[Free] 2018(Jan) EnsurePass Examcollection Juniper JN0-343 Dumps with VCE and PDF 201-210

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Juniper Official New Released JN0-343
100% Free Download! 100% Pass Guaranteed!

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Question No: 201 – (Topic 3)

Two VPN peers are negotiating IKE phase 1 using main mode. Which message pair in the negotiation contains the phase 1 proposal for the peers?

  1. message 1 and 2

  2. message 3 and 4

  3. message 5 and 6

  4. message 7 and 8

Answer: A

Question No: 202 – (Topic 3)

You are not able to telnet to the interface IP address of your device from a PC on the same subnet.

What is causing the problem?

  1. Telnet is not being permitted byself-policy.

  2. Telnet is not being permitted by security policy.

  3. Telnet is not allowed because it is not considered secure.

  4. Telnet is not enabled as a host-inbound service on the zone.

Answer: D

Question No: 203 – (Topic 3)

Which two statements are true regarding firewall user authentication? (Choose two.)

  1. Firewall user authentication is performed only for traffic that is accepted by a security policy.

  2. Firewall user authentication is performed only for traffic that is denied by a security policy.

  3. Firewall user authentication provides an additional method of controlling user access to the JUNOS security device itself.

  4. Firewall user authentication provides an additional method of controlling user access to remote networks.

Answer: A,D

Question No: 204 – (Topic 3)

You want to create an out-of-band management zone and assign the ge-0/0/0.0 interface to that zone.

From the [edit] hierarchy, which command do you use to configure this assignment?

  1. set security zones management interfaces ge-0/0/0.0

  2. set zones functional-zone management interfaces ge-0/0/0.0

  3. set security zones functional-zone management interfaces ge-0/0/0.0

  4. set security zones functional-zone out-of-band interfaces ge-0/0/0.0

Answer: C

Question No: 205 – (Topic 3)

You have been tasked with performing an update to the IDP attack database. Which three requirements are included as part of this task? (Choose three.)

  1. The IDP security package must be installed after it is downloaded.

  2. The device must be rebooted to complete the update.

  3. The device must be connected to a network.

  4. An IDP license must be installed on your device.

  5. You must be logged in as the root user.

Answer: A,C,D

Question No: 206 – (Topic 3)

When the first packet in a new flow is received, which high-end SRX component is responsible for setting up the flow?

  1. Routing Engine

  2. I/O card

  3. network processing card

  4. services processing card

Answer: D

Question No: 207 – (Topic 3)

What are three benefits of using chassis clustering? (Choose three.)

  1. Provides stateful session failover for sessions.

  2. Increases security capabilities for IPsec sessions.

  3. Provides active-passive control and data plane redundancy.

  4. Enables automated fast-reroute capabilities.

  5. Synchronizes configuration files and session state.

Answer: A,C,E

Question No: 208 – (Topic 3)

A route-based VPN is required for which scenario?

  1. when the remote VPN peer is behind a NAT device

  2. when multiple networks need to be reached across the tunnel and GRE cannot be used

  3. when the remote VPN peer is a dialup or remote access client

  4. when a dynamic routing protocol is required across the VPN and GRE cannot be used

Answer: D

Question No: 209 – (Topic 3)

Which Junos security feature helps protect against spam, viruses, trojans, and malware?

  1. session-based stateful firewall

  2. IPsec VPNs

  3. security policies

  4. Unified Threat Management

Answer: D Explanation:

The major features of Unified Threat Management (UTM);

A branch office network in today’s market significantly contributes to the bottom line and is central to an organization’s success. Branch offices normally include a relatively smaller number of computing resources when compared to central facilities or headquarters locations. Branch offices are typically located where customer interactions occur, which means there is increased demand for supporting applications and assuring application performance, an increased demand for security. General security vulnerabilities exist for every branch office network.These vulnerabilities include spam and phishing attacks, viruses, trojans and spyware infected files, unapproved website access, and unapproved content.

Question No: 210 – (Topic 3)

Which statement is true when express AV detects a virus in a TCP session?

  1. A TCP RST is sent and the session is restarted.

  2. The TCP connection is closed gracefully and the data content is dropped.

  3. TCP traffic is allowed and an SNMP trap is sent.

  4. AV scanning is restarted.

Answer: B

100% Ensurepass Free Download!
Download Free Demo:JN0-343 Demo PDF
100% Ensurepass Free Guaranteed!
JN0-343 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

This entry was posted in JN0-343 Latest Exam (Jan 2018) and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.