You notice that during peak hours, some firewall enforcers contain a high number of auth table entries. As you investigate the issue, you discover that all users are getting auth table mappings to all firewalls, which is not acceptable.
What should you do on the Junos Pulse Access Control Service to resolve this problem?()
A. Delete the default auth table mapping policy
B. Create auth table mapping policies that route users to specific resources
C. Create Resource Access policies that permit access to specific resources
D. Create Source Interface policies that route users to specific resources
您可能感兴趣的试卷
你可能感兴趣的试题
A. uac-policy
B. ic-policy
C. inyranet-auth
D. uac-auth
A. Configure an authentication policy as part of the user role definitions.
B. Configure a Sign-in Policy.
C. Configure authentication agents as part of the user role definitions
D. Configure an authentication policy as part of the authentication realm definition.
A. Take a "System Snapshot"
B. Configure "Licensing"
C. Review the "Events"
D. Set the date and time
E. Upgrade or downgrade the firmware
A. Use the "is exactly" or "contains" operators.
B. Create a user filter matching the dn of the certificate.
C. Verify that the certificate is issued by a publicly trusted cs.
D. Match the certificate type and value with an attribute from the ldap server.
A. Users authenticated to one Junos Pulse Access Control Service can transparently access resources protected by another Junos Pulse Access Control Service.
B. Users authenticated to a Junos Pulse Access Control Service can transparently access resources protected by a Junos Pulse Secure Access Service.
C. Remote access users authenticated to a Junos Pulse Secure Access Service can transparently access resources protected by a Junos Pulse Access Control Service.
D. Remote access users authenticated to one Junos Pulse Secure Access Service can transparently access resources protected by another Junos Pulse Secure Access Service.
A. The cluster VIP is defined on the MAG4610 cluster, and the VIP of the cluster is defined as an instance on the SRX Series device.
B. The cluster VIP is not defined on the MAG4610 cluster, and the IP address of both the active and passive nodes of the cluster are defined as separate instances on the SRX Series device.
C. The cluster VIP is defined on the MAG4610 cluster, and the IP address of the active node is defined as an instance on the SRX Series device.
D. The cluster VIP is not defined on the MAG4610 cluster, and the IP address of the passive node is defined as an instance on the SRX Series device.
A.Configure roles based on departments and assign access based on source IP address.
B.Configure roles based on the user's manager and assign access based on the user's MAC address
C.Configure roles based on group memberships and assign a specific VLAN to the role.
D.Configure roles based on RADIUS request attribute and assign a specific VLAN to the role.
A. State synchronization occurs only through the internal network interface card (NIC)
B. Latency of the WAN must be less than 300 ms.
C. Authenticating endpoints must be on the same LAN segment.
D. Cluster members must use the same hardware platfor
Your IT director has decided to allow employees to use their laptops at home as well as in the office. You have deployed the Junos Pulse client to allow access to the offices 802.1X-enabled wired network. Your company also has the Junos Pulse Secure Access Service deployed. You want the Junos Pulse client to automatically launch the appropriate access method depending on each users location.
Which three are supported to determine the users location?()
A. MAC address
B. DNS server
C. DHCP server
D. resolve address
E. endpoint address
A. Enable Custom Instructions
B. Pre-auth notification
C. Remediation message
D. Send reason strings
最新试题
A system administrator wants to configure 802.1X on an Ethernet switch to enable access to specific parts of the network based on group memberships.How can the administrator accomplish this goal?()
In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?()
You are deploying a Junos Pulse Access Control Service cluster in active/passive mode. How do you configure the IP address on the SRX Series devices?()
What are two use cases enabled by IF-MAP Federation?()
Which parameter do you use to enable Junos Pulse Access Control Service enforcement on a policy on a ScreenOS platform?()
You have created a Host Checker policy that contains multiple rules. You want to inform end users which rule specifically has failed.In the admin GUI, which configuration setting would you enable?()
You want to provide all users in your corporation with a single agent that provides access to multiple connection types conditionally. For example, you connect to the Junos Pulse Access Control Service if you are connected to the intranet, but you connect to the Junos Pulse Secure Access Service if you are on a remote network.Which agent should you use for this type of connection requirement?()
A new software engineer has been hired. As part of the normal hiring process, the user was added to the Active Directory and placed into the Domain Users group and the SW_DEV group. The Domain Users group has access to the company's intranet website and time card system. The SW_DEV group has access to the source code library server. You have created roles that correspond to each Active Directory group. The user calls the help desk stating that they cannot access the source code library server.Which two troubleshooting tools would you use on the Junos Pulse Access Control Service to resolve the issue?()
You administer a network with Windows-based endpoints that have custom software images. You want to use Host Checker to require that endpoints are running the custom software image.Which two Host Checker policy rules would be used to enforce this requirement?()
You are performing the initial setup of a new MAG Series device and have installed a valid CA- signed certificate on the MAG Series device. Connectivity to an existing SRX Series firewall enforcer cannot be obtained.What are two explanations for this behavior?()