[Free] Download New Latest (November) Juniper JN0-522 Actual Tests Topic 2, Volume B part 03

Ensurepass

QUESTION 95  (Topic 2)

 

What is the maximum number of custom proposals sent by a ScreenOS device when

 

 

 

 

negotiating IKE Phase 1 or Phase 2?

 

A.

6

B.

4

C.

2

D.

3

 

Answer: B

 

 

QUESTION 96  (Topic 2)

 

Which three steps are necessary to configure WebAuth authentication? (Choose three.)

 

A.

Create a user database.

B.

Configure a WebAuth address.

C.

Configure a manage-ip address.

D.

Configure an authentication policy.

E.

Configure a policy permitting port 80 or 443.

 

Answer: ABD

 

 

QUESTION 97  (Topic 2)

 

What needs to be configured in Phase 2 of a route-based VPN that does not need to be configured in a policy-based VPN?

 

A.

Tunnel-binding

B.

Proxy-id

C.

Custom proposals

D.

Transport mode

 

Answer: A

 

 

QUESTION 98  (Topic 2)

 

You have created your tunnel interface in the untrust zone. Traffic from the trust zone is able to

 

 

 

 

enter the tunnel and pass to the destination. However traffic from a different interface in the

 

untrust zone is not able to pass traffic through the tunnel. You are using a single virtual router.

 

What is causing this problem?

 

A.


Two virtual routers need to be configured.

B.

A policy is needed since intra-zone blocking is on by default in the untrust zone.

C.

The tunnel is configured with a proxy id that does not include the address from the untrust

interface.

D.

The routing tables are not correctly configured to allow the traffic from the untrust source to bedelivered to the destination.

 

Answer: B

 

 

QUESTION 99  (Topic 2)

 

What is the maximum number of custom proposals sent by a ScreenOS device when negotiating IKE Phase 1 or Phase 2?

 

A.

6

B.

2

C.

3

D.

4

 

Answer: D

 

 

QUESTION 100  (Topic 2)

 

Which type of NAT is performed when you implement interface-based NAT?

 

A.

So
urce IP address translation

B.

Source IP and Port address translation

C.

Destination IP address translation

D.

Destination IP and Port address translation

 

Answer: B

 

 

 

 

 

QUESTION 101  (Topic 2)

 

What is required to support policy-based NAT when using route-based VPNs?

 

A.

Tunnel interface must have a custom zone assigned

B.

Tunnel interface must have an IP address

C.

Policy defined for VPN traffic

D.

Tunnel interface must be unnumbered

 

Answer: B

 

 

QUESTION 102  (Topic 2)

 

In the command, save config from tftp 1.1.7.250 abcde.cfg merge, which function does the merge parameter specify?

 

A.

The config file from the TFTP server will replace the configuration in RAM

B.

The config file from the TFTP server will replace the startup configuration file in internal flash

C.

The merge parameter is not valid for TFTP files, it is only valid for configuration files stored in internal flash

D.

The config file the TFTP server will be combined with the configuration file in RAM and the combined result will be saved in internal flash

 

Answer: D

 

 

QUESTION 103  (Topic 2)

 

When a firewall receives the first packet in a series, what will it immediately do?

 

A.

Check its route table.

B.

Check its session table.

C.

Determine if traffic is crossing zones.

D.

Verify that it is not malformed or a fragment.

 

Answer: D

 

 

 

 

 

QUESTION 104  (Topic 2)

 

Which three must a policy contain? (Choose three.)

 

A.

Application

B.

Policy name

C.

Action

D.

Address

E.

Service

 

Answer: CDE

 

Free VCE & PDF File for Juniper JN0-522 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-522 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.