[Free] Download New Latest (November) Juniper JN0-332 Actual Tests Topic 5, Volume E part 05

Ensurepass

QUESTION 441  (Topic 5)

 

Click the Exhibit button.

 

 

 

 

 

clip_image002

 

Which three statements are correct about the configuration shown in the exhibit? (Choose three)

 

A.

Telnet is allowed from this zone to any configured zones on the device.

B.

FTP is allowed from this zone to any configured zones on the device.

C.

Telnet traffic destined to this device through the configured interfaces is allowed.

D.

The ge-0/0/0.0 and ge-0/0/1.0 interfaces are only members of the Corporate zone.

E.

FTP traffic destined to this device through the configured interfaces is allowed.

 

Answer: CDE

 

 

QUESTION 442  (Topic 5)

 

Which three statements describe ALGs on an SRX Series device? (Choose three)

 

A.

ALGs open pinholes on demand on the Junos security device

B.

ALGs support protocols with dynamic server and client ports.

C.

ALGs are associated with security zones.

D.

ALGs are predefined applications that open static ports on the Junos security device.

E.

ALGs are associated with applications

 

 

 

 

 

Answer: ABE

 

 

QUESTION 443  (Topic 5)

 

Which type of logging is supported for UTM logging to an external syslog server on branch SRX Series devices?

 

A.

Binary syslog

B.

CHARGEN

C.

WELF (structured) syslog

D.

standard (unstructured) syslog

 

Answer: C

 

 

QUESTION 444  (Topic 5)

 

You issued a factory reset to your SRX210 and ping the vlan 0 interface from hosts in both the trust and untrust zones.

 

Which two results do you expect? (Choose two)

 

A.

Pings from the untrust zone fail

B.

Pings from the untrust zone receive a reply

C.

Pings from the trust zone receive a reply

D.

Pings from the trust zone fail

 

Answer: AC

 

 

QUESTION 445  (Topic 5)

 

Which three match criteria must each security policy include? (Choose three.)

 

A.

source address

B.

source port

C.

destination address

D.

destination port

 

 

 

 

E.

application

 

Answer: ACE

 

 

QUESTION 446  (Topic 5)

 

When configuring a destination NAT rule, you notice that you are unable to configure the to match condition on an SRX Series device in this scenario, which two statements are correct? (Choose two)

 

A.

Destination NAT occurs before the zone lookup in the flow module

B.

Destination NAT occurs after the zone lookup in the flow module

C.

Destination NAT occurs after the route lookup in the How module

D.

Destination NAT occurs before the route lookup in the flow module

 

Answ
er:
AD

 

 

QUESTION 447  (Topic 5)

 

What are three types of reconnaissance attacks? (Choose three)

 

A.

IP address sweep

B.

Port scanning

C.

Denial of service

D.

IP options

E.

Teardrop

 

Answer: ABD

 

 

QUESTION 448  (Topic 5)

 

Which three components can be downloaded and installed directly from Juniper Networks update server to an SRX Series device? (Choose three.)

 

A.

signature package

B.

PCRE package

C.

detector engine

 

 

 

 

D.

policy templates

E.

dynamic attack detection package

 

Answer: ACD

 

 

QUESTION 449  (Topic 5)

 

Which two types of traffic are affected by security policies on an SRX Series device? (Choose two)

 

A.

Transit traffic for an existing session

B.

Transit traffic for a new session

C.

Local inbound traffic not associated with the junos-host zone

D.

Local inbound traffic destined to the junos-host zone

 

Answer: AB

 

 

QUESTION 450  (Topic 5)

 

Which UTM feature requires a license to function on an SRX branch series device?

 

A.

Integrated Web filtering

B.

IPsec

C.

OSPFv3

D.

Security policy

 

Answer: A

 

Free VCE & PDF File for Juniper JN0-332 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-332 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.