which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured?

At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? (Choose two.)

A.
[edit security idp]

B.
[edit security zones security-zone trust interfaces ge-0/0/0.0]

C.
[edit security zones security-zone trust]

D.
[edit security screen]

Show Hint

← Previous question

Next question →

Leave a Reply 4

Vijayabhaskar

we can use the command like this to allow host-inbound traffic to access teh SRX boxes..

set security zones security-zone ABC host-inbound-traffic system-services all
set security zones security-zone ABC interfaces ge-0/0/1.3 host-inbound-traffic
system-services telnet
set security zones security-zone ABC interfaces ge-0/0/1.3 host-inbound-traffic
system-services ftp
set security zones security-zone ABC interfaces ge-0/0/1.3 host-inbound-traffic
system-services snmp
set security zones security-zone ABC interfaces ge-0/0/1.0 host-inbound-traffic
system-services all
set security zones security-zone ABC interfaces ge-0/0/1.0 host-inbound-traffic
system-services ftp except
set security zones security-zone ABC interfaces ge-0/0/1.0 host-inbound-traffic
system-services http except

w3pgrrrrr

remember as well, interface config completely overrides generalized zone config! This is tested many times in JNCIS-SEC

rpgghost

http://www.juniper.net/techpubs/software/junos-security/junos-security10.0/junos-security-swconfig-security/id-19734.html

security zones
security-zone ABC {
host-inbound-traffic {
system-services {
telnet;
ftp;
}
}
interfaces {
ge-0/0/1.1;
ge-0/0/1.3 {
host-inbound-traffic {
system-services {
snmp;

}
}
}
}

mr_tienvu

Correct answer is BC