[Free] 2018(Jan) EnsurePass Examcollection Juniper JN0-533 Dumps with VCE and PDF 21-30

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Juniper Official New Released JN0-533
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JN0-533.html

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Question No: 21 – (Topic 1)

What is the purpose of a chassis cluster?

  1. Chassis clusters are used to aggregate routes.

  2. Chassis clusters are used to create aggregate interfaces.

  3. Chassis clusters are used to group two chassis into one logical chassis.

  4. Chassis clusters are used to group all interfaces into one cluster interface.

Answer: C Explanation:

The Junos OS achieves high availability on Junos security platforms using chassis clustering.Chassis clustering provides network node redundancy by grouping two like devices into a cluster.The two nodes back each other up with one node acting as the primary and the other as the secondary node, ensuring the stateful failover of processes and services in the event of system or hardware failure. A control link between services processing cards (SPCs) or revenue ports and an Ethernet data link between revenue ports connect two like devices. Junos security platforms must be the same model, and all SPCs, network processing cards (NPCs), and input/output cards (IOCs) on high-end platforms must have the same slot placement and hardware revision.

The chassis clustering feature in the Junos OS is built on the high availability methodology of Juniper Networks M Series and T Series platforms and the TX Matrix platform, including multichassis clustering, active-passive Routing Engines (REs) , active-active Packet Forwarding Engines (PFEs), and graceful RE switchover capability.

Question No: 22 – (Topic 1)

Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing a security policy change?

  1. policy-rematch

  2. policy-evaluate

  3. rematch-policy

  4. evaluate-policy

Answer: A

Question No: 23 – (Topic 1)

Which three are necessary for antispam to function properly on a branch SRX Series device? (Choose three.)

  1. an antispam license

  2. DNS servers configured on the SRX Series device

  3. SMTP services on SRX

  4. a UTM profile with an antispam configuration in the appropriate security policy

  5. antivirus (full or express)

Answer: A,B,D

Question No: 24 – (Topic 1)

Which two statements in a source NAT configuration are true regarding addresses, rule- sets, or rulesthat overlap? (Choose two.)

  1. Addresses used for NAT pools should never overlap.

  2. If more than one rule-set matches traffic, the rule-set with the most specific context takes precedence.

  3. If traffic matches two rules within the same rule-set, both rules listed in the configuration are applied.

  4. Dynamic source NAT rules take precedence over static source NAT rules.

Answer: A,B

Question No: 25 – (Topic 1)

Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH? (Choose three.)

  1. data integrity

  2. data confidentiality

  3. data authentication

  4. outer IP header confidentiality

  5. outer IP header authentication

Answer: A,C,E

Question No: 26 – (Topic 1)

Which command do you use to manuallyremove antivirus patterns?

  1. request security utm anti-virus juniper-express-engine pattern-delete

  2. request security utm anti-virus juniper-express-engine pattern-reload

  3. request security utm anti-virus juniper-express-engine pattern-remove

  4. delete security utm anti-virus juniper-express-engine antivirus-pattern

Answer: A

Question No: 27 – (Topic 1)

Which statement is correct about HTTP trickling?

  1. It prevents the HTTP client or server from timing-out during an antivirus update.

  2. It prevents the HTTP client or server from timing-out during antivirus scanning.

  3. It is an attack.

  4. It is used to bypass antivirus scanners.

Answer: B

Question No: 28 – (Topic 1)

In a chassis cluster with two SRX 5800 devices, the interface ge-13/0/0 belongs to which device?

  1. This interface is a system-created interface.

  2. This interface belongs to node 0 of the cluster.

  3. This interface belongs to node 1 of the cluster.

  4. This interface will not exist because SRX 5800 devices have only 12 slots.

Answer: C

Question No: 29 – (Topic 1)

Which statement is true regarding the JunosOS for security platforms?

  1. SRX Series devices can store sessions in a session table.

  2. SRX Series devices accept all traffic by default.

  3. SRX Series devices must operate only in packet-based mode.

  4. SRX Series devices must operate only in flow-based mode.

Answer: A Explanation:

SRX by default operates in FLOW-BASED mode.

Hovewer, it’s possible to aply a filter on interface, which will enforce a PACKET-BASED mode.

Question No: 30 – (Topic 1)

Click the Exhibit button.

Ensurepass 2018 PDF and VCE

[A] establishes an IPsec tunnel with [B]. The NAT device translates the IP address 1.1.1.1 to 2.1.1.1.On which portis the IKE SA established?

  1. TCP 500

  2. UDP 500

  3. TCP 4500

  4. UDP 4500

Answer: D

100% Ensurepass Free Download!
Download Free Demo:JN0-533 Demo PDF
100% Ensurepass Free Guaranteed!
JN0-533 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

This entry was posted in JN0-533 Latest Exam (Jan 2018) and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.