[Free] 2018(Jan) EnsurePass Examcollection Juniper JN0-633 Dumps with VCE and PDF 151-160

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Juniper Official New Released JN0-633
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JN0-633.html

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Question No: 151 – (Topic 2)

You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com (172.19.1.1) in the Untrust zone. Howdo you create this policy?

  1. Specify the IP address (172.19.1.1/32) as the destination address in the policy.

  2. Specify the DNS entry (hostb.example.com) as the destination address in the policy.

  3. Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

  4. Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

Answer: D

Question No: 152 – (Topic 2)

Which two statements are true when describing the capabilities of integrated Web filtering on branch SRX Series devices? (Choose two.)

  1. Integrated Web filtering can enforce UTM policies on traffic encrypted in SSL.

  2. Integrated Web filtering can detect client-side exploits that attack the user#39;s Web browser.

  3. Integrated Web filtering can permit or deny access to specific categories of sites.

  4. Different integrated Web-filtering policies can be applied on a firewall rule-by-rule basis to allow different policies to be enforced for different users.

Answer: C,D

Question No: 153 – (Topic 2)

Which statement is true when express AV detects a virus in TCP session?

  1. TCP RST is sent and a session is restarted.

  2. TCP connection is closed gracefully and the data content is dropped.

  3. TCP traffic is allowed and an SNMP trap is sent.

  4. AV scanning is restarted.

Answer: B

Question No: 154 – (Topic 2)

On which component is thecontrol plane implemented?

  1. IOC

  2. PIM

  3. RE

  4. SPC

Answer: C

Question No: 155 – (Topic 2)

Which antivirus solution integrated on branch SRX Series devices do you use to ensure maximum virus coverage for network traffic?

  1. express AV

  2. full AV

  3. desktop AV

  4. ICAP

Answer: B

Question No: 156 – (Topic 2)

Which zone typewill allow transit-traffic?

  1. system

  2. security

  3. default

  4. functional

Answer: B

Question No: 157 – (Topic 2)

You want to create an out-of-band management zone and assign the ge-0/0/0.0 interface to that zone. From the [edit] hierarchy, which command do you use toconfigure this assignment?

  1. set security zones management interfaces ge-0/0/0.0

  2. set zones functional-zone management interfaces ge-0/0/0.0

  3. set security zones functional-zone management interfaces ge-0/0/0.0

  4. set security zones functional-zone out-of-band interfaces ge-0/0/0.0

Answer: C

Question No: 158 – (Topic 2)

Which CLI command provides a summary of what the content-filtering engine has blocked?

  1. show security utm content-filtering statistics

  2. show security flow session

  3. show security flow statistics

  4. show security utm content-filtering summary

Answer: A

Question No: 159 – (Topic 2)

Which two content-filtering features doesFTP support? (Choose two.)

  1. block extension list

  2. block MIME type

  3. protocol command list

  4. notifications-options

Answer: A,C

Question No: 160 – (Topic 2)

Which configuration shows the correct application of asecurity policy scheduler?

  1. [edit security policies from-zone Private to-zone External] user@host# show

    policy allowTransit { match {

    source-address PrivateHosts; destination-address ExtServers; application ExtApps;

    }

    then { permit { tunnel {

    ipsec-vpn myTunnel;

    }

    scheduler-name now;

    }

    }

    }

  2. [edit security policies from-zone Private to-zone External]

    user@host# show policy allowTransit { match {

    source-address PrivateHosts; destination-address ExtServers; application ExtApps;

    }

    then { permit { tunnel {

    ipsec-vpn myTunnel;

    }

    }

    }

    scheduler-name now;

    }

  3. [edit security policies from-zone Private to-zone External] user@host# show

    policy allowTransit { match {

    source-address PrivateHosts; destination-address ExtServers; application ExtApps;

    }

    then { permit { tunnel {

    ipsec-vpn myTunnel; scheduler-name now;

    }

    }

    }

    }

  4. [edit security policies from-zone Private to-zone External] user@host# show

policy allowTransit { match {

source-address PrivateHosts; destination-address ExtServers; application ExtApps;

scheduler-name now;

}

then { permit { tunnel {

ipsec-vpn myTunnel;

}

}

}

scheduler-name now;

}

Answer: B

100% Ensurepass Free Download!
Download Free Demo:JN0-633 Demo PDF
100% Ensurepass Free Guaranteed!
JN0-633 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

This entry was posted in JN0-633 Latest Exam (Jan 2018) and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.