[Free] Download New Latest (November) Juniper JN0-332 Actual Tests Topic 4, Volume D part 01

Ensurepass

QUESTION 301  (Topic 4)

 

What is supported on the fabric link?

 

A.

jumbo frames

B.

filters

C.

fragmentation

D.

policies

 

Answer: A

 

 

QUESTION 302  (Topic 4)

 

Which two statements are correct about establishing a chassis cluster with IPv6? (Choose two.)

 

A.

Only an active/passive cluster can be deployed.

B.

Dual-stacked interface addresses are allowed.

C.

IPsec site-to-site VPNs over IPv6 are supported.

D.

IPv6 address book entries can be used.

 

Answer: BD

 

 

QUESTION 303  (Topic 4)

 

Which global UTM configuration parameter contains lists, such as MIME patterns, filename extensions, and URL patterns, that can be used across all UTM features?

 

A.

custom objects

B.

feature profile

C.

UTM policy

D.

address sets

 

Answer: A

 

 

 

 

 

QUESTION 304  (Topic 4)

 

During packet flow on an SRX Series device, which two processes occur before route lookup? (Choose two.)

 

A.

static NAT

B.

destination NAT

C.

source NAT

D.

reverse static NAT

 

Answer: AB

 

 

QUESTION 305  (Topic 4)

 

Which two SRX platforms support UTM features? (Choose two.)

 

A.

SRX240 with base memory

B.

SRX100 with high memory

C.

SRX650 with base memory

D.

SRX1400 with base memory

 

Answer: BC

 

 


QUESTION 306  (Topic 4)

 

Which three actions should be used when initially implementing Junos Screen options? (Choose three.)

 

A.

Deploy Junos Screen options only in functional zones.

B.

Deploy Junos Screen options only in vulnerable security zones.

C.

Understand the behavior of legitimate applications.

D.

Use the limit-session option.

E.

Use the alarm-without-drop option.

 

Answer: BCE

 

 

 

 

 

QUESTION 307  (Topic 4)

 

Which two statements are correct regarding reth interfaces? (Choose two.)

 

A.

Child interfaces must be in the same slot on both nodes

B.

Child interfaces do not need to be in the same slot on both nodes.

C.

Child interfaces must be the same Ethernet interface type.

D.

Child interfaces can be a mixture of Ethernet interface types.

 

Answer: BC

 

 

QUESTION 308  (Topic 4)

 – Exhibit ?

 

clip_image002

 – Exhibit —

 

Click the Exhibit button.

 

You are asked to configure a hub-and-spoke VPN. All the VPN components have been

 

 

 

 

configured, and you are able to ping the remote tunnel interfaces at Site 1 and Site 2 from the Hub site as shown in the exhibit. The Hub site’s external interface is in security zone untrust and the st0 interfaces from each site are in security zone DMZ. Users in Site 2 are unable to connect to a Web server in Site 1.

 

Which additional step is required at the hub site fo
r users to access the Web server?

 

A.

Configure a VPN between Site 1 and Site 2.

B.

Configure a policy in the untrust zone that allows traffic between the sites.

C.

Configure a policy in the VPN zone that allows traffic between the sites.

D.

Configure a policy between the VPN and untrust zones.

 

Answer: C

 

 

QUESTION 309  (Topic 4)

 – Exhibit ?

 

 

 

 

 

clip_image004

 – Exhibit —

 

Click the Exhibit button.

 

Referring to the exhibit, which statement is correct about the IPsec configuration?

 

A.

Policy-based implementation is used.

B.

Dynamic VPN implementation is used.

C.

Route-based implementation is used.

D.

Hub-and-spoke implementation is used.

 

Answer: C

 

 

 

 

 

QUESTION 310  (Topic 4)

 

Which two statements are correct regarding the security policy parameter policy-rematch? (Choose two.)

 

A.

Configuration changes to existing policies do not impact current sessions.

B.

Configuration changes to existing policies cause re-evaluation of current sessions.

C.

Configuration changes to the action field of a policy from permit to either deny or reject cause all existing sessions to drop.

D.

Configuration changes to the action field of a policy from permit to either deny or reject cause all existing sessions to continue.

 

Answer: BC

 

Free VCE & PDF File for Juniper JN0-332 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-332 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.