[Free] Download New Latest (November) Juniper JN0-531 Actual Tests Topic 0 part 01

Ensurepass

QUESTION 1  (Topic 0)

 

When enabling RIP over a hub and spoke VPN, what must you configure on the hub device tunnel interface to allow spokes to receive routing updates?

 

A.

point to multipoint

B.

disable split-horizon

C.

enable demand circuit

D.

enable passive interface

 

Answer: B

 

 

QUESTION 2  (Topic 0)

 

Click the Exhibit button.

 

In the exhibit, the hub and spoke VPN uses route-based VPNs and has intra-zone blocking enabled on the Evil zone.

 

What is the minimum number of policy rules required to establish full, bi-directional communications between all locations?

 

clip_image002

 

A.

3

B.

4

C.

6

D.

7

 

Answer: D

 

 

 

 

 

QUESTION 3  (Topic 0)

 

You have entered the command

 

set ffilter src-ip 1.1.7.250 dst-ip 10.1.10.5 ip-prot 6

 

What will be the resulting output in the debug for which this was created?

 

A.

If the packet has a src-ip of 1.1.7.250 or a dst-ip of 10.1.10.5 or has TCP as its protocol then it will be captured

B.

If the packet has a src-ip of 1.1.7.250 or a dst-ip of 10.1.10.5 or has UDP as its protocol then it will be captured

C.

If the packet has a src-ip of 1.1.7.250 and a dst-ip of 10.1.10.5 and has TCP as its protocol then it will be captured

D.

If the packet has a src-ip of 1.1.7.250 and a dst-ip of 10.1.10.5 and has UDP as its protocol then it will be captured

 

Answer: C

 

 

QUESTION 4  (Topic 0)

 

Which three OSPF parameters are interface parameters? (Choose three.)

 

A.

cost

B.

priority

C.

neighbor list

D.

summarization

E.

advertise default route

 

Answer: ABC

 

 

QUESTION 5  (Topic 0)

 

You create a policy-based VPN, and select an address group for the source address. What will be the source component of the proxy-id seen by the remote security gateway?

 

A.

the default 0.0.0.0/0

B.

the last member of the address group

C.

the first member of the address group

D.

the subnet that contains all addresses in the address group

 

 

 

 

 

Answer: A

 

 

QUESTION 6  (Topic 0)

 

Click the Exhibit button.

 

In the exhibit, which two must you configure on the SSG 550 to successfully establish a VPN?

 

clip_image004

 

A.

default route

B.

local-id of 1.1.2.5

C.

peer-id of 1.1.1.10

D.

tunnel interface associated with VLAN1

 

Answer: AC

 

 

QUESTION 7  (Topic 0)

 

A VPN tunnel uses certificates for site-to-site authentication. Phase 1 is failing when the receiving device attempts to validate the received certificate. What would be causing this problem?

 

A.

The device certificate has been revoked.

B.

The CA certificate does not include the device certificate.

C.

The device certificate has a CDP extension, making it invalid.

D.

The device certificate was generated before the CRL was downloaded, so it cannot be validated.

 

Answer: A

 

 

QUESTION 8  (Topic 0)

 

 

 

 

What are the three building blocks to create a PBR policy? (Choose three.)

 

A.

action groups

B.

match groups

C.

session groups

D.

extended access lists

E.

extended access groups

 

Answer: ABD

 

 

QUESTION 9  (Topic 0)

 

Which two methods can the ScreenOS device use to assign traffic to a VSYS? (Choose two.)

 

A.

IP-based classification

B.

policy-based classification

C.

interface-based classification

D.

VLAN tag-based classification

 

Answer: AC

 

 

QUESTION 10  (Topic 0)

 

Click the Exhibit button.

 

In the exhibit, you need to configure BGP between devices A and C in AS 65200.

 

Which configuration, if any, will be required only on device B?

 

 

 

 

 

clip_image006

 

A.

No configuration is required on device B.

B.

You need to configure IBGP, defining devices A and C as BGP peers.

C.

You need to enable OSPF and redistribute BGP routes on devices A and

C.

D.

You need to configure a policy permitting BGP traffic between device A and device C.

 

Answer: D

 

Free VCE & PDF File for Juniper JN0-531 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-531 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.