[Free] Download New Latest (November) Juniper JN0-314 Actual Tests 41-50

Ensurepass

QUESTION 41

You are validating the configuration of your SRX Series device and see the output shown below.

 

clip_image002

 

What does this indicate?

 

A.

The SRX Series device has been configured correctly, the Junos Pulse Access Control Service is reachable on the network, and the SRX Series device is waiting to receive the initial connection from the Junos Pulse Access Control Service.

B.

The SRX Series device has confirmed that the Junos Pulse Access Control Service is configured and is reachable on the network, the SRX Series device is waiting to receive the connection from the Junos Pulse Access Control Service, and all that remains to be accomplished is to configure the SRX Series device.

C.

The SRX Series device is configured correctly and connected to the Junos Pulse Access Control Service. All that remains to be done to complete the configuration is to configure the SRX Series device on the Junos Pulse Access Control Service.

D.

Both the Junos Pulse Access Control Service and the SRX Series device are configured correctly and communicating with each other.

 

Answer: D

 

 

 

 

 

QUESTION 42

You notice that during peak hours, some firewall enforcers contain a high number of auth table entries. As you investigate the issue, you discover that all users are getting auth table mappings to all firewalls, which is not acceptable.

 

What should you do on the Junos Pulse Access Control Service to resolve this problem?

 

A.

Delete the default auth table mapping policy

B.

Create auth table mapping policies that route users to specific resources

C.

Create Resource Access policies that permit access to specific resources

D.

Create Source Interface policies that route users to specific resources

 

Answer: A

 

 

QUESTION 43

When configuring a single SRX210 as a firewall enforcer to a MAG4610 active/passive cluster, which statement supports a fault-tolerant configuration?

 

A.

The cluster VIP is defined on the MAG4610 cluster, and the VIP of the cluster is defined as an instance on the SRX Series device.

B.

The cluster VIP is not defined on the MAG4610 cluster, and the IP address of both the active and passive nodes of the cluster are defined as separate instances on the SRX Series device.

C.

The cluster VIP is defined on the MAG4610 cluster, and the IP address of the active node is defined as an ins
tance on the SRX Series device.

D.

The cluster VIP is not defined on the MAG4610 cluster, and the IP address of the passive node is defined as an instance on the SRX Series device.

 

Answer: A

 

 

QUESTION 44

A customer has purchased a third-party switch to use for Layer 2 access with their Junos Pulse Access Control Service. When configuring the switch on the Junos Pulse Access

 

 

 

 

Control Service, the customer does not find a make/model entry for it.

 

Which two actions should the customer take to make the switch work with the Junos Pulse Access Control Service? (Choose two.)

 

A.

Add the switch to the Junos Pulse Access Control Service as a standard RADIUS.

B.

Add the switch to the Junos Pulse Access Control Service using the “Any” make/model.

C.

Add the switch as a firewall enforcer.

D.

Obtain and configure the RADIUS dictionary for the switch and use that vendor listing for the make/model.

 

Answer: AD

 

 

QUESTION 45

A user logs in and is mapped to two roles. The first role has a maximum timeout value of 600 minutes and the default Juniper Networks logo on the user interface page. The second role has a maximum timeout value of 1200 minutes and a custom logo on the user interface page.

 

Based on the merging of these two roles, which two will be applied? (Choose two.)

 

A.

A custom logo on the user interface
page

B.

A maximum timeout value of 600 minutes

C.

A maximum time out value of 1200 minutes

D.

A default Juniper Networks logo on the user interface page

 

Answer: CD

 

 

QUESTION 46

You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration management on that firewall. The firewall can also be configured using its built-in command-line interface (CLI) or Web-based user interface (WebUI).

 

To avoid conflicting configurations, which two interfaces must you use to configure the firewall enforcer? (Choose two.)

 

 

 

 

 

A.

CLI

B.

WebUI

C.

NSM

D.

Junos Pulse Access Control Service

 

Answer: CD

 

 

QUESTION 47

A customer wants to create a custom Junos Pulse configuration. Which two are required? (Choose two)

 

A.

Connection set

B.

Configuration set

C.

Custom installer

D.

Component set

 

Answer: AD

 

 

QUESTION 48

A system administrator wants to configure 802.1X on an Ethernet switch to enable access to specific parts of the network based on group memberships.

 

How can the administrator accomplish this goal?

 

A.

Configure roles based on departments and assign access based on source IP address.

B.

Configure roles based on the user’s manager and assign access based on the user’s MAC address

C.

Configure roles based on group memberships and assign a specific VLAN to the role.

D.

Configure roles based on a RADIUS request attribute and assign a specific VLAN to the role.

 

Answer: C

 

 

QUESTION 49

 

You have a firewall enforcer protecting resources in a data center. A user is experiencing difficulty connecting to a protected resource.

 

Which two elements must exist so the user can access the resource? (Choose two.)

 

A.

Resource access policy on the MAG Series device

B.

IPsec routing policy on the MAG Series device

C.

General traffic policy blocking access through the firewall enforcer

D.

Auth table entry on the firewall enforcer

 

Answer: AD

 

 

QUESTION 50

What are three default role-mapping rule values that are available for all realms? (Choose three.)

 

A.

Username

B.

LDAP user

C.

Certificate

D.

Custom expressions

E.

Source y IP

 

Answer: ACD

 

Free VCE & PDF File for Juniper JN0-314 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-314 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.