[Free] Download New Latest (November) Juniper JN0-532 Actual Tests 51-60

Ensurepass

QUESTION 51

You want to create a subinterface in VSYS

 

A.

Which two actions are required? (Choose two.)

 

 

A.Import the subinterface.

B.

Login as root level admin.

C.

Login as a VSYS level admin.

D.

Create the subinterface at the root VSYS.

E.

Create the subinterface at the VSYS level.

 

Answer: BE

 

 

QUESTION 52

Review the exhibit.

 

clip_image002

 

You’ve been asked to build a route-based hub and spoke network, with policy control for traffic travelling from spoke to spoke. Which two of the following configuration options will meet this requirement? (Choose two.)

 

A.

Place the spoke tunnel interfaces in the trust zone and create policies on the spokes.

B.

Place the spoke tunnel interfaces in the untrust zone and create policies on the spokes.

C.

Create a single tunnel interface in the trust zone at the hub and enable intra-zone

 

 

 

 

blocking.

D.

Create separate tunnel interfaces at the hub and place them in different zones, then create policies at the hub.

 

Answer: BD

 

 

QUESTION 53

You have created a VPN to a dynamic peer.

 

Which two configured parameters must match? (Choose two.)

 

A.

static side peer-id

B.

dynamic side local-id

C.

static side IP address

D.

dynamic side IP address

 

Answer: AB

 

 

QUESTION 54 – Exhibit —

 – Exhibit —

 

Click the Exhibit button.

 

In the exhibit, you want to enable route summarization for area 10 and advertise only the summary route.

 

Which command will accomplish this?

 

A.

Set vrouter trust-vr protocol ospf summary-range 10.50.1.0/20

B.

Set vrouter trust-vr protocol ospf area 10 range 10.50.1.0/20 advertise

C.

Set interface e0/3 protocol ospf area 10 range 10.50.1.0/20 no-advertise

D.

Set vrouter trust-vr protocol ospf area 10 range 10.50.1.0/20 no-advertise

 

Answer: B

 

 

 

 

 

QUESTION 55

You suspect you are having encryption problems with an IKE VPN.

 

Which two commands would help you determine if it is an encryption issue? (Choose two.)

 

A.

get counter screen <zone>

B.

get counter flow interface <name>

C.

get counter policy <policy number>

D.

get counter statistics interface <name>

 

Answer: BD

 

 

QUESTION 56

Click the Exhibit button.

 

clip_image004

 

You have configured your device with a tunnel interface in the untrust zone, and your protected resources in the trust zone. The remote gateway is defined using an FQDN. The tunnel went down and has not reestablished.

 

Based on the exhibit, what are two reasons why the tunnel is failing to reestablish? (Choose two.)

 

A.

The policy used by this VPN was deleted.

B.

The Phase 1 preshared key was modified in one of the devices.

C.

One of the devices was modified so that the peer ID and local ID no longer match.

D.

The IP address of the remote peer changed and your DNS table has not updated with the new address.

 

Answer: BD

 

 

 

 

 

QUESTION 57

Which two statements are correct when manage-ip and manager-ip settings are configured properly? (Choose two.)

 

A.

manager-ip is configured for each zone.

B.

manage-ip limits who can manage a ScreenOS device.

C.

manager-ip limits who can manage a ScreenOS device.

D.

manage-ip is never published nor used as a source address.

E.

manage-ip changes the address used for packets sourced by the device.

 

Answer: CD

 

 

QUESTION 58

If you configure 5 Mbps of guaranteed bandwidth for a policy, and you have 10 sessions created for that policy, how much bandwidth is reserved for each session?

 

A.

5 Mbps

B.

.5 Mbps

C.

50 Mbps

D.

10 Mbps

 

Answer: A

 

 

QUESTION 59

Click the Exhibit button.

 

 

 

 

 

clip_image006

 

In the exhibit, what can be determined using the ScreenOS CLI output?

 

A.

This firewall is in an NSRP-lite pair.

B.

This firewall is in an Active/Active NSRP pair.

C.

This firewall is isolated from its NSRP partner.

D.

This firewall is in an Active/Passive NSRP pair.

 

Answer: D

 

 

QUESTION 60

Which command shows the filter applied to snoop captures?

 

A.

get snoop

B.

snoop info

C.

get ffilter

D.

get ffilter ip-proto snoop

 

Answer: B

 

Free VCE & PDF File for Juniper JN0-532 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-532 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.