[Free] 2018(Jan) EnsurePass Examcollection Juniper JN0-633 Dumps with VCE and PDF 161-170

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Juniper Official New Released JN0-633
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JN0-633.html

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Question No: 161 – (Topic 2)

Content filtering enables traffic to be permitted or blocked based on inspection of which three types of content? (Choose three.)

  1. MIME pattern

  2. file extension

  3. IP spoofing

  4. POP3

  5. protocol command

Answer: A,B,E

Question No: 162 – (Topic 2)

Click the Exhibit button.

Ensurepass 2018 PDF and VCE

Referring to the exhibit, which statement contains thecorrect gateway parameters?

  1. [edit security ike] user@host# show

    gateway ike-phase1-gateway { policy ike-policy1;

    address 10.10.10.1; dead-peer-detection { interval 20;

    threshold 5;

    }

    external-interface ge-1/0/1.0;

    }

  2. [edit security ike] user@host# show

    gateway ike-phase1-gateway { ike-policy ike-policy1;

    address 10.10.10.1; dead-peer-detection { interval 20;

    threshold 5;

    }

    external-interface ge-1/0/1.0;

    }

  3. [edit security ike] user@host# show

    gateway ike-phase1-gateway { policy ike1-policy;

    address 10.10.10.1; dead-peer-detection { interval 20;

    threshold 5;

    }

    external-interface ge-1/0/1.0;

    }

  4. [edit security ike] user@host# show

gateway ike-phase1-gateway { ike-policy ike1-policy;

address 10.10.10.1; dead-peer-detection { interval 20;

threshold 5;

}

external-interface ge-1/0/1.0;

}

Answer: B

Question No: 163 – (Topic 2)

Which statement is true regarding NAT?

  1. NAT is not supported on SRX Series devices.

  2. NAT requires special hardware on SRX Series devices.

  3. NAT is processed in the control plane.

  4. NAT is processed in the data plane.

Answer: D

Question No: 164 – (Topic 2)

Which two packet attributes contribute to the identificationof a session? (Choose two.)

  1. Destination port

  2. TTL

  3. IP options

  4. Protocol number

Answer: A,D

Question No: 165 – (Topic 2)

Which three actions can a branch SRX Series device perform on a spam e-mail message? (Choose three.)

  1. It can drop the connection at the IP address level.

  2. It can block the e-mail based upon the sender ID.

  3. It can allow the e-mail and bypass all UTM inspection.

  4. It can allow the e-mail to be forwarded, but change the intended recipient to a new e- mail address.

  5. It can allow the e-mail to be forwarded to the destination, but tag it with a custom value in the subject line.

Answer: A,B,E

Question No: 166 – (Topic 2)

Which two statements are true about route-based VPNs? (Choose two.)

  1. Route-based VPNs cannot be used to configure remote access or dialup VPNs.

  2. The from-zone and to-zone, for a security policy to permit traffic over a route-based VPN, are derived from the zone in which the protected network lies and the zone in which the IKE interface lies.

  3. system services ike must be enabled on the st0.x interface.

  4. You cannot re-write the DSCP bits on the inner IP header of an ESP packet that was created or forwarded using a route-based VPN.

Answer: A,D

Question No: 167 – (Topic 2)

Which three are necessary for antispam to function properly on a branch SRX Series device? (Choose three.)

  1. an antispam license

  2. DNS servers configured on the SRX Series device

  3. SMTP services on SRX

  4. a UTM profile with an antispam configuration in the appropriate security policy

  5. antivirus (full or express)

Answer: A,B,D

Question No: 168 – (Topic 2)

Regarding content filtering, what are two pattern lists that can be configured in the Junos OS? (Choose two.)

  1. protocol list

  2. MIME

  3. block list

  4. extension

Answer: B,D

Question No: 169 – (Topic 2)

The same Web site is visited for the second time using a branch SRX Series Services Gateway configured with Surf Control integrated Web filtering. Which statement is true?

  1. The SRX device sends the URL to the SurfControl server in the cloud and the SurfControl server provides the SRX with a category of the URL.

  2. The SRX device sends the URL to the SurfControl server in the cloud and the SurfControl server asks the SRX device to permit the URL as it has been previously visited.

  3. The SRX device looks at its local cache to find the category of the URL.

  4. The SRX device does not perform any Web filtering operation as the Web site has already been visited.

Answer: C

Question No: 170 – (Topic 2)

Click the Exhibit button.

Ensurepass 2018 PDF and VCE

A network administrator receives complaints that the application voicecube is timing out after being idle for 30 minutes. Referring to the exhibit, what is a resolution?

  1. [edit]

    user@host# set applications application voicecube inactivity-timeout never

  2. [edit]

    user@host# set applications application voicecube inactivity-timeout 2

  3. [edit]

    user@host# set applications application voicecube destination-port 5060

  4. [edit]

user@host# set security policies from-zone trust to-zone trust policy intrazone then timeout never

Answer: A

100% Ensurepass Free Download!
Download Free Demo:JN0-633 Demo PDF
100% Ensurepass Free Guaranteed!
JN0-633 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

This entry was posted in JN0-633 Latest Exam (Jan 2018) and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.