[Free] Download New Latest (November) Juniper JN0-332 Actual Tests Topic 3, Volume C part 02

Ensurepass

QUESTION 211  (Topic 3)

 

Which two statements describe the purpose of a security policy? (Choose two.)

 

A.

It enables traffic counting and logging.

B.

It enforces a set of rules for transit traffic.

C.

It controls host inbound services on a zone.

D.

It controls administrator rights to access the device.

 

Answer: AB

 

 

QUESTION 212  (Topic 3)

 

Which statement correctly describes the default state of a high-end SRX Series Services

 

 

 

 

Gateway?

 

A.

It forwards all traffic.

B.

It selectively forwards traffic based on default security policies.

C.

It selectively restricts traffic based on default security policies.

D.

It forwards no traffic.

 

Answer: D

 

 

QUESTION 213  (Topic 3)

 

You are creating a destination NAT rule-set.

 

Which two are valid for use with the from clause? (Choose two.)

 

A.

security policy

B.

interface

C.

routing-instance

D.

IP address

 

Answer: BC

 

 

QUESTION 214  (Topic 3)

 

Which statement is true when express AV detects a virus in a TCP session?

 

A.

A TCP RST is sent and the session is restarted.

B.

The TCP connection is closed gracefully and the data content is dropped.

C.

TCP traffic is allowed and an SNMP trap is sent.

D.

AV scanning is restarted.

 

Answer: B

 

 

QUESTION 215  (Topic 3)

 

Which operational mode command displays all active IPsec phase 2 security associations?

 

 

 

 

 

A.

show ike security-associations

B.

show ipsec security-associations

C.

show security ike security-associations

D.

show security ipsec security-associations

 

Answer: D

 

 

QUESTION 216  (Topic 3)

 

Which statement is true about source NAT?

 

A.

Source NAT works only with source pools.

B.

Destination NAT is required to translate the reply traffic.

C.

Source NAT does not require a security policy to function.

D.

The egress interface IP address can be used for source NAT.

 

Answer: D

 

 

QUESTION 217  (Topic 3)

 

Click the Exhibit button.

 – Exhibit —

 

user@host> show security utm web-filtering statistics

 

UTM web-filtering statistics:

 

Total requests: 298171

 

white list hit: 0

 

Black list hit: 0

 

Queries to server: 17641< /font>

 

Server reply permit: 14103

 

Server reply block: 3538

 

Custom category permit: 0

 

 

 

 

Custom category block: 0

 

Cache hit permit: 171020

 

Cache hit block: 109510

 

Web-filtering sessions in total: 4000

 

Web-filtering sessions in usE. 0

 

Fallback: log-and-permit block

 

Default 0 0

 

Timeout 0 0

 

Connectivity 0 0

 

Too-many-requests 758 0

 – Exhibit —

 

Which two statements are true about the output shown in the exhibit on the branch SRX device? (Choose two.)

 

A.

Redirect Web filtering is being used.

B.

Integrated Web filtering is being used.

C.

At some point the SRX had more than 4000 concurrent Web sessions.

D.

Local Web filtering is being used.

 

Answer: BC

 

 

QUESTION 218  (Topic 3)

 

Click the Exhibit button.

 

 

 

 

 

clip_image002

 

Referring to the exhibit, you are not able to telnet to 192.168.10.1 from client PC 192.168.10.10. What is causing the problem?

 

A.

Telnet is not being permitted by self policy.

B.

Telnet is not being permitted by security policy.

C.

Telnet is not allowed because it is not considered secure.

D.

Telnet is not enabled as a host-inbound service on the zone.

 

Answer: D

 

 

QUESTION 219  (Topic 3)

 

Which statement accurately describes firewall user authentication?

 

A.

Firewall user authentication provides another layer of security in a network.

B.

Firewall user authentication provides a means for accessing a JUNOS Software-based security device.

C.

Firewall user authentication enables session-based forwarding.

D.

Firewall user authentication is used as a last resort security method in a network.

 

Answer: A

 

 

QUESTION 220  (Topic 3)

 

A policy-based IPsec VPN is ideal for which scenario?

 

A.

when you want to conserve tunnel resources

 

 

 

 

B.

when the remote peer is a dialup or remote access client

C.

when you want to configure a tunnel policy with an action of deny

D.

when a dynamic routing protocol such as OSPF must be sent across the VPN

 

Answer: B

 

Free VCE & PDF File for Juniper JN0-332 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-332 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.