[Free] Download New Latest (November) Juniper JN0-332 Actual Tests Topic 4, Volume D part 05

Ensurepass

QUESTION 341  (Topic 4)

 

You want to authenticate users accessing an internal FTP server using the SRX Series Services Gateway. You also want to use an internal LDAP server as the authentication server.

 

What will satisfy this requirement?

 

A.

a security policy with authentication redirection

B.

pass-through firewall user authentication

C.

captive portal

D.

Web firewall user authentication

 

Answer: B

 

 

QUESTION 342  (Topic 4)

 

Which three Unified Threat Management features require a license? (Choose three.)

 

A.

antivirus

B.

surf control Web filtering

C.

Websense Web filtering

D.

content filtering

E.

antispam

 

 

 

 

 

Answer: ABE

 

 

QUESTION 343  (Topic 4)

 

At which step in the packet flow are Junos Screen checks applied?

 

A.

prior to the route lookup

B.

prior to security policy processing

C.

after ALG services are applied

D.

after source NAT services are applied

 

Answer: B

 

 

QUESTION 344  (Topic 4)

 

Which antivirus protection feature uses virus patterns and a malware database that are located on external servers?

 

A.

full file-based

B.

Kaspersky

C.

Sophos

D.

express scan

 

Answer: C

 

 

QUESTION 345  (Topic 4)

 

You are asked to set up a chassis cluster between your SRX Series devices. You must ensure that the solution provides both dual redundant links per node and node redundancy.

 

Which setting should you use?

 

A.

aggregated Ethernet

B.

redundant Ethernet

C.

aggregated Ethernet LAG

D.

redundant Ethernet LAG

 

 

 

 

 

Answer: D

 

 

QUESTION 346  (Topic 4)

 

What are two valid symmetric encryption key types? (Choose two.)

 

A.

DES

B.

RSA

C.

AES

D.

DSA

 

Answer: AC

 

 

QUESTION 347  (Topic 4)

 

While reviewing the logs on your SRX240 device, you notice SYN floods coming from a host out on the Internet towards several hosts on your trusted network.

 

Which Junos Screen option would protect against these denial-of-service (DoS) attacks?

 

A.

[edit security screen]

user@host# show

ids-option no-flood {

limit-session {

destination-ip-based 150;

}

}

B.

[edit security screen]

user@host# show

ids-option no-flood {

tcp {

syn-fin;

}

}

C.

[edit security screen]

user@host# show

ids-option no-flood {

limit-session {

source-ip-based 150;

 

 

 

 

}

}

D.

[edit security screen]

user@host# show

ids-option no-flood {

icmp {

flood threshold 10;

}

}

 

Answer: C

 

 

QUESTION 348  (Topic 4)

 

Redundant Ethernet interfaces (reths) have a virtual MAC address based on which two attributes? (Choose two.)

 

A.

interface ID of the reth

B.

MAC of member interfaces

C.

redundancy group ID

D.

cluster ID

 

Answer: AD

 

 

QUESTION 349  (Topic 4)

 – Exhibit ?

 

clip_image002

 – Exhibit —

 

 

 

 

Click the Exhibit button.

 

Referring to the exhibit, you want to use source NAT to translate the Web server’s IP address to the IP address of ge-0/0/2.

 

Which source NAT type accomplishes this task and always performs PAT?

 

A.

source NAT with address shifting

B.

standard pool-based NAT

C.

interface-based source NAT

D.

reverse source NAT

 

Answer: C

 

 

QUESTION 350  (Topic 4)

 – Exhibit ?

 

clip_image004

 – Exhibit —

 

Click the Exhibit button.

 

A PC in the trust zone is trying to ping a host in the untrust zone.

 

Referring to the exhibit, which type of NAT is configured?

 

A.

source NAT

B.

destination NAT

C.

static NAT

D.

NAT pool

 

Answer: A

 

Free VCE & PDF File for Juniper JN0-332 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-332 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.