A.denyB.discardC.rejectD.closeWhichtwosecuritypolicyact……

多项选择题Whichthreeadvancedpermitactionswithinsecuritypoliciesarevalid？（）

A.Mark permitted traffic for firewall user authentication.
B.Mark permitted traffic for SCREEN options.
C.Associate permitted traffic with an IPsec tunnel.
D.Associate permitted traffic with a NAT rule.
E.Mark permitted traffic for IDP processing.

单项选择题A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in azone called UNTRUST to the address book entry Server in a zone called TRUST.However， the administrator does not want the server to be able to initiate any type of traffic from the TRUSTzone to the UNTRUST zone. Which configuration would correctly accomplish this task？（）

A.A
B.B
C.C
D.D

单项选择题Whichstatementdescribesthebehaviorofasecuritypolicy？（）

A.The implicit default security policy permits all traffic.
B.Traffic destined to the device itself always requires a security policy.
C.Traffic destined to the device’s incoming interface does not require a security policy.
D.The factory-default configuration permits all traffic from all interfaces.

多项选择题Whichtwostatementsdescribethepurposeofasecuritypolicy？（）

A.It enables traffic counting and logging.
B.It enforces a set of rules for transit traffic.
C.It controls host inbound services on a zone.
D.It controls administrator rights to access the device.

单项选择题WhichparametersarevalidSCREENoptionsforcombatingoperatingsystemprobes？（）

A.syn-fin， syn-flood， and tcp-no-frag
B.syn-fin， port-scan， and tcp-no-flag
C.syn-fin， fin-no-ack， and tcp-no-frag
D.syn-fin， syn-ack-ack-proxy， and tcp-no-frag