[Free] 2017(Jan) Ensurepass Pass4sure Juniper JN0-633 Real Test 21-30

Ensurepass

Juniper Enterprise Content Management Sales Mastery Test v3

 

QUESTION 21

You are using logical systems to segregate customers. You have a requirement to enable communication between the logical systems. What are two ways to accomplish this goal? (Choose two.)

 

A.

Use a shared DMZ zone to connect the logical systems together.

B.

Use a virtual tunnel (vt-) interface to connect the logical systems together.

C.

Use an external cable to connect the ports from the two logical systems.

D.

Use an interconnect LSYS to connect the logical systems together.

 

Correct Answer: CD

Explanation:

http://www.juniper.net/techpubs/en_US/junos11.4/information-products/topic-collections/security/software-all/logical-systems-config/index.html?topic-53861.html

 

 

QUESTION 22

Your company provides managed services for two customers. Each customer has been segregated within its own routing instance on your SRX device. Customer A and customer B inform you that they need to be able to reach certain hosts on each other’s network. Which two configuration settings would be used to share routes between these routing instances? (Choose two.)

 

A.

routing-group

B.

instance-import

C.

import-rib

D.

next-table

 

Correct Answer: BD

Explanation:

http://aconaway.com/2013/03/02/junos-logical-tunnel-interfaces-with-virtual-routers/

 

 

QUESTION 23

Your company is providing multi-tenant security services on an SRX5800 cluster. You have been asked to create a new logical system (LSYS) for a customer. The customer must be able to access and manage new resources within their LSYS. How do you accomplish this goal?

 

A.

Create the new LSYS, allocate resources, and then create the user administrator role so that the customer can manage their allocated resources.

B.

Create the new LSYS, and then create the user administrator role so that the customer can allocate and manage resources.

C.

Create the new LSYS, and then create the master adminstrator role for the LSYS so that the customer can allocate and manage resources.

D.

Create the new LSYS, then request the required resources from the customer, and create the required resources.

 

Correct Answer: A

Explanation:

http://www.juniper.net/techpubs/en_US/junos12.1/topics/task/configuration/logical-system-security-user-lsys-overview-configuring.html

 

 

QUESTION 24

Your company has added a connection to a new ISP and you have been asked to send specific traffic to the new ISP. You have decided to implement filter-based forwarding. You have configured new routing instances with type forwarding. You must direct traffic into each instance.

Which step would accomplish this goal?

 

A.

Add a firewall filter to the ingress interface that specifies the intended routing instance as the action.

B.

Create a routing policy to direct the traffic to the required forwarding instances.

C.

Configure the ingress and egress interfaces in each forwarding instance.

D.

Create a static default route for each ISP in inet.0, each pointing to a different forwarding instance.

 

Correct Answer: A

Explanation:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB17223

 

 

QUESTION 25

You have implemented a tunnel in your network using DS-Lite. The tunnel is formed between one of the SRX devices in your network and a DS-Lite-compatible CPE device in your customer’s network. Which two statements are true about this scenario? (Choose two.)

 

A.

The SRX device will serve as the softwire initiator and the customer CPE device will serve as the softwire concentrator.

B.

The SRX device will serve as the softwire concentrator and the customer CPE device will serve as the softwire initiator.

C.

The infrastructure network supporting the tunnel will be based on IPv4.

D.

The infrastructure network supporting the tunnel will be based on IPv6.

 

Correct Answer: BD

Explanation:

http://www.juniper.net/techpubs/en_US/junos10.4/topics/concept/ipv6-ds-lite-overview.html

 

 

QUESTION 26

You are asked to merge the corporate network with the network from a recently acquired company. Both networks use the same private IPv4 address space (172.25.126.0/24). An SRX device serves as the gateway for each network. Which solution allows you to merge the two networks without adjusting the current address assignments?

 

A.

source NAT

B.

persistent NAT

C.

double NAT

D.

NAT444

 

Correct Answer: C

Explanation:

http://class10e.com/juniper/what-should-you-do-to-meet-the-requirements/

 

 

QUESTION 27

You want requests from the same internal transport address to be mapped to the same external transport address. Only internal hosts can initialize the session. Which Junos configuration setting supports the requirements?

 

A.

any-remote-host

B.

target-host

C.

source-host

D.

address-persistent

 

Correct Answer: D

Explanation:

http://www.juniper.net/techpubs/software/junos-security/junos-security96/junos-security-swconfig-security/understand-persistent-nat-section.html

 

 

QUESTION 28

Which statement is true regarding dual-stack lite?

 

A.

The softwire is an IPv4 tunnel over an IPv6 network.

B.

The softwire initiator (SI) encapsulates IPv6 packets in IPv4.

C.

The softwire concentrator (SC) decapsulates softwire packets.

D.

SRX devices support the softwire concentrator and softwire initiator functionality.

 

Correct Answer: C

Explanation:

http://www.juniper.net/techpubs/en_US/junos/topics/concept/ipv6-ds-lite-overview.html

 

 

QUESTION 29

Which two statements are true regarding DNS doctoring? (Choose two.)

 

A.

DNS doctoring translates the DNS CNAME payload.

B.

DNS doctoring for IPv4 is supported on SRX devices.

C.

DNS doctoring for IPv4 and IPv6 is supported on SRX devices.

D.

DNS doctoring translates the DNS A-record.

 

Correct Answer: BD

Explanation:

http://www.juniper.net/techpubs/en_US/junos11.4/information-products/topic-collections/security/software-all/security/index.html?topic-61847.html

 

 

QUESTION 30

In which situation is NAT proxy NDP required?

 

A.

when translated addresses belong to the same subnet as the ingress interface

B.

when filter-based forwarding and static NAT are used on the same interface

C.

when working with static NAT scenarios

D.

when the security device operates in transparent mode

 

Correct Answer: C

Explanation:

When IP addresses are in the same subnet of the ingress interface, NAT proxy ARP configured.

 

Reference:

http://www.juniper.net/techpubs/en_US/junos12.1×44/information-products/pathway-pages/security/security-nat.pdf

http://www.juniper.net/techpubs/en_US/junos-space12.2/topics/concept/junos-space-security-designer-whiteboard-nat-overview.html

 

Free VCE & PDF File for Juniper JN0-633 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-633 Real Tests (2017) and tagged , , , , , , , , , , , , , . Bookmark the permalink.