多选题You want to create a security policy on an SRX240 that redirects unauthenticated users back to the Junos Pulse Access Control Service.Which two steps must you take to accomplish this task?（）AConfigure a captive-portal service that redirects all traffic

第1题：

第2题：

You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy for use with the Junos Pulse Access Control Service. What must you add to complete the security policy configuration?（）

• A、The intranet-auth authentication option
• B、The redirect-portal application service
• C、The uac-policy application service
• D、The ipsec-vpn tunnel

第3题：

You are configuring an SRX210 as a firewall enforcer that will tunnel IPsec traffic from several Junos Pulse users.Which two parameters must you configure on the SRX210?（）

• A、access profile
• B、IKE parameters
• C、tunneled interface
• D、redirect policy

第4题：

Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?（）

• A、Source IP and browser
• B、Source IP and certificate
• C、Certificate and Host Checker
• D、Host Checker and source IP

第5题：

Which three types of policies must you configure to allow remote users transparent access to protected resources using IF-MAP Federation between a Junos Pulse Secure Access Service and a Junos Pulse Access Control Service?（）

• A、Session-Export policies on the Junos Pulse Secure Access Service
• B、Session-Export policies on the Junos Pulse Access Control Service
• C、Session-Import policies on the Junos Pulse Secure Access Service
• D、Session-Import policies on the Junos Pulse Access Control Service
• E、Resource access policies on the Junos Pulse Access Control Service

第6题：

You have three classes of users on your network: employee, contractor, and IT administrator. You configure the Junos Pulse Access Control Service to assign roles to each user class and require that a specific wireless SSID be preconfigured for the Odyssey Access Client based on the role. Which configuration method should you use to satisfy this scenario?（）

• A、Create a "Settings Update file" in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".
• B、Configure a wired adapter and assign the required SSID under "User Roles" > "Agent" > "Odyssey Settings".
• C、Create a script in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".
• D、Create a "Preconfiguration file" in the Odyssey Access Client Administrator and upload it to the Junos Pulse Access Control Service under "User Roles" > "Agent" > "Odyssey Settings" > "Preconfigured Installer".

第7题：

You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI). To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer?（）

• A、CLI
• B、WebUI
• C、NSM
• D、Junos Pulse Access Control Service

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

第14题：

On the Junos Pulse Access Control Service, you have created a role called Secret that you only want to provide to users who present a certificate.Using the admin GUI, which two features would you configure to satisfy this requirement?（）

• A、Sign-in Policy
• B、Role Mapping Rule
• C、Role Restrictions
• D、Trusted Server CA

第15题：

You notice that during peak hours, some firewall enforcers contain a high number of auth table entries. As you investigate the issue, you discover that all users are getting auth table mappings to all firewalls, which is not acceptable. What should you do on the Junos Pulse Access Control Service to resolve this problem?（）

• A、Delete the default auth table mapping policy
• B、Create auth table mapping policies that route users to specific resources
• C、Create Resource Access policies that permit access to specific resources
• D、Create Source Interface policies that route users to specific resources

第16题：

You want to create a security policy on an SRX240 that redirects unauthenticated users back to the Junos Pulse Access Control Service.Which two steps must you take to accomplish this task?（）

• A、Configure a captive-portal service that redirects all traffic back to the Junos Pulse Access Control Service.
• B、Configure a security policy that references the unified-access-control captive-portal service.
• C、Configure a captive-portal service that redirects unauthenticated traffic back to the Junos Pulse Access Control Service.
• D、Configure a security policy that references the unified-access-control intranet-controller service.

第17题：

You want to provide all users in your corporation with a single agent that provides access to multiple connection types conditionally. For example, you connect to the Junos Pulse Access Control Service if you are connected to the intranet, but you connect to the Junos Pulse Secure Access Service if you are on a remote network. Which agent should you use for this type of connection requirement?（）

• A、Junos Pulse should be configured with location awareness rules configured.
• B、Odyssey Access Client should be installed with Host Checker configured to check the client's location.
• C、Junos Pulse should be configured with all components installed.
• D、Agentless access should be enabled so that clients can connect to any service without concern for installing an agent.

第18题：

What are two use cases enabled by IF-MAP Federation?（）

• A、Users authenticated to one Junos Pulse Access Control Service can transparently access resources protected by another Junos Pulse Access Control Service.
• B、Users authenticated to a Junos Pulse Access Control Service can transparently access resources protected by a Junos Pulse Secure Access Service.
• C、Remote access users authenticated to a Junos Pulse Secure Access Service can transparently access resources protected by a Junos Pulse Access Control Service.
• D、Remote access users authenticated to one Junos Pulse Secure Access Service can transparently access resources protected by another Junos Pulse Secure Access Service.

第19题：

You have a Junos Pulse Secure Access Service acting as an IF-MAP client, configured to federate all user roles to a Junos Pulse Access Control Service acting as an IF-MAP Federation server. A remote user using Junos Pulse logs in to the Junos Pulse Secure Access Service; the Junos Pulse Secure Access Service provisions a remote access session for that user.What happens next?（）

• A、The Junos Pulse Secure Access Service redirects the user to the Junos Pulse Secure Access Service for authentication
• B、The Junos Pulse Access Control Service provisions enforcement points to enable resource access for that user.
• C、The Junos Pulse Secure Access Service publishes user session and role information to the IF- MAP Federation server,
• D、The Junos Pulse Secure Access Service provisions enforcement points to enable resource access for that user.

第20题：

第21题：

第22题：

第23题：

第24题：