Which two statements are true about zones?

Which two statements are true about zones? (Choose two.)

Which two statements are true about zones? (Choose two.)

A.
Null zones accept all traffic to and from an interface.

B.
Security zones filter transit traffic and traffic destined for the device itself.

C.
Functional zones filter transit traffic and traffic destined for the device itself.

D.
Functional zones do not pass transit traffic and allow only management access to the device.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


rpgghost

rpgghost

http://www.juniper.net/techpubs/software/junos-security/junos-security95/junos-security-swconfig-security/id-29204.html

Functional Zone

A functional zone is used for special purposes, like management interfaces. Currently, only the management (MGT) zone is supported. Management zones have the following properties:

Management zones host management interfaces.
Traffic entering management zones does not match policies; therefore, traffic cannot transit out of any other interface if it was received in the management interface.
Management zones can only be used for dedicated management interfaces.

==============================

Security Zone

Security zones are the building blocks for policies; they are logical entities to which one or more interfaces are bound. Security zones provide a means of distinguishing groups of hosts (user systems and other hosts, such as servers) and their resources from one another in order to apply different security measures to them.

Security zones have the following properties:

Policies—Active security policies that enforce rules for the transit traffic, in terms of what traffic can pass through the firewall, and the actions that need to take place on the traffic as it passes through the firewall. For more information, see Security Policies Overview.