[Free] 2018(Jan) EnsurePass Examcollection Juniper JN0-643 Dumps with VCE and PDF 141-150

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Juniper Official New Released JN0-643
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JN0-643.html

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Question No: 141 – (Topic 2)

Which two statements are true regarding the system-default security policy [edit security policies default-policy]? (Choose two.)

  1. Traffic is permitted from the trust zone to the untrust zone.

  2. Intrazone traffic in the trust zone is permitted.

  3. All traffic through the device is denied.

  4. The policy is matched only when no other matching policies are found.

Answer: C,D

Question No: 142 – (Topic 2)

Which two statements about static NAT are true? (Choose two.)

  1. Static NAT can only be used with destination NAT.

  2. Static NAT rules take precedence over overlapping dynamic NAT rules.

  3. NAT rules take precedence over overlapping static NAT rules.

  4. A reverse mapping is automatically created.

Answer: B,D

Question No: 143 – (Topic 2)

Which three actions can a branch SRX Series device perform on a spam e-mail message? (Choose three.)

  1. It can drop the connection at the IP address level.

  2. It can block the e-mail based upon the sender ID.

  3. It can allow the e-mail and bypass all UTM inspection.

  4. It can allow the e-mail to be forwarded, but change the intended recipient to a new e- mail address.

  5. It can allow the e-mail to be forwarded to the destination, but tag it with a custom value in the subject line.

Answer: A,B,E

Question No: 144 – (Topic 2)

Which encryption type is used to secure user data in an IPsec tunnel?

  1. symmetric key encryption

  2. asymmetric key encryption

  3. RSA

  4. digital certificates

Answer: A

Question No: 145 – (Topic 2)

Which statement describes an ALG?

  1. An ALG intercepts and analyzes all traffic, allocates resources, and defines dynamic policies to deny the traffic.

  2. An ALG intercepts and analyzes the specified traffic, allocates resources, and defines dynamic policies to permit the traffic to pass.

  3. An ALG intercepts and analyzes the specified traffic, allocates resources, and defines dynamic policies to deny the traffic.

  4. An ALG intercepts and analyzes all traffic, allocates resources, and defines dynamic policies to permit the traffic to pass.

Answer: B

Question No: 146 – (Topic 2)

You have configured your chassis cluster to include redundancy group 1. Node 0 is configured to be the primary node for this redundancy group. You need to verify that the redundancy group failover is successful. Which command do you use tomanually test the failover?

  1. request chassis cluster manual failover group 1 node 1

  2. request cluster failover redundancy-group 1 node 1

  3. request chassis cluster manual failover redundancy-group 1 node 1

  4. request chassis cluster failover redundancy-group 1 node 1

Answer: D

Question No: 147 – (Topic 2)

What are two uses of NAT? (Choose two.)

  1. enabling network migrations

  2. conserving public IP addresses

  3. allowing stateful packet inspection

  4. preventing unauthorized connections from outside the network

Answer: A,B

Question No: 148 – (Topic 2)

What are three valid Juniper Networks IPS attack object types? (Choose three.)

  1. signature

  2. anomaly

  3. trojan

  4. virus

  5. chain

Answer: A,B,E

Question No: 149 – (Topic 2)

Which URL database do branch SRX Series devices use when leveraging local Web filtering?

  1. The SRX Series device will download the database from an online repository to locally inspect HTTP traffic for Web filtering.

  2. The SRX Series device will use an offline database to locally inspect HTTP traffic for Web filtering.

  3. The SRX Series device will redirect local HTTP traffic to an external Websense server for Web filtering.

  4. The SRX Series administrator will define the URLs and their associated action in the local database to inspect the HTTP traffic for Web filtering.

Answer: D

Question No: 150 – (Topic 2)

Which operational mode command displays all active IKE phase 2 security associations?

  1. show ike security-associations

  2. show ipsec security-associations

  3. show security ike security-associations

  4. show security ipsec security-associations

Answer: D

100% Ensurepass Free Download!
Download Free Demo:JN0-643 Demo PDF
100% Ensurepass Free Guaranteed!
JN0-643 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

This entry was posted in JN0-643 Latest Exam (Jan 2018) and tagged , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.