— Exhibit –-
security {
policies {
from-zone TRUST to-zone UNTRUST {
policy hosts-allow {
match {
source-address hosts;
destination-address any;
application any;
}
then {
permit;
}
scheduler-name block-hosts;
}
policy allow {
match {
source-address any;
destination-address any;
application junos-http;
}
then {
permit;
}
}
policy deny {
match {
source-address any;
destination-address any;
application any;
}
then {
deny;
}
}
}
}
}
schedulers {
scheduler block-hosts {
daily {
start-time 10:00:00 stop-time 18:00:00;
}
}
}
— Exhibit –-
Refer to the Exhibit.
Referring to the exhibit, you have configured a scheduler to allow hosts access to the Internet
during specific times. You notice that hosts are still accessing the Internet during times outside of
the scheduler’s parameters.
What is allowing hosts to access the Internet?
The policy allow is allowing hosts access during unscheduled hours.
A.
The policy hosts-allow should have a then statement of deny.
B.
The policy hosts-allow should have an application of junos-http.
C.
The policy deny should have the scheduler applied.