[Free] Download New Latest (November) Juniper JN0-522 Actual Tests Topic 1, Volume A part 03

Ensurepass

QUESTION 21  (Topic 1)

 

Which ScreenOS CLI command is used to verify MIP operation?

 

A.

Get nat

B.

Get mip

C.

Get translation

D.

Get session

 

Answer: D

 

 

QUESTION 22  (Topic 1)

 

you are looking at the event log of the responding device and it says ” Rejected an initial Phase 1 packet from un unrecognized peer gateway”. What are three likely reasons for the failure? (Choose three.)

 

A.

The gateway address is misconfigured

B.

The default gateway is missing

C.

The Peer ID is misconfigured

D.

The outgoing interface is misconfigured

E.

The preshare keys are mismatched

 

Answe
r:
ACD

 

 

QUESTION 23  (Topic 1)

 

See the exhibit:

 

Exhibit:

 

clip_image002

 

In the exhibit, you need to make a bidirectional VPN between the SSG 5 and the SSG 550.

 

 

 

 

On the SSG550, which address will you use to configure the IKE gateway?

 

A.

20.0.0.1

B.

4.4.4.250

C.

10.0.0.1

D.

1.1.1.250

 

Answer: D

 

 

QUESTION 24  (Topic 1)

 

See the Exhibit:

 

Exhibit:

 

clip_image004

 

Which two network addresses could appear in the remote proxy-id for the SSG 550 during the IKE phase two exchange? (Choose two.)

 

A.

10.0.0.0/8

B.

1.1.1.250

C.

20.0.0.0/8

D.

10.0.0.5/32

 

Answer: AD

 

 

QUESTION 25  (Topic 1)

 

See the exhibit:

 

 

 

 

Exhibit:

 

clip_image006

 

In the exhibit, which routing command would allow Host A to communicate with host C?

 

A.

Set route 0.0.0.0/0 int e0/3 gateway 177.11.56.254

B.

Set route 1.1.70.0 interface e0/3 gateway 177.11.56.254

C.

Configure route 1.1.70.0/24 gateway 177.11.56.254 int e0/3

D.

Set route 1.1.70.0/24 interface e0/3 gateway 177.11.56.254

 

Answer: D

 

 

QUESTION 26  (Topic 1)

 

What are two benefits of configuring a ScreenOS device in transparent mode? (Choose two.)

 

A.

Policies are easier to create since you do not have to include source and destination IP addresses

B.

There is no need to create MIPs or VIPs for incoming traffic to reach protected servers

C.

The product can support more VPNs and obtain greater throughput because there is less overhead to manage

D.

There is no need to reconfigure the IP addresses of routers or protected servers

 

Answer: BD

 

 

 

 

 

QUESTION 27  (Topic 1)

 

What is the default mode for an interface in the untrust zone?

 

A.

NAT

B.

Layer 3

C.

Route

D.

Transparent

E.

Layer 2

 

Answer: C

 

 

QUESTION 28  (Topic 1)

 

Which statement accurately describes the “config rollaback” feature?

 

A.

Once the “Config rollback” feature is enabled, it allows the administrator to re-apply a locked configuration file from a separate area in flash

B.

The “Config rollback” feature is enabled by default, it allows the administrator to re-reply a previously saved configuration file from flash

C.

Once the “Config rollback” feature is enabled, it allows the administrator to re-apply a previously saved configuration file from the flash

D.

Once the “Config rollback” feature is enabled, it allows the administrator to revert to the prior ScreenOS image or configuration file in event an upgrade operation aborts

 

Answer: A

 

 

QUESTION 29  (Topic 1)

 

See the exhibit:

 

Exhibit:

 

 

 

 

 

clip_image008

 

In this route-based VPN configuration, where are the two policies going to be required? (Choose two.)

 

A.

SSG 5 – untrust to trust

B.

SSG 5 – trust to untrust

C.

SSG 550 – trust to untrust

D.

SSG 550 – untrust to trust

 

Answer: CD

 

 

QUESTION 30  (Topic 1)

 

Which two options allow proper configuration of NAT-dst? (Choose two.)

 

A.

A static route to the appropriate subnet using a private interface as the outbound interface

B.

The default address book entry of “any” in the internal zone

C.

The default address book entry of “any” in the external zone

D.

An address book entry for the address to be translated in the internal zone

 

Answer: AD

 

Free VCE & PDF File for Juniper JN0-522 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-522 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.