[Free] Download New Latest (November) Juniper JN0-531 Actual Tests Topic 1 part 03

Ensurepass

QUESTION 93  (Topic 1)

 

Which three ways can a ScreenOS device be administered by a direct secure connection using default ports? (Choose three.)

 

A.

Console

B.

TCP port 22

C.

TCP port 23

D.

TCP port 80

E.

TCP port 443

 

Answer: ABE

 

 

QUESTION 94  (Topic 1)

 

Review the exhibit.

 

Which two of the following elements must be configured on the ScreenOS device in order to support PIM-SM? (Choose two)

 

clip_image002

 

A.

A multicast control policy

B.

A bootstrap router process

C.

A unicast routing protocol

D.

A static RP

 

Answer: AC

 

 

 

 

 

QUESTION 95  (Topic 1)

 

Click the Exhibit button.

 

In the exhibit, you need to provide communication from the hosts connected to the SSG 5 to the servers connected to the SSG 550 using a VPN, but the sites use the same RFC1918 address space.

 

Which three configuration elements will allow this communication? (Choose three.)

 

clip_image004

 

A.

Configure a DIP on e0/0 on the SSG 5.

B.

Configure a policy from trust to untrust on the SSG 5.

C.

Configure a DIP on the tunnel interface on the SSG 5.

D.

Configure a policy from trust to untrust on the SSG 550 using a MIP.

E.

Configure a policy from untrust to trust on the SSG 550 using a MIP.

 

Answer: BCE

 

 

QUESTION 96  (Topic 1)

 

Click the Exhibit button.

 

Using the ScreenOS CLI output in the exhibit, which statement can be confirmed?

 

clip_image006

 

 

 

 

 

A.

There have been 3,583 unique hosts that have exceeded the source IP address session limit.

B.

There have been 3,583 packets from hosts that have exceeded the source IP address session limit.

C.

There have been 3,583 session limits configured for source IP addresses on this ScreenOS device.

D.

There have been 3,583 violations of the source IP address license limitations on this ScreenOS device.

 

Answer: B

 

 

QUESTION 97  (Topic 1)

 

Which two item pairs are exchanged during Phase 2 negotiations? (Choose two.)

 

A.

proxy-id, SA proposal list

B.

IKE cookie, SA proposal list

C.

hash [ID + Key], DH key exchange

D.

SA proposal list, optional DH key exchange

 

Answer: AD

 

 

QUESTION 98  (Topic 1)

 

You want to deploy Equal Cost Multipath (ECMP) on your ScreenOS device. Which three parameters must match in order for routing paths to be considered equal? (Choose three)

 

A.

protocol

B.

preference

C.

cost

D.

metric

E.

outbound zone

 

Answer: BDE

 

 

QUESTION 99  (Topic 1)

 

Which ScreenOS CLI command would be used for copying routes in the untrust-vr to OSPF in the trust-vr?

 

 

 

 

 

A.

set vrouter trust-vr ospf export vrouter untrust-vr address to-trust

B.

set vrouter untrust-vr export list to-trust vrouter trust-vr protocol ospf

C.

set vrouter untrust-vr export-to vrouter trust-vr route-map to-trust protocol ospf

D.

set vrouter trust-vr protocol ospf import-from vrouter untrust-vr distribute-list to-trust

 

Answer: C

 

 

QUESTION 100  (Topic 1)

 

Which three statements are true regarding IKE Phase 1? (Choose three.)

 

A.

Placing the SA proposal list in message 1 is an option.

B.

The digital certificate is used to decrypt the session key.

C.

The DH key exchange is used to validate the session key.

D.

The DH key exchange and digital certificates are both optional.

E.

The proxy-id is used to determine which SA is referenced for the VPN.

 

Answer: ABC

 

 

QUESTION 101  (Topic 1)

 

You have configured set nsrp vsd-group master-always-exist on your ScreenOS device.

What does this do?

 

A.

The NSRP protocol will not initialize without a master.

B.

This device will always be master in the NSRP cluster.

C.

There will always be a master device in the NSRP cluster.

D.

The vsd-group will always be homed to the master in the NSRP cluster.

 

Answer: C

 

 

QUESTION 102  (Topic 1)

 

Click the Exhibit button.

 

In the exhibit, what is the source IP address of the multicast traffic?

 

 

 

 

 

clip_image008

 

A.

236.1.1.1

B.

10.10.10.1

C.

20.20.20.10

D.

20.20.20.200

 

Answer: B

 

Free VCE & PDF File for Juniper JN0-531 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-531 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.