Chapter Review Questions
Why are VRs the preferred implementation choice when deploying next hop-style service sets? (Choose two.)
Added security benefits
More features can be implemented
Simplicity in configuration
Automatic rules
Which match direction should be specified when creating an IPSec tunnel?
De-encapsulation direction
Both directions
Encapsulation direction
No direction
True or False: A single proposal can be applied to an IPSec tunnel.
Which type of service set would allow for OSPF routing over an IPSec tunnel?
Next hop
Interface
Virtual router
Route set
After an IP packet is encapsulated by a GRE header, what is the incoming interface of the packet set to?
service interface
gre interface
outgoing interface
loopback interface
Which type of NAT would be used to hide all local PCsâ addresses as they connect to the Internet?
Destination
Half-Cone
Twice NAT
Source NAT
The following source NAT rule is applied to a next hop service set but doesnât seem to be working:
rule basic-source { match-direction output; term 1 { then { translated { source-pool ext-block; translation-type source dynamic; } } } } }
What is the possible issue?
Missing a
from
statementCanât use dynamic translation for source NAT
The match direction is incorrect
Missing the
accept
action
True or False: IPSec VPNs must have their own service set.
If packets need to be skipped in an interface-style service set, what should be configured?
A service rule allowing traffic to be skipped
A post-service filter allowing traffic to be ...
Get JUNOS Enterprise Routing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.