[Free] Download New Latest (November) Juniper JN0-570 Actual Tests Topic 0 part 02

Ensurepass

QUESTION 11  (Topic 0)

 

Which statement about PKI is true?

 

A.

PKI uses digital certificates to bind public keys to an entity.

B.

PKI negotiates a secured connection between a client and a server.

C.

PKI requires the use of a certificate authority and registration authority.

D.

PKI specifies the use of a negotiated shared key.

 

Answer: A

 

 

QUESTION 12  (Topic 0)

 

 

 

 

Which statement about CRLs is true?

 

A.

CRLs are distributed automatically by the CA.

B.

CDP can be used to automatically validate a CRL.

C.

The base CRL contains only a subset of the certificates issued by a given CA.

D.

CRLs contain the serial number, revocation date, and reason code for withdrawn certificates.

 

Answer: D

 

 

QUESTION 13  (Topic 0)

 

Which two statements about OCSP are true? (Choose two.)

 

A.

The IVE device is an OCSP client.

B.

OCSP requires the configuration of a CDP server.

C.

OCSP requires the use of SSL to secure certificate validation.

D.

OCSP provides real-time certificate verification.

 

Answer: AD

 

 

QUESTION 14  (Topic 0)

 

Which two statements about certificate-based user authentication are true? (Choose two.)

 

A.

Certificate-based user authentication requires the use of OCSP.

B.

Certificate attributes can be used to assign users to roles.

C.

Certificate attributes can be used to determine the correct sign-in page.

D.

Certificate-based user authentication may not require user input during the authentication exchange.

 

Answer: BD

 

 

QUESTION 15  (Topic 0)

 

You are the owner of a small ISP and you would like to lease IVE device access to several of your customers. You own only one SA 6000. What are two reasons to create an IVS for each subscriber? (Choose two.)

 

A.

All VS admins can create their own roles and realms that are separate from the other

 

 

 

 

virtual systems.

B.

All VS admins can troubleshoot their virtual system using tools such as TCP dump and traceroute.

C.

All VS admins can upgrade their virtual system without affecting the other virtual systems on the device.

D.

All VS admins can be virtually separated using virtual IP addresses and VLAN tagging.

 

Answer: AD

 

 

QUESTION 16  (Topic 0)

 

Which two are valid regarding the deployment of an active/active cluster? (Choose two.)

 

A.

It allows you to keep configurations synchronized.

B.

An external load balancing system is required.

C.

It can be used to scale the total number of licensed users.

D.

A virtual IP address must be configured on only one device.

 

Answer: AB

 

 

QUESTION 17  (Topic 0)

 

Which statement is true about sign-in URLs?

 

A.

With an advanced license, you can direct users to a specific sign-in URL based on the realm that users select.

B.

With a baseline license, you can create multiple sign-in URLs, but users must all use the same sign-in page.

C.

With an advanced license, you can define multiple URLs, each with different authentication realms, but all of the URLs must be extensions of the base path (*/).

D.

With an advanced license, you can define URLs that are not in the default path, but you must order those URLs above the default path URL.

 

Answer: D

 

 

QUESTION 18  (Topic 0)

 

You have configured your IVE device to use OCSP for certificate validation. Which statement is true?

 

 

 

 

 

A.

The IVE device will download the CRL from the OCSP server.

B.

The IVE device will periodically check user certificates with the OCSP server.

C.

The IVE device will use OCSP to download and validate the CA certificate.

D.

The IVE device will validate certificates with the OCSP server on an on-demand basis.

 

Answer: D

 

 

QUESTION 19  (Topic 0)

 

How can a user obtain an eTrust SiteMinder SMSESSION cookie?

 

A.

The administrator can import cookies into the IVE.

B.

The IVE can grab the cookie from the user’s browser.

C.

The IVE can provide the cookie.

D.

The user can input the cookie manually.

 

Answer: C

 

 

QUESTION 20  (Topic 0)

 

What is a factory predefined format in the IVE logging system?

 

A.

tab delimited

B.

CSV

C.

Webtrends Enhanced Log Format

D.

World Wide Consortium of the Web

 

Answer: C

 

Free VCE & PDF File for Juniper JN0-570 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-570 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.