[Free] Download New Latest (November) Juniper JN0-521 Actual Tests Topic 1 part 01

Ensurepass

QUESTION 61  (Topic 1)

 

You enter the following command:

 

set int e0/8 mip 1.1.8.32 host 10.1.10.32 netmask 255.255.255.255

 

How many MIP address translations have you just configured?

 

A.

1

B.

8

C.

128

D.

256

 

Answer: A

 

 

QUESTION 62  (Topic 1)

 

You have one VIP configured on your device, using public address 191.111.222.5. You are running ScreenOS version 5.2 or later. When you configure the policy, what will you select for the VIP, and where will you select it?

 

A.

VIP::1 in the NAT-dst public field

B.

VIP::1 as the destination address

C.

VIP(191.111.222.5) in the NAT-dst public field

D.

VIP(191.111.222.5) as the destination address

 

 

 

 

 

Answer: D

 

 

QUESTION 63  (Topic 1)

 

Click the Exhibit button.

 

In the exhibit, which two forms of address translation would have generated the output shown? (Choose two.)

 

clip_image002

 

A.

MIP

B.

Interface-based translation

C.

NAT-src with a DIP, fixed-port enabled

D.

NAT-src with a DIP, fixed-port disabled

 

Answer: AC

 

 

QUESTION 64  (Topic 1)

 

Click the Exhibit button.

 

In the exhibit, if you configure NAT-src on interface e0/4, and do not specify a DIP, which address will be used as the outbound source address of packets destined for the Internet?

 

 

 

 

 

clip_image004

 

A.

143.45.56.1

B.

143.45.56.254

C.

NAT-src requires a DIP

D.

the original source address

 

Answer: A

 

 

QUESTION 65  (Topic 1)

 

Which statement is correct about tunnel interfaces?

 

A.

They can have overlapping IP addresses.

B.

They need to be configured in the zone where the protected resources reside.

C.

They can be unnumbered and used in policy-based translations if the interface is in route mode.

D.

They can be unnumbered from any interface residing on the same virtual router as the protected resources.

 

Answer: D

 

 

QUESTION 66  (Topic 1)

 

What will change the root admin password?

 

 

 

 

 

A.

set admin password <password>

B.

set root-admin password <password>

C.

set admin <name> password <password>

D.

set admin user <name> password <password>

 

Answer: A

 

 

QUESTION 67  (Topic 1)

 

Your VPN is failing during Phase 2 negotiation, and you are the initiator. You check your local event log and see IPSec messages but no failures. What is the next logical troubleshooting step?

 

A.

View the event log of the responding gateway.

B.

Configure the peer-id on your local IKE gateway.

C.

Double check routing reacheability to the remote network.

D.

Turn on logging in the policy and check the event logs again.

 

Answer: A

 

 

QUESTION 68  (Topic 1)

 

Click the Exhibit button.

 

In the exhibit, if host A initiates a Web browsing session with host D, and the E0/1 interface of the SSG 20 is in NAT mode, what will be the source address of the packet arriving at host D?

 

 

 

 

 

clip_image006

 

A.

10.1.1.1

B.

10.1.10.5

C.

143.45.56.1

D.

143.45.56.254

 

Answer: B

 

 

QUESTION 69  (Topic 1)

 

Click the Exhibit button.

 

In the exhibit, which two network addresses could appear in the remote proxy-ID for the SSG 550 during the IKE phase two exchange? (Choose two.)

 

clip_image008

 

A.

1.1.1.250

B.

10.0.0.0/8

C.

20.0.0.0/8

 

 

 

 

D.

10.0.0.5/32

 

Answer: BD

 

 

QUESTION 70  (Topic 1)

 

When a firewall receives the first packet in a series, what will it immediately do?

 

A.

Check its route table.

B.

Check its session table.

C.

Determine if traffic is crossing zones.

D.

Verify that it is not malformed or a fragment.

 

Answer: D

 

Free VCE & PDF File for Juniper JN0-521 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-521 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.