[Free] Download New Latest (November) Juniper JN0-332 Actual Tests Topic 5, Volume E part 04

Ensurepass

QUESTION 431  (Topic 5)

 

Click the Exhibit button.

 

clip_image002

 

Referring to the exhibit, you have added a logical interface to a new security zone on an SRX Series device.

 

You received an error after issuing the commit command.

 

What is causing the error?

 

A.

The new security zone must have a routing instance applied to it

B.

The new security zone must have more than one logical interface applied to it

C.

A management interface has not been applied to the security zone.

D.

The logical interface is applied to another security zone

 

 

 

 

 

Answer: D

 

 

QUESTION 432  (Topic 5)

 

What are two benefits of enhanced Web filtering when configured on an SRX Series device? (Choose two)

 

A.

Local database storage minimizes processing delays

B.

Real-time Web filtering on a local Websense server

C.

More than 95 predefined categories stored on an Internet Websense server

D.

Real-time URL categorization and site reputation information

 

Answer: AC

 

 

QUESTION 433  (Topic 5)

 

Which three IP option fields can an attacker exploit to cause problems in a network? (Choose three.)

 

A.

loose source routing

B.

timestamp

C.

time-to-live

D.

record route

E.

DSCP

 

Answer: ABD

 

 

QUESTION 434  (Topic 5)

 – Exhibit —

 

[edit security utm feature-profile content-filtering]

 

user@host# show

 

profile profileA {

 

block-content-type {

 

 

 

 

exe;

 

zip;

 

}

 

notification-options {

 

type message;

 

custom-message “Not permitted. illegal file type”;

 

}

 

}

 – Exhibit —

 

Click the Exhibit button.

 

Your SRX Series device includes the content filtering configuration shown in the exhibit.

 

Assuming the content filtering profile has been properly applied, what happens when a user attempts to send a zip file through the SRX device using FTP?

 

A.

The file is blocked and silently dropped.

B.

The file is blocked and a message is sent back to the user.

C.

The file is permitted and forwarded to its destination, and a message is sent back to the user.

D.

The file is permitted and forwarded to its destination.

 

Answer: D

 

 

QUESTION 435  (Topic 5)

 

Which two statements are correct regarding IPSec security associations on the SRX Series devices? (Choose two.)

 

A.

IPSec SAs are established during Phase 2 negotiations.

B.

IKE SA is bidirectional.

C.

IPSec SA is bidirectional.

D.

IKE SAs are established during Phase 2 negotiations.

 

 

 

 

 

Answer: AB

 

 

QUESTION 436  (Topic 5)

 

Which interface serves as a control link for a chassis cluster on an SRX Series device?

 

A.

fxp0

B.

fxp1

C.

fab

D.

reth

 

Answer: C

 

 

QUESTION 437  (Topic 5)

 

Referring to the exhibit, which two statements are correct? (choose two)

 

[edit security zones] user@host#show security-zone untrust {

 

screen untrust-screen

 

host-inbound-traffic {

 

system-services

 

{ ssh; ping;

 

}

 

}

 

Interfaces {

 

ge-0/0/1.0

 

ge-0/0/3.0{ host-inboun

 

d-traffic{ protocols {

 

ospf; } } }

 

 

 

 

 

A.

An OSPF adjacency can e established on interface ge-0/0/3.

B.

AN OSPF adjacency can be established on both interfaces

C.

SSH can connect on interface ge-0/0/1

D.

Ping
is not allowed on either interface

 

Answer: AC

 

 

QUESTION 438  (Topic 5)

 

You are attempting to set up an IPsec VPN between an SRX240 and another vendor’s firewall.

 

The phase 1 security associations are up, but the phase 2 security associations are not present

 

What is the problem?

 

A.

Proxy ID mismatch

B.

IKE mode mismatch

C.

Preshared ke
y mismatch

D.

IKE peer mismatch

 

Answer: A

 

 

QUESTION 439  (Topic 5)

 

Which feature is used when you want to permit traffic on an SRX Series device only at specific times?

 

A.

Scheduler

B.

pass-through authentication

C.

ALGs

D.

Counters

 

Answer: A

 

 

QUESTION 440  (Topic 5)

 

 

 

  – Exhibit ?

 

clip_image004

 – Exhibit —

 

Click the Exhibit button.

 

You have configured antispam on your SRX Series device as shown in the exhibit.

 

Assuming the antispam profile has been properly applied, what happens when an e-mail message arrives at the SRX device from mary@domain-abc.net at IP address 150.150.150.10?

 

A.

The message matches the whitelist and is forwarded to the destination.

B.

The message matches the blacklist and is blocked.

C.

The message matches the blacklist and is forwarded to the destination with “SPAM:” automatically appended to the beginning of the e-mail subject line.

D.

The message matches both lists and is blocked because the device defaults to the more restrictive setting.

 

Answer: A

 

Free VCE & PDF File for Juniper JN0-332 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-332 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.