[Free] Download New Latest (November) Juniper JN0-533 Actual Tests 11-20

Ensurepass

QUESTION 11

Click the Exhibit button.

 

clip_image002

 

In the exhibit, you have configured the MIP address 1.1.8.64 on a ScreenOS device.

 

Which statement is correct?

 

A.

It performs one-to-one address translation and maps 1.1.8.64 to 10.1.10.64.

B.

It performs one-to-many address translation and maps 1.1.8.64 to a range from

Q1

1.10.64 to 10.1.10.71.

 

 

A.It performs range address translation and maps 1.1.8.64 to 10.1.10.64, 1.1.8.65 to Guaranteed success with TestInsides practice guides 5

 

 

 

 

 

Answer:

Q2

1.10.65, etc..

 

 

A.It performs address translation using a random IP address from the pool for

 

Answer:

 

Q3

1.10.64/29.

 

Answer: C

 

 

QUESTION 12

A routing table contains an IBGP route for 192.168.0.0/24, a RIP route for 192.168.0.0/23, an OSPF route for 192.168.0.0/22, and a static route for 192.168.0.0/16.

 

When the router receives traffic destined for 192.168.0.1, which route will the router use?

 

A.

the IBGP route

B.

the OSPF route

C.

the RIP route

D.

the static route

 

Answer: A

 

 

QUESTION 13

You are configuring a VPN with IKE between headquarters and a branch office that uses a dynamic public IP address. Which IKE mode should you use?

 

A.

quick mode

B.

main mode

C.

aggressive mode

D.

wizard mode

 

Answer: C

 

 

QUESTION 14

What are two advantages for using the count parameter on a security policy? (Choose two.)

 

 

 

 

 

A.

to see any NAT traffic drops for that policy

B.

to see how many times users log in to the ScreenOS device

C.

to count the total number of bytes of traffic for that policy

D.

to see if the policy is temporarily not being used

 

Answer: CD

 

 

QUESTION 15

Click the Exhibit button.

 

clip_image004

 

Which two statements are true about the default route configuration based on the output shown in the exhibit? (Choose two.)

 

A.

A default route is configured in the trust-vr with a next-hop IP address of 1.1.1.1.

B.

A default route is configured in the trust-vr with a next hop of ethernet3/1.

C.

A default route is configured in the trust-vr with a next hop of the untrust-vr.

D.

A default route is configured in the untrust-vr with a next-hop IP address of 1.1.1.1.

 

Answer: CD

 

 

QUESTION 16

You are using interface-based NAT for traffic passing from the trust zone to the untrust zone.

 

What will occur?

 

A.

The source IP address is not translated.

B.

The source IP address is translated to the trust interface IP address.

C.

The network address and port translation (NAPT) is performed on the loopback interface.

D.

The source IP address is translated to the untrust interface IP address.

 

 

 

 

 

Answer: D

 

 

QUESTION 17

You have just installed a new ScreenOS device in your network and you want only a select range of IP addresses to have administrative access to the device.

 

Which choice will allow you to accomplish this?

 

A.

Configure a manager IP.

B.

Configure the management interface.

C.

Configure a management IP on the trust interface.

D.

Configure new system administrators.

 

Answer: A

 

 

QUESTION 18

You have two interfaces in ZoneA and traffic is passing without any policy configured. You want to control the traffic between the two interfaces.

 

Which two actions will allow this to happen? (Choose two.)

 

A.

Configure interzone blocking on ZoneA and create a policy in that zone to control the traffic.

B.

Configure intrazone blocking on ZoneA and create a policy in that zone to control the traffic.

C.

Move one of the interfaces to a different zone and create an interzone policy to control the traffic.

D.

Move one of the interfaces to a different zone and create an intrazone policy to control the traffic.

 

Answer: BC

 

 

QUESTION 19

You have created a site-to-site IPsec VPN between two devices. You want to keep the tunnel up at all times, even when no user traffic is using it.Which two configuration

 

 

 

 

additions will accomplish this goal? (Choose two.)

 

A.

set vpn “RemoteVPN” monitor source-interface ethernet0/1 destination-ip

B.

set vpn “RemoteVPN” monitor source-interface ethernet0/1 destination-ip rekey

C.

set vpn “RemoteVPN” monitor source-interface ethernet0/1 destination-ip keepalive

D.

set vpn “RemoteVPN” monitor source-interface ethernet0/1 destination-ip rekey optimized

 

Answer: BD

 

 

QUESTION 20

Click the Exhibit button.

 

clip_image006

 

Given the policy and address information for the three hosts shown in the exhibit, which two statements are correct? (Choose two.)

 

A.

HTTP traffic from HostC to HostA will be silently discarded.

B.

HTTP traffic from HostC to HostA will result in a RST sent to HostC.

C.

HTTP traffic from HostA to HostB will be allowed.

D.

HTTP traffic from HostA to HostB will be rejected.

 

Answer: BC

 

Free VCE & PDF File for Juniper JN0-533 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-533 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.