[Free] Download New Latest (November) Juniper JN0-533 Actual Tests 51-60

Ensurepass

QUESTION 51

Click the Exhibit button.

 

 

 

 

 

clip_image002

 

Given the output shown in the exhibit, which command would you use to view the number of attacks that have been blocked by the Screen options on the Untrust zone?

 

A.

ssg5-> get counter screen interface ethernet2/1

B.

ssg5-> get zone Untrust screen

C.

ssg5-> get counter screen zone Untrust

D.

ssg5-> get counter statistics interface ethernet2/1

 

Answer: C

 

 

QUESTION 52

You want to ensure that the ScreenOS device sends alert data to notify the security operation center.Which three log destinations would you set to accomplish your objective? (Choose three.)

 

A.

e-mail

B.

SNMP

C.

console

D.

internal

E.

syslog

 

Answer: ABE

 

 

QUESTION 53

What is a virtual system?

 

A.

a mechanism to logically partition a single ScreenOS device into multiple logical devices

 

 

 

 

B.

a collection of subnets and interfaces sharing identical security requirements

C.

a method of providing a secure connection across a network

D.

a tool to protect against DoS attacks

 

Answer: C

 

 

QUESTION 54

When you create a new virtual system, which zone is automatically created within the vsys- specific VR?

 

A.

trust zone

B.

untrust zone

C.

shared zone

D.

null zone

 

Answer: A

 

 

QUESTION 55

A ScreenOS device evaluates five primary elements when performing a security policy check on a new session.Which five elements are evaluated?

 

A.

source IP address, destination IP address, source route, source port, and destination port

B.

source IP address, destination IP address, source port, destination port, and protocol

C.

source IP address, destination IP address, source port, destination port, and payload

D.

destination IP address, source port, destination port, protocol, and payload

 

Answer: B

 

 

QUESTION 56

Which two statements are correct about internal antivirus scanning? (Choose two.)

 

A.

It includes a predefined file extension list for each protocol.

B.

It allows you to load-balance ICAP scan servers.

 

 

 

 

C.

It requires you to install a ScreenOS softwar
e license.

D.

It provides inbound spyware and phishing protection.

 

Answer: CD

 

 

QUESTION 57 – Exhibit —

 

ns5gt-> get int

 

Interfaces in vsys Root:

 

Name IP Address Zone MAC VLAN State VSD

 

eth1 192.168.1.1/24 Trust 0014.f693.edc2 – U –

 

eth2 2.2.2.2/30 Untrust 0014.f693.edc8 – U –

 

ns5gt-> get db stream

 

****** .0: <Trust/ethernet1> packet received [69]******

 

ipid = 22281(5709), @059ff214

 

packet passed sanity check.

 

flow_decap_vector IPv4 process

 

ethernet1:192.168.1.102/52380->4.2.2.2/53,17<Root>

 

no session found

 

flow_first_sanity_check: in <ethernet1>, out <N/A>

 

chose interface ethernet1 as incoming nat if.

 

flow_first_routing: in <ethernet1>, out <N/A>

 

search route to (ethernet1, 192.168.1.102->4.2.2.2) in vr trust-vr for vsd-0/flag-0/ifp-null

 

[ Dest] 7.route 4.2.2.2->2.2.2.1, to ethernet2

 

routed (x_dst_ip 4.2.2.2) from ethernet1 (ethernet1 in 0) to ethernet2

 

Permitted by policy 1

 

 

 

 

dip id = 2, 192.168.1.102/52380->2.2.2.2/2157

 

choose interface ethernet2 as outgoing phy if

 

no loop on ifp ethernet2.

 

routed (x_dst_ip 4.2.2.2) from ethernet1 (ethernet1 in 0) to ethernet2

 

policy search from zone 2-> zone 1

 – Exhibit —

 

Referring to the debug output shown in the exhibit, which NAT configuration is being used?

 

A.

MIP

B.

destination-based NAT

C.

source-based NAT

D.

VIP

 

Answer: C

 

 

QUESTION 58

You manage a ScreenOS device. A user complains that the FTP download speed is slow. You suspect a cable or an interface might be the problem.

 

Which command provides interface error information?

 

A.

show counter flow interface

B.

get counter
flow interface

C.

show counter statistics interface

D.

get counter statistics interface

 

Answer: D

 

 

QUESTION 59

Which two statements are true about redundant interfaces on a ScreenOS device? (Choose two.)

 

 

 

 

 

A.

With two interfaces in a redundant interface, only one link is primary at any given time.

B.

On high-end models with multi-ASIC cards, redundant Ethernet ports must be in the same ASIC group.

C.

With two interfaces in a redundant interface, both links pass traffic at the same time.

D.

On high-end models with multi-ASIC cards, redundant Ethernet ports can be used on different ASIC groups.

 

Answer: AB

 

 

QUESTION 60

You want to enable IPv6 on your ScreenOS device.

 

Which command should you use to accomplish this goal?

 

A.

set envar ipv6=enable

B.

set ipv6 enable

C.

set envar ipv6=yes

D.

set ipv6 yes

 

Answer: C

 

Free VCE & PDF File for Juniper JN0-533 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-533 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.