Chapter Review Questions

  1. What is the difference between secure and router context?

    1. There is no real difference; both modes support firewall and routing

    2. In secure context, you get the stateful firewall; in router context, you get routing

    3. Secure context has a default deny-all policy whereas router context has an accept-all policy

    4. Both modes have a default deny-all policy, but in router context, all interfaces are in the same zone

  2. What is true regarding zones?

    1. You are limited to no more than five

    2. Each zone is restricted to a single interface

    3. Policy is needed to communicate between zones, unless in router context

    4. Policy is needed to communicate between zones

  3. What is the result of loading a JUNOS software configuration into a JUNOS software with enhanced services router?

    1. Nothing, they are compatible

    2. You lose all connectivity, including console

    3. You retain console access, but all network connectivity is lost

    4. None of the above; the different hardware platforms make this impossible

  4. What is the name of the services interface in JUNOS software with enhanced services?

    1. sp-0/0/0

    2. st-0/0/0

    3. es-0/0/0

    4. The zone-based nature means that a services interfaces is not required

  5. Looking back at Figure 11-6, does the following session entry, as taken from PBR, indicate that NAT has been performed?

    Session ID: 1285, Policy name: self-traffic-policy/1, Timeout: 1784
  In: 172.16.1.2/59024 --> 172.16.1.1/179;tcp, If: .local..0
  Out: 172.16.1.1/179 --> 172.16.1.2/59024;tcp, If: ge-0/0/1.0

    1. No, NAT is not being performed

    2. Yes, NAT is being ...

Get JUNOS Enterprise Routing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial