[Free] Download New Updated (February 2016) Juniper JN0-331 Practice Tests 81-90

Ensurepass

QUESTION 81

Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH? (Choose three.)

 

A.

data integrity

B.

data confidentiality

C.

data authentication

D.

outer IP header confidentiality

E.

outer IP header authentication

 

Correct Answer: ACE

 

 

QUESTION 82

Which two statements regarding asymmetric key encryption are true? (Choose two.)

 

A.

The same key is used for encryption and decryption.

B.

It is commonly used to create digital certificate signatures.

C.

It uses two keys: one for encryption and a different key for decryption.

D.

An attacker can decrypt data if the attacker captures the key used for encryption.

 

Correct Answer: AB

 

 

< b>QUESTION 83

Which two statements about the Diffie-Hellman (DH) key exchange process are correct? (Choose two.)

 

A.

In the DH key exchange process, the session key is never passed across the network.

B.

In the DH key exchange process, the public and private keys are mathematically related using the DH algorithm.

C.

In the DH key exchange process, the session key is passed across the network to the peer for confirmation.

D.

In the DH key exchange process, the public and private keys are not mathematically related, ensuring higher security.

 

Correct Answer: AB

 

 

QUESTION 84


Which two statements about the Diffie-Hellman (DH) key exchange process are correct? (Choose two.)

 

A.

In the DH key exchange process, the public key values are exchanged across the network.

B.

In the DH key exchange process, the private key values are exchanged across the network.

C.

In the DH key exchange process, each device creates unique public and private keys that are mathematically related by the DH algorithm.

D.

In the DH key exchange process, each device creates a common public and a unique private key that are mathematically related by the DH algorithm.

 

Correct Answer: AB

 

 

QUESTION 85

Which three parameters are configured in the IKE policy? (Choose three.)

 

A.

mode

B.

preshared key

C.

external interface

D.

security proposals

E.

dead peer detection settings

 

Correct Answer: ABD

 

 

QUESTION 86

Which two parameters are configured in IPsec policy? (Choose two.)

 

A.

mode

B.

IKE gateway

C.

security proposal

D.

Perfect Forward Secrecy

 

Correct Answer: CD

 

 

QUESTION 87

Regarding an IPsec security association (SA), which two statements are true? (Choose two.)

 

A.

IKE SA is bidirectional.

B.

IPsec SA is bidirectional.

C.

IKE SA is established during phase 2 negotiations.

D.

IPsec SA is established during phase 2 negotiations.

 

Correct Answer: AC

 

 

QUESTION 88

Which operational mode command displays all active IPsec phase 2 security associations?

 

A.

show ike security-associations

B.

show ipsec security-associations

C.

show security ike security-associations

D.

show security ipsec security-associations

 

Correct Answer: D

 

 

QUESTION 89

Two VPN peers are negotiating IKE phase 1 using main mode. Which message pair in the negotiation contains the phase 1 proposal for the peers?

 

A.

message 1 and 2

B.

message 3 and 4

C.

message 5 and 6

D.

message 7 and 8

 

Correct Answer: A

 

 

QUESTION 90

Which attribute is required for all IKE phase 2 negotiations?

 

A.

proxy-ID

B.

preshared key

C.

Diffie-Hellman group key

D.

main or aggressive mode

 

Correct Answer: A

 

Free VCE & PDF File for Juniper JN0-331 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized and tagged , , , , , , , . Bookmark the permalink.