1.
Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing a security policy change?
2.
Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?
3.
Which statement describes the behavior of source NAT with address shifting?
4.
Which statement is true about interface-based source NAT?
5.
Interface ge-0/0/2.0 of your device is attached to the Internet and is configured with an IP address and network mask of 71.33.252.17/24. A webserver with IP address 10.20.20.1 is running an HTTP service on TCP port 8080. The webserver is attached to the ge-0/0/0.0 interface of your device. You must use NAT to make the webserver reachable from the Internet using port translation. Which type of NAT must you configure?
6.
Which statement is true about source NAT?
7.
Which statement is true regarding proxy ARP?
8.
Which configuration shows a pool-based source NAT without PAT'?
9.
Which statement is true about a NAT rule action of off?
10.
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP? (Choose three.)