IT인증,IT자격증,IT자격증시험,IT인증시험

http://www.pass4test.net/

Juniper JN0-530 인증덤프

Pass4Test의 완벽한 Juniper JN0-530 (Juniper networks Certified internet specialist(jncis-fwv))덤프는 고객님이 Juniper JN0-530 (Juniper networks Certified internet specialist(jncis-fwv))시험을 패스하는 지름길입니다. 시간과 돈을 적게 들이는 반면 효과는 십점만점에 십점입니다. Pass4Test의 Juni per JN0-530 (Juniper networks Certified internet specialist(jncis-fwv)) 덤프를 선택하시면 고객님께서 원하시는 시험점수를 받아 자격증을 쉽게 취득할수 있습니다.

 

 

NO.1 Which two (2) commands would build a valid default gateway to a NetScreen device using 1 virtual
router and having a next hop of 1.1.1.1?
A.set route 0.0.0.0/0 int untrust
B.set route 1.1.1.1 gateway 0.0.0.0/0
C.set route 0.0.0.0/0 interface untrust gateway 1.1.1.1
D.set vr trust-vr route 0.0.0.0/0 gateway 1.1.1.1
E.set route 0.0.0.0/255.255.255.255 gateway 1.1.1.1
Answer: CD

NO.2 What is the correct method to reference a sub-interface?
A.Ethernet 2/1/1
B.Ethernet 2/1:1
C.Ethernet 2/1-1
D.Ethernet 2/1.1
Answer: D

NO.3 You are trying to configure VLANs on your NetScreen device. You cannot find the option to add a VLAN
tag to the interface.
Which two (2) of the following could be the reason?
A.The interface is in transparent mode
B.The primary interface is in NAT mode
C.The primary interface is in route mode
D.You have bound the interface to the untrust zone
E.You are trying to create the VLAN off of a physical interface
Answer: AE

NO.4 Which two (2) port groups represent an allowed aggregate interface configuration on a NetScreen
5400?
A.E2/1 and E3/1
B.E2/2 and E2/3
C.E3/1 and E3/3
D.E3/1 and E3/2
E.E4/5 and E4/6
Answer: DE

NO.5 Which two commands would be necessary to set up a default route on a NetScreen device using two
virtual routers? The default path is connected to vr-untrust, with a next-hop address of 1.1.8.1.
A.set route 0.0.0.0/0 vrouter untrust-vr
B.set vrouter trust-vr route 0.0.0.0/0 gate 1.1.8.1
C.set vrouter untrust-vr route 0.0.0.0/0 int untrust
D.set route 0.0.0.0/0 int untrust gateway 1.1.8.1
E.set vrouter untrust-vr route 0.0.0.0/0 gate 1.1.8.1
Answer: AE

NO.6 Which parameter is exchanged during Phase 2 negotiations?
A.Proxy-id
B.Certificates
C.Preshared Key
D.NAT-Transversal Data
E.Asymmetric Private Keys
Answer: A

NO.7 How can you view the value of a Phase 1 pre-shared key on a device running ScreenOS 5.0 or later?
A.get ike gateway
B.get ike pre-share
C.get conf | inc gateway
D.You cannot retrieve the pre-shared key value. It is encrypted and cannot be viewed.
Answer: D

NO.8 Which messages exchange certificates during IKE Main Mode negotiations?
A.Messages 1 & 2
B.Messages 2 & 3
C.Messages 3 & 4
D.Messages 5 & 6
E.Certificates are not exchanged in main mode.
Answer: D

NO.9 When using NSRP, what command will insure uninterrupted communications for VPNs using certificates
for authentication?
A.set hostname
B.set NSRP clustername
C.set NSRP cluster name
D.set NSRP cluster hostname
Answer: C

NO.10 You are a read/write VSYS administrator. Your configuration requires the use of a DIP. Which statement
correctly describes this situation?
A.DIP creation can only be done by the root administrator, not a VSYS administrator
B.You can create the DIP on any interface imported into your VSYS, but not on shared interfaces
C.You can create DIPs on any interface you can see in your interface list, including both private and
shared interfaces
D.You can create DIPs only on sub-interfaces within your VSYS. All other DIPs need to be created by the
root level VSYS admin
Answer: A

NO.11 You need to investigate some physical layer problems. Which command will provide you with
information that you can use to analyze these type of problems?
A.get log event
B.get counter screen
C.get counter flow interface
D.get counter statistics interface
Answer: D

NO.12 When the NetScreen 5200 receives a packet for a session which is already established, which
component is responsible for performing the session match?
A.RAM
B.CPU
C.ASIC on interface card
D.ASIC on management card
Answer: C

NO.13 Which is a valid Phase 2 IKE proposal?
A.pre-g1-des-md5
B.rsa-g2-3des-sha
C.g2-esp-3des-md5
D.g2-esp-aes120-md5
Answer: C

NO.14 What are the minimum configuration requirements for configuring a NetScreen device for
administrative access? (select the best two (2) answers)
A.Policies
B.Adding routes
C.SNMP configuration
D.Interface addressing
E.Creating an administrator
Answer: BD

NO.15 Place the following items in the order most closely matches the NetScreen Packet Flow process.
A.2,1,3,5,4
B.4,2,3,1,5
C.5,2,1,3,4
D.5,3,2,1,4
E.5,4,3,2,1
Answer: D

NO.16 Click the Exhibit button.
You are having problems with traffic getting to destinations out of interface Ethernet 1. You execute a "get
route" command and get the results seen in the exhibit. What can you determine from the this routing
table?
A.The physical link may be down on the interface and that problem has to be corrected
B.Since the preference is 0 it is not being chosen to pass any routes. You must configure the preference
to be a higher value
C.Ethernet 1 does not have a gateway assigned to it so the system does not know where to send the
traffic using that interface
D.You cannot tell why traffic would not be going out Ethernet 1. You will need to try other troubleshooting
commands to find your problem
Answer: A

NO.17 What is the recommended order for a basic policy-based VPN configuration?
A.1,4,3,5,2
B.2,1,4,3,5
C.2,3,5,1,4
D.3,5,1,3,2
Answer: C

NO.18 What is the maximum number of interfaces available for user traffic on the NetScreen 5400? (Assume
that 5000-FE24 cards are supported)
A.24
B.30
C.72
D.78
E.79
Answer: D

NO.19 Which component is responsible for performing both the forwarding lookup and policy evaluation on
the first packet in a session received by an NS-500?
A.RAM
B.CPU
C.ASIC on system board
D.ASIC on interface card
Answer: B

NO.20 Which representation of an interface depicts a VSI?
A.e1/1:1
B.e2;2
C.e3/1.2
D.e4:4.1
Answer: A

NO.21 You need to configure your NetScreen device for management from a remote network. Which two of
the following configuration elements would be the minimum required elements? (The other three
elements are valid but optional.)
A.Default route
B.Manage IP address
C.Manager IP address
D.Interface IP address
E.Creating an administrator
Answer: AD

NO.22 Which two (2) processes are able to use certificates on a NetScreen device?
A.IKE Phase 2 VPNS
B.Certify NTP Servers
C.IKE Phase 1 Gateways
D.Management using SNMP
E.Management SSL traffic
Answer: CE

NO.23 Which two (2) route-based VPN configurations would still require a policy?
A.A policy is never needed to get traffic to a route-based VPN
B.The tunnel interface is in a different zone than the traffic source interface
C.The tunnel interface is in a different zone than the traffic destination interface
D.The tunnel interface is in the same zone as the traffic source interface and intra-zone blocking is turned
off
Answer: BC

NO.24 Which is a valid Phase 1 IKE proposal?
A.pre-g1-des-md5
B.g2-esp-des-md5
C.g2-esp-aes128-md5
D.nopfs-esp-des-md5
Answer: A

NO.25 What is the number of interfaces available for user traffic on a NetScreen 500 configured with 2
mini-GBIC cards, 1 regular GBIC Card and 1 10/100 Ethernet card?
A.4
B.7
C.8
D.11
E.16
Answer: B

NO.26 What formula does NetScreen use to determine which policies will be checked when traffic enters the
device?
A.NetScreen builds an index on source IP and searches only those policies matching the source IP of the
ingress packet
B.NetScreen checks all policies that have been created with a special algorithm that checks all policies
with fewer CPU cycles
C.NetScreen builds an index on destination IP and searches only those policies matching the destination
IP of the ingress packet
D.NetScreen checks a subset of all policies based on the ingress zone of the packet combined with the
egress zone of the packet
Answer: D

NO.27 Which three (3) elements are required to build a route-based VPN?
A.create routes
B.create policies
C.create tunnel interfaces
D.Create address book entries
E.bind VPN to tunnel interfaces
Answer: ACE

NO.28 What must be configured differently for a IKE Phase 1 gateway used by a route-based VPN than an
IKE Phase 1 gateway for a policy-based VPN?
A.Proposals
B.Pre-shared key
C.Remote gateway type
D.Binding the tunnel interface
E.There are no differences in building a route based IKE gateway and a Policy based IKE gateway
Answer: E

NO.29 You create a policy-based VPN, and select an address group for the source address. What will be the
source part of the proxy-id seen by the remote security gateway?
A.0.0.0.0/0
B.The last member of the address group
C.The first member of the address group
D.A string of all of the addresses in the address group
E.The subnet that contains all addresses in the address group
Answer: A

NO.30 What is the maximum number of ports that can be added to an aggregate interface group on a 24 FE
card?
A.2
B.4
C.5
D.8
E.16
Answer: D
 
Posted 2013/10/16 6:22:17  |  Category: 미분류  |  Tag: