[Free] Download New Latest (November) Juniper JN0-522 Actual Tests Topic 2, Volume B part 05

Ensurepass

QUESTION 115  (Topic 2)

 

You are trying to remove an address book entry by going to the Objects > Addresses > List

 

display of the WebUI, but you cannot find the remove option. What would cause this problem?

 

A.

An address book entry can only be deleted from the command line interface. You will need to

use the CLI to delete it.

B.

The address book entry is misconfigured. You need to correct the address book entry before it

will allow you to delete it.

C.

You cannot remove an address book entry from this screen. You need to use the delete option

found under the management options screen.

D.

The address book entry is being used by a policy. You must delete the policy or remove the

address book entry from the policy before it can be deleted.

 

Answer: D

 

 

QUESTION 116  (Topic 2)

 

Which statement is correct regarding administrator privileges?

 

A.

Administrator privileges can be established and changed by the root and all-privilege administrator

 

 

 

 

B.

Administrator privileges can only be established and changed by the root administrator

C.

Any administrator can change their privileges on an as-needed basis

D.

Administrator privileges can only be established by the root and can be changed by the root and all-privilege administrator

 

Answer: B

 

 

QUESTION 117  (Topic 2)

 

Your security policy requires you to block DNS zone transfers (TCP port 53) while permitting DNS queries (UDP port 53). Which step must you complete before creating the policy?

 

A.

Modify the predefined DNS service to remove TCP port 53.

B.

Modify the predefined DNS application to remove TCP port 53.

C.

Create a custom service using UDP port 53 as the source port.

D.

Create a custom service using TCP port 53 as the destination port.

 

Answer: D

 

 

QUESTION 118  (Topic 2)

 

When configuring a firewall in a critical environment where a local backup configuration is quickly needed, what should be completed on a periodic basis?

 

A.

Execute exec config rollback

B.

Execute save config to last-known-good

C.

Execute save regularly or create a script that does this

D.

Execute save software from flash to cpmcia <filename>

 

Answer: B

 

 

QUESTION 119  (Topic 2)

 

Which command is used to avoid IP fragmentation when configuration IPSec on a ScreenOS device?

 

 

 

 

 

A.

Set tcp-mss flow

B.

Set flow

C.

Set mss-flow size

D.

Set flow tcp-mss

 

Answer: D

 

 

QUESTION 120  (Topic 2)

 

Which ScreenOS WebUI button allows multi-cell policy creation?

 

A.

Cells

B.

Group

C.

Multicell

D.

Multiple

 

Answer: D

 

 

QUESTION 121  (Topic 2)

 

Your server at 10.1.2.50 is behind the ScreenOS device. You want to allow access to users from the Internet, but not allow the server to initiate sessions. The interface connected to the network is on a /30 subnet and is in the “Internet” zone. Your ISP has provided you with another /30 public subnet you can use for NAT. Which form of NAT would you use?

 

A.

VIP

B.

MIP

C.

NAT-dst

D.

NAT-src

 

Answer: C

 

 

QUESTION 122  (Topic 2)

 

Your VPN is failing during Phase 2 negotiation, and you are the initiator. You check your local

 

event log and see IPSec messages but no failures. What is the next logical troubleshooting

 

 

 

 

step?

 

A.

View the event log of the responding gateway.

B.

Configure the peer-id on your local IKE gateway.

C.

Double check routing reacheability to the remote network.

D.

Turn on logging in the policy and check the event logs again.

 

Answer: A

 

 

QUESTION 123  (Topic 2)

 

Which three commands are used to verify that routing is correctly configured? (Choose three.)

 

A.

Get session

B.

Trace-route

C.

Get interface

D.

Get route

E.

Ping

 

Answer: BDE

 

 

QUESTION 124  (Topic 2)

 

Which three must a policy contain? (Choose three.)

 

A.

Policy name

B.

Application

C.

Action

D.

Service

E.

Address

 

Answer: CDE

 

Free VCE & PDF File for Juniper JN0-522 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-522 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.