Which two statements are true about IPsec traffic? (Choose two.)
A.
IPsec traffic can be forwarded when no IKE SA is present.
B.
IPsec traffic can be forwarded when no IPsec SA is present.
C.
For traffic that has to be encrypted, the security policy must be crafted based on the IP addresses in the inner IP header of the final ESP packet.
D.
For traffic that has to be encrypted, the security policy must be crafted based on the IP addresses in the outer IP header of the final ESP packet.
Anybody Knows why “B” is not correct?
Mostafa
the only purpose an IKE security association serves is to bring up the IPSEC security association. In other words, it is the IPSEC SA that is sending and receiving encrypted packets
tnx a milion “w3pgrrrrr”
The IPSec SA stays connected even if the underlying IKE SA is not available anymore.
I have the same idea. AC
Correct Answers: A, C
Which security or functional zone name has special significance to the Junos OS?
A. self
B. trust
C. untrust
D. junos-global
Correct Answer: D
Get Complete File From http://www.dumps4download.com/jn0-332-dumps.html