[Free] Download New Latest (November) Juniper JN0-332 Actual Tests Topic 1, Volume A part 01

Ensurepass

QUESTION 1  (Topic 1)

 

Which zone type can be specified in a policy?

 

A.

security

B.

functional

C.

user

D.

system

 

Answer: A

 

 

QUESTION 2  (Topic 1)

 

A network administrator is using source NAT for traffic from source network 10.0.0.0/8. The administrator must also disable NAT for any traffic destined to the 202.2.10.0/24 network.Which configuration would accomplish this task?

 

A.

[edit security nat source rule-set test]

user@host# show

from zone trust;

to zone untrust;

rule A {

match {

source-address 202.2.10.0/24;

}

then {

source-nat {

pool {

A;

}

}

}

}

rule B {

match {

destination-address 10.0.0.0/8;

}

then {

source-nat {

 

 

 

 

off;

}

}

}

B.

[edit security nat source]

user@host# show rule-set test

from zone trust;

to zone untrust;

rule 1 {

match {

destination-address 202.2.10.0/24;

}

then {

source-nat {

off;

}

}

}

rule 2 {

match {

source-address 10.0.0.0/8;

}

then {

source-nat {

pool {

A;

}

}

}

}

C.

[edit security nat source rule-set test]

user@host# show

from zone trust;

to zone untrust;

rule A {

match {

source-address 10.0.0.0/8;

}

then {

source-nat {

pool {

A;

}

}

}

}

 

 

 

 

rule B {

match {

destination-address 202.2.10.0/24;

}

then {

source-nat {

off;

}

}

}

D.

[edit security nat source rule-set test]

user@host# show

from zone trust;

to zone untrust;

rule A {

match {

source-address 10.0.0.0/8;

}

then {

source-nat {

pool {

A;

}

}

}

}

 

Answer: B

 

 

QUESTION 3  (Topic 1)

 

Click the Exhibit button.

 

 

 

 

 

clip_image002

 

System services SSH, Telnet, FTP, and HTTP are enabled on the SRX Series device.

 

Referring to the configuration shown in the exhibit, which two statements are true? (Choose two.)

 

A.

A user can use SSH to interface ge-0/0/0.0 and ge-0/0/1.0.

B.

A user can use FTP to interface ge-0/0/0.0 and ge-0/0/1.0.

C.

A user can use SSH to interface ge-0/0/0.0.

D.

A user can use SSH to interface ge-0/0/1.0.

 

Answer: BC

 

 

QUESTION 4  (Topic 1)

 

Which statement describes an ALG?

 

A.

An ALG intercepts and analyzes all traffic, allocates resources, and defines dynamic policies to deny the traffic.

B.

An ALG intercepts and analyzes the specified traffic, allocates resources, and defines

 

 

 

 

dynamic policies to permit the traffic to pass.

C.

An ALG intercepts and analyzes the specified traffic, allocates resources, and defines dynamic policies to d
eny the traffic.

D.

An ALG intercepts and analyzes all traffic, allocates resources, and defines dynamic policies to permit the traffic to pass.

 

Answer: B

 

 

QUESTION 5  (Topic 1)

 

Under which Junos hierarchy level are security policies configured?

 

A.

[edit security]

B.

[edit protocols]

C.

[edit firewall]

D.

[edit policy-options]

 

Answer: A

 

 

QUESTION 6  (Topic 1)

 

Which two statements about the Diffie-Hellman (DH) key exchange process are correct? (Choose two.)

 

A.

In the DH key exchange process, the session key is never passed across the network.

B.

In the DH key exchange process, the public and private keys are mathematically related using the DH algorithm.

C.

In the DH key exchange process, the session key is passed across the network to the peer for confirmation.

D.

In the DH key exchange process, the public and private keys are not mathematically related, ensuring higher security.

 

Answer: AB

 

 

QUESTION 7  (Topic 1)

 

What is the default session timeout for TCP sessions?

 

 

 

 

 

A.

1 minute

B.

15 minutes

C.

30 minutes

D.

90 minutes

 

Answer: C

 

 

QUESTION 8  (Topic 1)

 

Click the Exhibit button.

 

clip_image004

 

Assume the default-policy has not been configured. Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? (Choose two.)

 

A.

DNS traffic is denied.

B.

HTTP traffic is denied.

C.

FTP traffic is permitted.

D.

SMTP traffic is permitted.

 

 

 

 

 

Answer: AC

 

 

QUESTION 9  (Topic 1)

 

Which two statements regarding firewall user authentication client groups are true? (Choose two.)

 

A.

A client group is a list of clients associated with a group.

B.

A client group is a list of groups associated with a client.

C.

Client groups are referenced in security policy in the same manner in which individual clients are referenced.

D.

Client groups are used to simplify configuration by enabling firewall user authentication without security policy.

 

Answer: BC

 

 

QUESTION 10  (Topic 1)

 

Which two parameters are configured in IPsec policy? (Choose two.)

 

A.

mode

B.

IKE gateway

C.

security proposal

D.

Perfect Forward Secrecy

 

Answer: CD

 

Free VCE & PDF File for Juniper JN0-332 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-332 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.