/2/3.4, what does “ge” represent?

A. SONET/SDH
B. Gigabit Ethernet
C. Aggregated Ethernet
D. GRE

Answer: B

NEW QUESTION 368
Which word starts a command to display the operational status of a Junos device?

A. put
B. set
C. show
D. get

Answer: C

NEW QUESTION 369
……

P.S. These New JN0-102 Exam Questions Were Just Updated From The Real JN0-102 Exam, You Can Get The Newest JN0-102 Dumps In PDF And VCE From — http://www.passleader.com/jn0-102.html (408q VCE and PDF)

Good Luck!

Paulo Silva

Paulo Silva

Completed the JNCIA-Junos JN0-102 exam recently! Scored 90% (the passing line is 65%)!!

Though the JN0-102 test is Juniper’s entry-level certification, which is more difficult than the CISSP and CCNA exams. Hands-on Junos experience will help passing exam easily!!

65 multiple-choice questions in the actual test, most of them are NEW QUESTIONS, which are not available in those free JN0-102 dumps!

New questions FYI:
1. Which word starts a command to display the operational status of a Junos device?
2. For the interface ge-1/2/3.4, what does “ge” represent?
3. three interface prefixes for a 40-gigabit interface (et, es, xle).
4. command prompt indicates that you are in operational mode.
5. Exhibit — 10.21.14.16 destination — ge-0/0/1.0
…etc.

Questions on this site are sure not enough for passing, NEW QUESTIONS ARE NOT AVAILABLE!

Recommend you to learn the NEWEST & VALID PassLeader JN0-102 dumps here:

http://www.juniperbraindumps.com/?s=JN0-102

(IT IS THE NEWEST VERSION — 408 Q&As!!!)

Best Regards!!!