Juniper JN0-533 Exam Questions & Answers 12/13/2013 ¢  B. Redundant interfaces bind to a security zone;

  • View
    1

  • Download
    0

Embed Size (px)

Text of Juniper JN0-533 Exam Questions & Answers 12/13/2013 ¢  B. Redundant interfaces bind to...

  • Juniper JN0-533 Exam Questions & Answers

    Number: JN0-533 Passing Score: 800 Time Limit: 120 min File Version: 45.6

    http://www.gratisexam.com/

    Juniper JN0-533 Exam Questions & Answers

    Exam Name: FWV, Specialist (JNCIS-FWV)

    For Full Set of Questions please visit: http://www.realtests.com/exam/JN0-533.htm

  • Exam A

  • Exam B

    QUESTION 1 Which ScreenOS security feature helps protect against port scans and denial of service attacks?

    A. session-based stateful firewall B. IPsec VPNs C. security policies D. Screen options

    Correct Answer: D Section: (none) Explanation

    Explanation/Reference:

    QUESTION 2 What is the initial default username and password for all ScreenOS devices?

    A. administrator/password B. root/password C. netscreen/netscreen D. admin/netscreen1

    Correct Answer: C Section: (none) Explanation

    Explanation/Reference:

    QUESTION 3 What is a virtual system?

    A. a mechanism to logically partition a single ScreenOS device into multiple logical devices B. a collection of subnets and interfaces sharing identical security requirements C. a method of providing a secure connection across a network D. a tool to protect against DoS attacks

    Correct Answer: A Section: (none) Explanation

    Explanation/Reference:

    QUESTION 4 What is a zone?

    A. a set of rules that controls traffic from a specified source to a specified destination using a specified service B. a collection of subnets and interfaces sharing identical security requirements C. a method of providing a secure connection across a network D. a tool to protect against DoS attacks

  • Correct Answer: B Section: (none) Explanation

    Explanation/Reference:

    QUESTION 5 What is the function of NAT?

    A. It performs Layer 3 routing. B. It evaluates and redirects matching traffic into secure tunnels. C. It provides translation between IP addresses. D. It performs Layer 2 switching.

    Correct Answer: C Section: (none) Explanation

    Explanation/Reference:

    QUESTION 6 On a ScreenOS device, which word appears at the beginning of configuration commands?

    A. set B. configure C. enable D. commit

    Correct Answer: A Section: (none) Explanation

    Explanation/Reference:

    QUESTION 7 Which action does a ScreenOS device perform first when processing a packet?

    A. It checks for an existing session. B. It checks for attacks in the payload. C. It performs a route lookup. D. It performs a policy lookup.

    Correct Answer: A Section: (none) Explanation

    Explanation/Reference:

    QUESTION 8 On a ScreenOS device, which three processes does the task CPU handle? (Choose three.)

  • http://www.gratisexam.com/

    A. policy evaluation B. traffic logging C. session table clean-up D. management services E. broadcast packet processing

    Correct Answer: BCD Section: (none) Explanation

    Explanation/Reference:

    QUESTION 9 A ScreenOS device evaluates five primary elements when performing a security policy check on a new session. Which five elements are evaluated?

    A. source IP address, destination IP address, source route, source port, and destination port B. source IP address, destination IP address, source port, destination port, and protocol C. source IP address, destination IP address, source port, destination port, and payload D. destination IP address, source port, destination port, protocol, and payload

    Correct Answer: B Section: (none) Explanation

    Explanation/Reference:

    QUESTION 10 You want to enable IPv6 on your ScreenOS device. Which command should you use to accomplish this goal?

    A. set envar ipv6=enable B. set ipv6 enable C. set envar ipv6=yes D. set ipv6 yes

    Correct Answer: C Section: (none) Explanation

    Explanation/Reference:

    QUESTION 11

  • Your ScreenOS device does not have a static IP address. You want to be able to access it using its FQDN. How would you implement this task?

    A. Configure a domain in DNS. B. Configure syslog. C. Configure SNMP. D. Configure DDNS.

    Correct Answer: D Section: (none) Explanation

    Explanation/Reference:

    QUESTION 12 You have just installed a new ScreenOS device in your network and you want only a select range of IP addresses to have administrative access to the device. Which choice will allow you to accomplish this?

    A. Configure a manager IP. B. Configure the management interface. C. Configure a management IP on the trust interface. D. Configure new system administrators.

    Correct Answer: A Section: (none) Explanation

    Explanation/Reference:

    QUESTION 13 You have two interfaces in ZoneA and traffic is passing without any policy configured. You want to control the traffic between the two interfaces. Which two actions will allow this to happen? (Choose two.)

    A. Configure interzone blocking on ZoneA and create a policy in that zone to control the traffic. B. Configure intrazone blocking on ZoneA and create a policy in that zone to control the traffic. C. Move one of the interfaces to a different zone and create an interzone policy to control the traffic. D. Move one of the interfaces to a different zone and create an intrazone policy to control the traffic.

    Correct Answer: BC Section: (none) Explanation

    Explanation/Reference:

    QUESTION 14 What is an aggregate interface?

    A. An aggregate interface binds two physical interfaces together to create a redundant interface. B. An aggregate interface binds two or more physical interfaces that share the traffic load. C. An aggregate interface is the management interface.

  • D. An aggregate interface is used for VPN tunnels.

    Correct Answer: B Section: (none) Explanation

    Explanation/Reference:

    QUESTION 15 Which two statements are true about redundant interfaces? (Choose two.)

    A. You can bind two physical interfaces together to create one redundant interface. B. Redundant interfaces bind to a security zone; one physical interface acts as the primary interface, and the

    other physical interface acts as the secondary interface. C. A redundant interface is the accumulation of two or more physical interfaces that share the same traffic

    load. D. A redundant interface is the management interface for bridge mode.

    Correct Answer: AB Section: (none) Explanation

    Explanation/Reference:

    QUESTION 16 Which two actions are performed by a read/write vsys administrator? (Choose two.)

    A. View the security associations for all virtual systems. B. Configure a vsys address book entry. C. Modify the vsys administrator login name. D. Modify the vsys read/write administrator password.

    Correct Answer: BD Section: (none) Explanation

    Explanation/Reference:

    QUESTION 17 When you create a new virtual system, which zone is automatically created within the vsys- specific VR?

    A. trust zone B. untrust zone C. shared zone D. null zone

    Correct Answer: A Section: (none) Explanation

    Explanation/Reference:

  • QUESTION 18 What is the purpose of a virtual system profile?

    A. to limit virtual system access B. to limit virtual system resources C. to limit the number of virtual system interfaces D. to limit the number of VPNs

    Correct Answer: B Section: (none) Explanation

    Explanation/Reference:

    QUESTION 19 What is required to route traffic from one virtual system to another virtual system?

    A. Configure the same dynamic routing protocol in each virtual system. B. Configure a virtual system profile with a shared forwarding table. C. Configure a private virtual router in each virtual system. D. Configure a shared root-level virtual router.

    Correct Answer: D Section: (none) Explanation

    Explanation/Reference:

    QUESTION 20 Policy-based routing (PBR) policies can be bound to which three ScreenOS objects? (Choose three.)

    A. virtual routers B. interfaces C. zones D. security policies E. virtual system

    Correct Answer: ABC Section: (none) Explanation

    Explanation/Reference:

    QUESTION 21 Policy-based routing consists of which three ScreenOS objects? (Choose three.)

    A. extended access lists B. match groups C. action groups D. address books E. security policy

  • Correct Answer: ABC Section: (none) Explanation

    Explanation/Reference:

    QUESTION 22 What are two routing tables contained in a virtual router? (Choose two.)

    A. destination-based B. NHTB C. source-based D. zone-based

    Correct Answer: AC Section: (none) Explanation

    Explanation/Reference:

    QUESTION 23 Which dynamic routing protocol does IPv6 use?

    A. RIP B. RIPng C. OSPFv2 D. NHRP

    Correct Answer: B Section: (none) Explanation

    Explanation/Reference:

    QUESTION 24 A routing table contains an IBGP route, a RIP route, an OSPF external Type 2 route, and an EBGP route for 192.168.0.0/16. When the router receives traffic destined for, which route will the router use by default?

    A. the EBGP route B. the IBGP route C. the OSPF route D. the RIP route

    Correct Answer: A Section: (none) Explanation

    Explanation/Reference: A route preference is a weight added to the route that influences the "best path route" traffic takes to reach its destination. When importing or adding a route to the routing table, the Virtual Router uses the following default preference values (a lower value is preferred over a higher value):

  • Protocol Default Preference Connected