JN0-104 Exam - Question 84

"A" should be the correct one

Ref: User Access Privileges | Junos OS | Juniper Networks “User Access Privileges … Understanding the Allow and Deny Statement Precedence and Matching By default, the allow-commands and allow-configuration regular expressions take precedence over deny-commands and deny-configuration expresssions. Thus, if you configure the same command for both the allow-commands and deny-commands statements, then the allow operation takes precedence over the deny operation. ..,.” Answer: C

set system login class myclass allow-commands "show interfaces" set system login class myclass deny-commands "show interfaces" the command will be allowed

The correct statement is: A. If you allow and deny the same command, the command is denied. When configuring custom login class permissions in Junos OS, if you explicitly allow and deny the same command within the same login class, the deny action takes precedence. This means that the command will be denied for users belonging to that login class, even if it is explicitly allowed elsewhere in the configuration. The deny action overrides the allow action for the specific command.

C is answer

A is the correct answer. https://supportportal.juniper.net/s/article/Understanding-access-privileges-in-operational-and-configuration-mode?language=en_US

Answer C

C is correct: Understanding the Allow and Deny Statement Precedence and Matching By default, the allow-commands and allow-configuration regular expressions take precedence over deny-commands and deny-configuration expresssions. Thus, if you configure the same command for both the allow-commands and deny-commands statements, then the allow operation takes precedence over the deny operation.

C should be the correct answer.

This is pretty obvious. should be C