[Free] Download New Latest (November) Juniper JN0-531 Actual Tests Topic 0 part 02

Ensurepass

QUESTION 11  (Topic 0)

 

Click the Exhibit button.

 

In the exhibit, Phase 1 negotiation is failing.

 

Which two would be related to the problem? (Choose two.)

 

clip_image002

 

A.

Phase 1 proposal mismatch

B.

incorrect peer address set on initiator

C.

incorrect peer address set on receiver

D.

incorrect outgoing interface set on receiver

 

Answer: CD

 

 

 

 

 

QUESTION 12  (Topic 0)

 

You are creating a DIP pool of 30 addresses. You would like to see how addresses are being allocated to different traffic streams. Which command will you use to view this information?

 

A.

snoop

B.

get dip all

C.

get session

D.

get address xlate

 

Answer: C

 

 

QUESTION 13  (Topic 0)

 

Review the exhibit.

 

You’ve been asked to build a route-based hub and spoke network, with policy control for traffic travelling from spoke to spoke. Which two of the following configuration options will meet this requirement? (Choose two.)

 

clip_image004

 

A.

Place the spoke tunnel interfaces in the trust zone and create policies on the spokes.

B.

Place the spoke tunnel interfaces in the untrust zone and create policies on the spokes.

C.

Create a single tunnel interface in the trust zone at the hub and enable intra-zone blocking.

D.

Create separate tunnel interfaces at the hub and place them in different zones, then create policies at the hub.

 

Answer: BD

 

 

 

 

 

QUESTION 14  (Topic 0)

 

What is the maximum number of DSCP bits that can be configured for rewrite by a ScreenOS device?

 

A.

1

B.

3

C.

6

D.

8

 

Answer: C

 

 

QUESTION 15  (Topic 0)

 

Which three elements are required to configure route redistribution on a ScreenOS device? (Choose three.)

 

A.

a filter map

B.

a route map

C.

an export rule

D.

an access list

E.

a redistribution list

 

Answer: BCD

 

 

QUESTION 16  (Topic 0)

 

Click the Exhibit button.

 

Users are having difficulties reaching 10.1.1.25. You execute a get route command and find the results shown in the exhibit.

 

What can you determine from this routing table?

 

 

 

 

 

clip_image006

 

A.

The problem is probably at the next hop.

B.

A gateway must be assigned to ethernet0/1.

C.

The preference on route ID 2 must be configured to a higher value.

D.

The ethernet0/1 physical link may be down and needs troubleshooting.

 

Answer: D

 

 

QUESTION 17  (Topic 0)

 

Which two of the following statements regarding ScreenOS antivirus functionality are true? (Choose two.)

 

A.

ICAP-based external scanning requires an AV profile.

B.

External scanning requires a Trend Micro antivirus scanner.

C.

Embedded scanning can be based on file extension and content type.

D.

You can used policy-based routing to implement AV in a high-performance environment.

 

Answer: CD

 

 

QUESTION 18  (Topic 0)

 

You have configured NSRP Active/Passive using the default vsd-group. You are using OSPF to learn routes from adjacent network devices. Which configuration is required to ensure the dynamic routes are available on both the devices?

 

A.

Dynamic routes are RTO objects; no additional configuration is required.

B.

You have to unset nsrp vsd-group id 0 and configure OSPF on the local interfaces of the master device only.

 

 

 

 

C.

You have to configure OSPF on the VSI interfaces. All dynamic routes learned on the VSI will be synced to the backup.

D.

You have to unset nsrp vsd-group id 0 and set nsrp vsd-group id 1 for the VSI interface, then configure OSPF on the local interfaces on both the devices.

 

Answer: D

 

 

QUESTION 19  (Topic 0)

 

What must be configured differently for a route-based VPN and a policy-based VPN?

 

A.

proxy-id

B.

proposals

C.

remote gateway type

D.

binding the tunnel interface

 

Answer: D

 

 

QUESTION 20  (Topic 0)

 

Which statement is correct about the configuration of GRE?

 

A.

It can be enabled on any tunnel interface.

B.

It can provide simple encryption by enabling a key option.

C.

It can be enabled by going to the advanced AutoKey IKE options.

D.

It requires matching keep-alive settings on both sides of the tunnel.

 

Answer: A

 

Free VCE & PDF File for Juniper JN0-531 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-531 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.