[Free] 2018(Jan) EnsurePass Examcollection Juniper JN0-370 Dumps with VCE and PDF 121-130

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Juniper Official New Released JN0-370
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JN0-370.html

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Question No: 121 – (Topic 2)

Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing a security policy change?

  1. policy-rematch

  2. policy-evaluate

  3. rematch-policy

  4. evaluate-policy

Answer: A

Question No: 122 – (Topic 2)

Host A opens a Telnet connection to Host B. Host A then opens another Telnet connection to Host B. These connections are the only communication between Host A and Host B. The security policy configuration permits both connections. How many sessions existbetween Host A and Host B?

  1. 1

  2. 2

  3. 3

  4. 4

Answer: B

Question No: 123 – (Topic 2)

Which security or functional zone name has special significance to the Junos OS?

  1. self

  2. trust

  3. untrust

  4. junos-global

Answer: D

Question No: 124 – (Topic 2)

Which three represent IDP policy match conditions? (Choose three.)

  1. protocol

  2. source-address

  3. port

  4. application

  5. attacks

Answer: B,D,E

Question No: 125 – (Topic 2)

Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone and send them through the IPsec VPN. You must also have the device generate a log message when the session ends.

Which configuration meets this requirement?

  1. [edit security policies from-zone Private to-zone External] user@host# show

    policy allowTransit { match {

    source-address PrivateHosts; destination-address ExtServers; application ExtApps;

    }

    then { permit { tunnel {

    ipsec-vpn VPN;

    }

    }

    log { session-init;

    }

    }

    }

  2. [edit security policies from-zone Private to-zone External] user@host# show

    policy allowTransit { match {

    source-address PrivateHosts; destination-address ExtServers; application ExtApps;

    }

    then { permit { tunnel {

    ipsec-vpn VPN;

    }

    }

    count { session-close;

    }

    }

    }

  3. [edit security policies from-zone Private to-zone External] user@host# show

    policy allowTransit { match {

    source-address PrivateHosts; destination-address ExtServers; application ExtApps;

    }

    then { permit { tunnel {

    ipsec-vpn VPN;

    }

    }

    log {

    session-close;

    }

    }

    }

  4. [edit security policies from-zone Private to-zone External] user@host# show

policy allowTransit { match {

source-address PrivateHosts; destination-address ExtServers; application ExtApps;

}

then { permit { tunnel {

ipsec-vpn VPN; log;

count session-close;

}

}

}

}

Answer: C

Question No: 126 – (Topic 2)

Click the Exhibit button.

Ensurepass 2018 PDF and VCE

You are the responder for an IPsec tunnel and you see the error messages shown in the exhibit. What is the problem?

  1. One or more of the phase 1 proposals such as authentication algorithm, encryption algorithm, or pre-shared key does not match.

  2. There is no route for 2.2.2.2.

  3. There is no IKE definition in the configuration for peer 2.2.2.2.

  4. system services ike is not enabled on the interface with IP 1.1.1.2.

Answer: C

Question No: 127 – (Topic 2)

Which two statements are true about pool-based source NAT? (Choose two.)

  1. PAT is not supported.

  2. PAT is enabled by default.

  3. It supports the address-persistent configuration option.

  4. It supports the junos-global configuration option.

Answer: B,C

Question No: 128 – (Topic 2)

Which two statements apply to policy scheduling? (Choose two.)

  1. An individual policy can have only one scheduler applied.

  2. You must manually configure system-time updates.

  3. Multiple policies can use the same scheduler.

  4. Policies that do not have schedulers are not active.

Answer: A,C

Question No: 129 – (Topic 2)

Which three functions are provided by the Junos OS for securityplatforms? (Choose three.)

  1. VPN establishment

  2. stateful ARP lookups

  3. Dynamic ARP inspection

  4. Network Address Translation

  5. inspection of packets at higher levels (Layer 4 and above)

Answer: A,D,E

Question No: 130 – (Topic 2)

Which interface is used for RTO synchronization and forwarding traffic between the devices in a cluster?

  1. the st interface

  2. the reth interface

  3. the fxp1 and fxp0 interfaces

  4. the fab0 and fab1 interfaces

Answer: D

100% Ensurepass Free Download!
Download Free Demo:JN0-370 Demo PDF
100% Ensurepass Free Guaranteed!
JN0-370 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

This entry was posted in JN0-370 Latest Exam (Jan 2018) and tagged , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.