[Free] 2018(Jan) EnsurePass Examcollection Juniper JN0-661 Dumps with VCE and PDF 181-190

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Juniper Official New Released JN0-661
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JN0-661.html

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Question No: 181 – (Topic 2)

Which two statements are true about IPsec traffic? (Choose two.)

  1. IPsec traffic can be forwarded when no IKE SA is present.

  2. IPsec traffic can be forwarded when no IPsec SA is present.

  3. For traffic that has to be encrypted, the security policy must be crafted based on the IP addresses in the inner IP header of the final ESP packet.

  4. For traffic that has to be encrypted, the security policy must be crafted based on the IP addresses in the outer IP header of the final ESP packet.

Answer: A,C

Question No: 182 – (Topic 2)

Which statement is true regarding a session key in the Diffie-Hellman key-exchange process?

  1. A session key value is exchanged across the network.

  2. A session key never passes across the network.

  3. A session key is used as the key for asymmetric data encryption.

  4. A session key is used as the key for symmetric data encryption.

Answer: B

Question No: 183 – (Topic 2)

Which two types of attacks are considered to be denialof service? (Choose two.)

  1. zombie agents

  2. SYN flood

  3. IP packet fragments

  4. WinNuke

Answer: B,D

Question No: 184 – (Topic 2)

Under which configuration hierarchy is an access profile configured for firewall user authentication?

  1. [edit access]

  2. [edit security access]

  3. [edit firewall access]

  4. [edit firewall-authentication]

Answer: A

Question No: 185 – (Topic 2)

Which parameters are valid SCREEN options for combating operating system probes?

  1. syn-fin, syn-flood, and tcp-no-frag

  2. syn-fin, port-scan, and tcp-no-flag

  3. syn-fin, fin-no-ack, and tcp-no-frag

  4. syn-fin, syn-ack-ack-proxy, and tcp-no-frag

Answer: C

Question No: 186 – (Topic 2)

Click the Exhibit button.

Ensurepass 2018 PDF and VCE

Which command is needed to change this policy to a tunnel policy for a policy-based VPN?

  1. set policy tunnel-traffic then tunnel remote-vpn

  2. set policy tunnel-traffic then permit tunnel remote-vpn

  3. set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permit

  4. set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn

Answer: D

Question No: 187 – (Topic 2)

Which command would you use to enable chassis clustering on an SRX device, setting the cluster ID to 1 and node to 0?

  1. user@host# set chassis cluster cluster-id 1 node 0 reboot

  2. user@hostgt; set chassis cluster id 1 node 0 reboot

  3. user@hostgt; set chassis cluster cluster-id 1 node 0 reboot

  4. user@host# set chassis cluster id 1 node 0 reboot

Answer: C

Question No: 188 – (Topic 2)

What are three different integrated UTM components available on the branch SRX Series devices? (Choose three.)

  1. antivirus (full AV, express AV)

  2. antivirus (desktop AV)

  3. Web filtering

  4. antispam

  5. firewall user authentication

Answer: A,C,D

Question No: 189 – (Topic 2)

Which statement is true about SurfControl integrated Web filter solution?

  1. The SurfControl server in the cloud provides the SRX device with the category of the URL as well as the reputation of the URL.

  2. The SurfControl server in the cloud provides the SRX device with only the category of the URL.

  3. The SurfControl server in the cloud provides the SRX device with only the reputation of the URL.

  4. The SurfControl server in the cloud provides the SRX device with a decision to permit or deny the URL.

Answer: B

Question No: 190 – (Topic 2)

Antispam can be leveraged with which two features on a branch SRX Series device to provide maximum protection from malicious e-mail content? (Choose two.)

  1. integrated Web filtering

  2. full AV

  3. IPS

  4. local Web filtering

Answer: B,C

100% Ensurepass Free Download!
Download Free Demo:JN0-661 Demo PDF
100% Ensurepass Free Guaranteed!
JN0-661 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

This entry was posted in JN0-661 Latest Exam (Jan 2018) and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.