[Free] Download New Latest (November) Juniper JN0-332 Actual Tests Topic 3, Volume C part 05

Ensurepass

QUESTION 241  (Topic 3)

 

What is a security policy?

 

A.

a set of rules that controls traffic from a specified source to a specified destination using a specified service

B.

a collection of one or more network segments sharing identical security requirements

C.

a method of providing a secure connection across a network

D.

a tool to protect against DoS attacks

 

Answer: A

 

 

Explanation: A security policy is a set of statements that controls traffic from a specified source to a specified destination using a specified service. If a packet arrives that matches those specifications, the SRX Series device performs the action specified in the policy.

 

 

QUESTION 242  (Topic 3)

 

A traditional router is better suited than a firewall device for which function?

 

A.

VPN establishment

B.

packet-based forwarding

C.

stateful packet processing

D.

Network Address Translation

 

Answer: B

 

 

QUESTION 243  (Topic 3)

 

Which statement is true regarding proxy ARP?

 

A.

Proxy ARP is enabled by default on stand-alone JUNOS security devices.

B.

Proxy ARP is enabled by default on chassis clusters.

C.

JUNOS security devices can forward ARP requests to a remote device when proxy ARP is enabled.

D.

JUNOS security devices can reply to ARP requests intended for a remote device when

 

 

 

 

proxy ARP is enabled.

 

Answer: D

 

 

QUESTION 244  (Topic 3)

 

Prior to applying SCREEN options to drop traffic, you want to determine how your configuration will affect traffic.

 

Which mechanism would you configure to achieve this objective?

 

A.

the log option for the particular SCREEN option

B.

the permit option for the particular SCREEN option

C.

the SCREEN option, because it does not drop traffic by default

D.

the alarm-without-drop option for the particular SCREEN option

 

Answer: D

 

 

QUESTION 245  (Topic 3)

 

You want to create an out-of-band management zone and assign the ge-0/0/0.0 interface to that zone.

 

From the [edit] hierarchy, which command do you use to configure this assignment?

 

A.

set security zones management interfaces ge-0/0/0.0

B.

set zones functional-zone management interfaces ge-0/0/0.0

C.

set security zones functional-zone management interfaces ge-0/0/0.0

D.

set security zones functional-zone out-of-band interfaces ge-0/0/0.0

 

Answer: C

 

 

QUESTION 246  (Topic 3)

 

You are required to configure a SCREEN option that enables IP source route option detection.

 

 

 

 

Which two configurations meet this requirement? (Choose two.)

 

A.

[edit security screen]

user@host# show

ids-option protectFromFlood {

ip {

loose-source-route-option;

strict-source-route-option;

}}

B.

[edit security screen]

user@host# show

ids-option protectFromFlood {

ip {

source-route-option;

}}

C.

[edit security screen]

user@host# show

ids-option protectFromFlood {

ip {

record-route-option;

security-option;

}}

D.

[edit security screen]

user@host# show

ids-option protectFromFlood {

ip {

strict-source-route-option;

record-route-option;

}}

 

Answer: AB

 

 

QUESTION 247  (Topic 3)

 

Which high availability feature is supported only on Junos security platforms?

 

A.

Virtual Chassis

B.

VRRP

C.

chassis clustering

D.

graceful restart

 

Answer: C

 

 

 

 

Explanation: The Junos OS achieves high availability on Junos security platforms using chassis clustering. Chassis clustering providesnetwork node redundancy by grouping two like devices into a cluster. The two nodes back each other up with one node acting asthe primary and the other as the secondary node, ensuring the stateful failover of processes and services in the event of systemor hardware failure. A control link between services processing cards (SPCs) or revenue ports and an Ethernet data link between revenue ports connect two like devices. Junos security platforms must be the same model, and all SPCs, network processing cards (NPCs), and input/output cards (IOCs) on high-end platforms must have the same slot placement and hardware revision. The chassis clustering feature in the Junos OS is built on the high availability methodology of Juniper Networks M Series and T Series platforms and the TX Matrix platform, including multichassis clustering, active-passive Routing Engines (REs) , active-active Packet Forwarding Engines (PFEs), and graceful RE switchover capability.

 

 

QUESTION 248  (Topic 3)

 

Which two functions of JUNOS Software are handled by the data plane? (Choose two.)

 

A.

NAT

B.

OSPF

C.

SNMP

D.

SCREEN options

 

Answer: AD

 

 

QUESTION 249  (Topic 3)

 

What are two interfaces created when enabling a chassis cluster? (Choose two.)

 

A.

st0

B.

fxp1

C.

fab0

D.

reth0

 

Answer: BC

 

 

 

 

 

QUESTION 250  (Topic 3)

 

How is the control plane separated from the data plane on branch SRX Series devices?

 

A.

by running separate kernels inside the Junos OS

B.

by dedicating a separate CPU core for the control plane

C.

by using separate CPUs for the control plane and data plane

D.

by offloading control plane traffic to the SPC

 

Answer: B

 

Free VCE & PDF File for Juniper JN0-332 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-332 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.