Which configuration statement would correctly accomplish this task?

A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a
zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator
does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST
zone.Which configuration statement would correctly accomplish this task?

A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a
zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator
does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST
zone.Which configuration statement would correctly accomplish this task?

A.
from-zone UNTRUST to-zone TRUST {
policy DenyServer {
match {
source-address any;
destination-address any;
application any;
}
then {
deny;
}
}
}
from-zone TRUST to-zone UNTRUST {
policy AllowTelnetin {
match {
source-address the10net;
destination-address Server;
application junos-telnet;
}
then {
permit;
}
}
}

B.
from-zone TRUST to-zone UNTRUST {
policy DenyServer {
match {
source-address Server;
destination-address any;
application any;
}
then {
deny;
}
}
}
from-zone UNTRUST to-zone TRUST {
policy AllowTelnetin {
match {
source-address the10net;
destination-address Server;
application junos-telnet;
}
then {
permit;
}
}
}

C.
from-zone UNTRUST to-zone TRUST {
policy AllowTelnetin {
match {
source-address the10net;
destination-address Server;
application junos-ftp;
}
then {
permit;
}
}
}

D.
from-zone TRUST to-zone UNTRUST {
policy DenyServer {
match {
source-address Server;
destination-address any;
application any;
}
then {
permit;
}
}
}
from-zone UNTRUST to-zone TRUST {
policy AllowTelnetin {
match {
source-address the10net;
destination-address Server;
application junos-telnet;
}
then {
permit;
}
}
}



Leave a Reply 0

Your email address will not be published. Required fields are marked *