JN0-332 by Juniper Actual Free Exam Q&As

Question 1

Click the Exhibit button.
[edit security policies from-zone HR to-zone trust]
user@host# show
policy two {
match {
source-address subnet_a;
destination-address host_b;
application [ junos-telnet junos-ping ];
}
then {
reject;
}} policy one {
match {
source-address host_a;
destination-address subnet_b;
application any;
}
then {
permit;
}}
host_a is in subnet_a and host_b is in subnet_b.
Given the configuration shown in the exhibit, which statement is true about traffic from host_a to host_b?

A. DNS traffic is denied. B. Telnet traffic is denied. C. Ping traffic is permitted. D. SMTP traffic is denied.

Discussion 0

Correct Answer: B Vote an answer

Question 2

You are not able to telnet to the interface IP address of your device from a PC on the same subnet.
What is causing the problem?

A. Telnet is not enabled as a host-inbound service on the zone. B. Telnet is not being permitted by security policy. C. Telnet is not being permitted by self policy. D. Telnet is not allowed because it is not considered secure.

Discussion 0

Correct Answer: A Vote an answer

Question 3

Which two statements about the Diffie-Hellman (DH) key exchange process are correct? (Choose two.)

A. In the DH key exchange process, the public and private keys are not mathematically related, ensuring higher security. B. In the DH key exchange process, the session key is passed across the network to the peer for confirmation. C. In the DH key exchange process, the public and private keys are mathematically related using the DH algorithm. D. In the DH key exchange process, the session key is never passed across the network.

Discussion 0

Correct Answer: C,D Vote an answer

Question 4

Regarding content filtering, what are two pattern lists that can be configured in the Junos OS? (Choose two.)

A. extension B. block list C. MIME D. protocol list

Discussion 0

Correct Answer: A,C Vote an answer

Question 5

Which three UTM features require a license? (Choose three.)

A. enhanced Web filtering B. antispam C. local list Web filtering D. e-mail filtering E. express antivirus

Discussion 0

Correct Answer: A,B,E Vote an answer

Question 6

What are two functions of the junos-host zone? (Choose two.)

A. controlling host inbound traffic B. storing global address book entries C. controlling global Junos Screen settings D. controlling self-generated traffic

Discussion 0

Correct Answer: A,D Vote an answer

Question 7

Which statement describes the behavior of a security policy?

A. The factory-default configuration permits all traffic from all interfaces. B. Traffic destined to the device itself always requires a security policy. C. The implicit default security policy permits all traffic. D. Traffic destined to the device's incoming interface does not require a security policy.

Discussion 0

Correct Answer: D Vote an answer

Question 8

What is a security policy?

A. a tool to protect against DoS attacks B. a method of providing a secure connection across a network C. a set of rules that controls traffic from a specified source to a specified destination using a specified service D. a collection of one or more network segments sharing identical security requirements

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).

Question 9

Click the Exhibit button.

The phase 1 tunnel of a site-to-site VPN is not establishing as shown in the exhibit. What would you do to resolve the problem on your SRX Series device?

A. Change the preshared key on both sides to matching values B. Change the phase 1 proposals to match on both sides of the IPsec VPN C. Change the remote side of the VPN to use the correct peering address D. Change the phase 1 mode from aggressive mode to main mode.

Discussion 0

Correct Answer: A Vote an answer

Question 10

Which function does Diffie-Hellman exchange perform for IPsec VPN?

A. It encrypts end-user traffic between the two VPN peers. B. It negotiates IPsec Phase 2 parameters with the VPN peer C. It securely exchanges the pre-shared keys over the network. D. It exchanges static routes with the VPN peer.

Discussion 0

Correct Answer: C Vote an answer

Question 11

At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? (Choose two.)

A. [edit security screen] B. [edit security zones security-zone trust interfaces ge-0/0/0.0] C. [edit security idp] D. [edit security zones security-zone trust]

Discussion 0

Correct Answer: B,D Vote an answer

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC) - JN0-332 Exam Practice Test