[Free] Download New Latest (November) Juniper JN0-332 Actual Tests Topic 2, Volume B part 02

Ensurepass

QUESTION 111  (Topic 2)

 

On which component is the control plane implemented?

 

A.

IOC

B.

PIM

C.

RE

D.

SPC

 

Answer: C

 

 

QUESTION 112  (Topic 2)

 

What are three different integrated UTM components available on the branch SRX Series devices? (Choose three.)

 

A.

antivirus (full AV, express AV)

B.

antivirus (desktop AV)

 

 

 

 

C.

Web filtering

D.

antispam

E.

firewall user authentication

 

Answer: ACD

 

 

QUESTION 113  (Topic 2)

 

Which statement is true about SurfControl integrated Web filter solution?

 

A.

The SurfControl server in the cloud provides the SRX device with the category of the URL as well as the reputation of the URL.

B.

The SurfControl server in the cloud provides the SRX device with only the category of the URL.

C.

The SurfControl server in the cloud provides the SRX device with only the reputation of the URL.

D.

The SurfControl server in the cloud provides the SRX device with a decision to permit or deny the URL.

 

Answer: B

 

 

QUESTION 114  (Topic 2)

 

You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com (172.19.1.1) in the Untrust zone. How do you create this policy?

 

A.

Specify the IP address (172.19.1.1/32) as the destination address in the policy.

B.

Specify the DNS entry (hostb.example.com) as the destination address in the policy.

C.

Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

D.

Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

 

Answer: D

 

 

QUESTION 115  (Topic 2)

 

Which type of Web filtering by default builds a cache of server actions associated with each

 

 

 

 

URL it has checked?

 

A.

Websense Redirect Web filtering

B.

integrated Web filtering

C.

local Web filtering

D.

enhanced Web filtering

 

Answer: B

 

 

QUESTION 116  (Topic 2)

 

Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?

 

A.

The new sessions matching the policy are denied. The existing sessions are dropped.

B.

The new sessions matching the policy are denied. The existing sessions, not being allowed to carry any traffic, simply timeout.

C.

The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.

D.

The new sessions matching the policy are denied. The existing sessions continue until they are completed or their timeout is reached.

 

Answer: A

 

 

QUESTION 117  (Topic 2)

 

Which two statements are true about route-based VPNs? (Choose two.)

 

A.

Route-based VPNs cannot be used to configure remote access or dialup VPNs.

B.

The from-zone and to-zone, for a security policy to permit traffic over a route-based VPN, are derived from the zone in which the protected network lies and the zone in which the IKE interface lies.

C.

system services ike must be enabled on the st0.x interface.

D.

You cannot re-write the DSCP bits on the inner IP header of an ESP packet that was created or forwarded using a route-based VPN.

 

Answer: AD

 

 

 

 

 

QUESTION 118  (Topic 2)

 

Which statement is true when express AV detects a virus in TCP session?

 

A.

TCP RST is sent and a session is restarted.

B.

TCP connection is closed gracefully and the data content is dropped.

C.

TCP traffic is allowed and an SNMP trap is sent.

D.

AV scanning is restarted.

 

Answer: B

 

 

QUESTION 119  (Topic 2)

 

You have configured your chassis cluster to include redundancy group 1. Node 0 is configured to be the primary node for this redundancy group. You need to verify that the redundancy group failover is successful.

 

Which command do you use to manually test the failover?

 

A.

request chassis cluster manual failover group 1 node 1

B.

request cluster failover redundancy-group 1 node 1

C.

request chassis cluster manual failover redundancy-group 1 node 1

D.

request chassis cluster failover redundancy-group 1 node 1

 

Answer: D

 

 

QUESTION 120  (Topic 2)

 

Which two packet attributes contribute to the identification of a session? (Choose two.)

 

A.

Destination port

B.

TTL

C.

IP options

D.

Protocol number

 

Answer: AD

 

Free VCE & PDF File for Juniper JN0-332 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-332 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.