Chapter Review Questions
What is the difference between secure and router context?
There is no real difference; both modes support firewall and routing
In secure context, you get the stateful firewall; in router context, you get routing
Secure context has a default deny-all policy whereas router context has an accept-all policy
Both modes have a default deny-all policy, but in router context, all interfaces are in the same zone
What is true regarding zones?
You are limited to no more than five
Each zone is restricted to a single interface
Policy is needed to communicate between zones, unless in router context
Policy is needed to communicate between zones
What is the result of loading a JUNOS software configuration into a JUNOS software with enhanced services router?
Nothing, they are compatible
You lose all connectivity, including console
You retain console access, but all network connectivity is lost
None of the above; the different hardware platforms make this impossible
What is the name of the services interface in JUNOS software with enhanced services?
sp-0/0/0
st-0/0/0
es-0/0/0
The zone-based nature means that a services interfaces is not required
Looking back at Figure 11-6, does the following session entry, as taken from
PBR
, indicate that NAT has been performed?Session ID: 1285, Policy name: self-traffic-policy/1, Timeout: 1784 In: 172.16.1.2/59024 --> 172.16.1.1/179;tcp, If: .local..0 Out: 172.16.1.1/179 --> 172.16.1.2/59024;tcp, If: ge-0/0/1.0
No, NAT is not being performed
Yes, NAT is being ...
Get JUNOS Enterprise Routing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.