[Free] Download New Latest (November) Juniper JN0-531 Actual Tests Topic 1 part 04

Ensurepass

QUESTION 103  (Topic 1)

 

What are two methods of implementing external antivirus scanning on ScreenOS devices? (Choose two.)

 

A.

Policy-Based Routing

B.

IP-Based Traffic Classification

C.

VLAN-Based Traffic Classification

D.

Internet Content Adaptation Protocol

 

Answer: AD

 

 

QUESTION 104  (Topic 1)

 

You want to create a subinterface in VSYS

 

A.

Which two actions are required? (Choose two.)

 

 

A.Import the subinterface.

B.

Login as root level admin.

C.

Login as a VSYS level admin.

 

 

 

 

D.

Create the subinterface at the root VSYS.

E.

Create the subinterface at the VSYS level.

 

Answer: BE

 

 

QUESTION 105  (Topic 1)

 

Click the Exhibit button.

 

In the exhibit, the firewall administrator at the Storefront is complaining that when the communication to the DataCenter1 fails, the preexisting transfers and applications are dropped when the traffic is switched to DataCenter2.

 

Which statement explains this behavior?

 

clip_image002

 

A.

SYN checking is enabled in the tunnel.

B.

The weight value for the DataCenter2 is too high.

C.

VPN monitor is misconfigured in the DataCenter2.

D.

Phase 1 and Phase 2 negotiations to DataCenter2 did not occur on time.

 

Answer: A

 

 

QUESTION 106  (Topic 1)

 

You have implemented a hub and spoke VPN. On the hub, there are two tunnel interfaces, one to each spoke. Both tunnel interfaces are in the same zone. Which two configuration options will control traffic between the spokes? (Choose two.)

 

A.

Configure the common zone to block inter-zone traffic.

B.

Configure the common zone to block intra-zone traffic.

C.

Configure each tunnel interface to block intra-zone traffic.

 

 

 

 

D.

Configure one of the tunnel interfaces in a different zone and a set of policies.

 

Answer: BD

 

 

QUESTION 107  (Topic 1)

 

Click the Exhibit button.

&
nbsp;

In the exhibit, what are two explanations for the output shown? (Choose two.)

 

clip_image004

 

A.

The nsp card needs reseating.

B.

The routing protocol is in holddown.

C.

The next hop device is failing to respond.

D.

The routing table requires reconfiguration.

 

Answer: CD

 

 

QUESTION 108  (Topic 1)

 

Which policy action is needed to add deep inspection to a policy?

 

A.

reject

B.

detect

C.

permit

 

 

 

 

D.

inspect

 

Answer: C

 

 

QUESTION 109  (Topic 1)

 

You have taken your backup ScreenOS device out of production for some maintenance. The device is brought back online and rejoins the NSRP cluster. You determine that the two devices are out of sync. Which command will sync the devices and on which device should it be run?

 

A.

set nsrp sync global-config save run on the Master

B.

set nsrp sync global-config save run on the Backup

C.

exec nsrp sync global-config save run on the Master

D.

exec nsrp sync global-config save run on the Backup

 

Answer: D

 

 

QUESTION 110  (Topic 1)

 

You have entered the following OSPF configuration:

 

set vrouter trust-vr protocol ospf

 

set vrouter trust-vr protocol ospf area 10

 

set interface e0/0 protocol ospf area 10

 

set interface e0/0 protocol ospf enable

 

set interface e0/1 protocol ospf area 10

 

set interface e0/1 protocol ospf enable

 

OSPF is not working. What is missing from your configuration?

 

A.

You have not assigned any interfaces to area 0.

B.

You have not enabled OSPF on the virtual router.

C.

You have not set the costs on the OSPF interfaces.

D.

You have not configured OSPF neighbors on the interfaces.

 

Answer: B

 

 

 

 

 

QUESTION 111  (Topic 1)

 

Which command shows the filter applied to snoop captures?

 

A.

get snoop

B.

snoop info

C.

get ffilter

D.

get ffilter ip-proto snoop

 

Answer: B

 

 

QUESTION 112  (Topic 1)

 

You have created a NAT-src policy that runs between the Private zone and the Public zone. When looking at a session in debug output, the translated address is not what you expected. What are two explanations? (Choose two.)

 

A.

A VIP defined on the egress interface is overriding your NAT.

B.

A MIP defined on the egress interface is overriding your NAT.

C.

Your source IP address is outside the range of your IP shift pool.

D.

The source interface is in NAT mode overriding your NAT-src policy.

 

Answer: BC

 

Free VCE & PDF File for Juniper JN0-531 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-531 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.