Juniper JN0-530시험패스 공부방법을 찾고 있다면 제일 먼저 Pass4Test를 추천해드리고 싶습니다. Juniper JN0-530시험이 많이 어렵다는것은 모두 알고 있는 것입니다. Pass4Test에서 출시한 Juniper JN0-530덤프는 실제시험을 대비하여 연구제작된 멋진 작품으로서 Juniper JN0-530시험적중율이 최고입니다. Juniper JN0-530시험패스를 원하신다면 Pass4Test의 제품이 고객님의 소원을 들어줄것입니다.
NO.1 Which parameter is exchanged during Phase 2 negotiations?
A.Proxy-id
B.Certificates
C.Preshared Key
D.NAT-Transversal Data
E.Asymmetric Private Keys
Answer: A
NO.2 Which is a valid Phase 2 IKE proposal?
A.pre-g1-des-md5
B.rsa-g2-3des-sha
C.g2-esp-3des-md5
D.g2-esp-aes120-md5
Answer: C
NO.3 Which two commands would be necessary to set up a default route on a NetScreen device using two
virtual routers? The default path is connected to vr-untrust, with a next-hop address of 1.1.8.1.
A.set route 0.0.0.0/0 vrouter untrust-vr
B.set vrouter trust-vr route 0.0.0.0/0 gate 1.1.8.1
C.set vrouter untrust-vr route 0.0.0.0/0 int untrust
D.set route 0.0.0.0/0 int untrust gateway 1.1.8.1
E.set vrouter untrust-vr route 0.0.0.0/0 gate 1.1.8.1
Answer: AE
NO.4 You need to configure your NetScreen device for management from a remote network. Which two of
the following configuration elements would be the minimum required elements? (The other three
elements are valid but optional.)
A.Default route
B.Manage IP address
C.Manager IP address
D.Interface IP address
E.Creating an administrator
Answer: AD
NO.5 Which three (3) elements are required to build a route-based VPN?
A.create routes
B.create policies
C.create tunnel interfaces
D.Create address book entries
E.bind VPN to tunnel interfaces
Answer: ACE
NO.6 What is the maximum number of interfaces available for user traffic on the NetScreen 5400? (Assume
that 5000-FE24 cards are supported)
A.24
B.30
C.72
D.78
E.79
Answer: D
NO.7 What is the maximum number of ports that can be added to an aggregate interface group on a 24 FE
card?
A.2
B.4
C.5
D.8
E.16
Answer: D
NO.8 Which two (2) processes are able to use certificates on a NetScreen device?
A.IKE Phase 2 VPNS
B.Certify NTP Servers
C.IKE Phase 1 Gateways
D.Management using SNMP
E.Management SSL traffic
Answer: CE
NO.9 What is the number of interfaces available for user traffic on a NetScreen 500 configured with 2
mini-GBIC cards, 1 regular GBIC Card and 1 10/100 Ethernet card?
A.4
B.7
C.8
D.11
E.16
Answer: B
NO.10 You need to investigate some physical layer problems. Which command will provide you with
information that you can use to analyze these type of problems?
A.get log event
B.get counter screen
C.get counter flow interface
D.get counter statistics interface
Answer: D
NO.11 Which is a valid Phase 1 IKE proposal?
A.pre-g1-des-md5
B.g2-esp-des-md5
C.g2-esp-aes128-md5
D.nopfs-esp-des-md5
Answer: A
NO.12 You are a read/write VSYS administrator. Your configuration requires the use of a DIP. Which statement
correctly describes this situation?
A.DIP creation can only be done by the root administrator, not a VSYS administrator
B.You can create the DIP on any interface imported into your VSYS, but not on shared interfaces
C.You can create DIPs on any interface you can see in your interface list, including both private and
shared interfaces
D.You can create DIPs only on sub-interfaces within your VSYS. All other DIPs need to be created by the
root level VSYS admin
Answer: A
NO.13 When the NetScreen 5200 receives a packet for a session which is already established, which
component is responsible for performing the session match?
A.RAM
B.CPU
C.ASIC on interface card
D.ASIC on management card
Answer: C
NO.14 Click the Exhibit button.
You are having problems with traffic getting to destinations out of interface Ethernet 1. You execute a "get
route" command and get the results seen in the exhibit. What can you determine from the this routing
table?
A.The physical link may be down on the interface and that problem has to be corrected
B.Since the preference is 0 it is not being chosen to pass any routes. You must configure the preference
to be a higher value
C.Ethernet 1 does not have a gateway assigned to it so the system does not know where to send the
traffic using that interface
D.You cannot tell why traffic would not be going out Ethernet 1. You will need to try other troubleshooting
commands to find your problem
Answer: A
NO.15 You are trying to configure VLANs on your NetScreen device. You cannot find the option to add a VLAN
tag to the interface.
Which two (2) of the following could be the reason?
A.The interface is in transparent mode
B.The primary interface is in NAT mode
C.The primary interface is in route mode
D.You have bound the interface to the untrust zone
E.You are trying to create the VLAN off of a physical interface
Answer: AE
NO.16 What is the correct method to reference a sub-interface?
A.Ethernet 2/1/1
B.Ethernet 2/1:1
C.Ethernet 2/1-1
D.Ethernet 2/1.1
Answer: D
NO.17 What is the recommended order for a basic policy-based VPN configuration?
A.1,4,3,5,2
B.2,1,4,3,5
C.2,3,5,1,4
D.3,5,1,3,2
Answer: C
NO.18 How can you view the value of a Phase 1 pre-shared key on a device running ScreenOS 5.0 or later?
A.get ike gateway
B.get ike pre-share
C.get conf | inc gateway
D.You cannot retrieve the pre-shared key value. It is encrypted and cannot be viewed.
Answer: D
NO.19 Which two (2) route-based VPN configurations would still require a policy?
A.A policy is never needed to get traffic to a route-based VPN
B.The tunnel interface is in a different zone than the traffic source interface
C.The tunnel interface is in a different zone than the traffic destination interface
D.The tunnel interface is in the same zone as the traffic source interface and intra-zone blocking is turned
off
Answer: BC
NO.20 Which component is responsible for performing both the forwarding lookup and policy evaluation on
the first packet in a session received by an NS-500?
A.RAM
B.CPU
C.ASIC on system board
D.ASIC on interface card
Answer: B
NO.21 Which two (2) commands would build a valid default gateway to a NetScreen device using 1 virtual
router and having a next hop of 1.1.1.1?
A.set route 0.0.0.0/0 int untrust
B.set route 1.1.1.1 gateway 0.0.0.0/0
C.set route 0.0.0.0/0 interface untrust gateway 1.1.1.1
D.set vr trust-vr route 0.0.0.0/0 gateway 1.1.1.1
E.set route 0.0.0.0/255.255.255.255 gateway 1.1.1.1
Answer: CD
NO.22 What must be configured differently for a IKE Phase 1 gateway used by a route-based VPN than an
IKE Phase 1 gateway for a policy-based VPN?
A.Proposals
B.Pre-shared key
C.Remote gateway type
D.Binding the tunnel interface
E.There are no differences in building a route based IKE gateway and a Policy based IKE gateway
Answer: E
NO.23 Which representation of an interface depicts a VSI?
A.e1/1:1
B.e2;2
C.e3/1.2
D.e4:4.1
Answer: A
NO.24 You create a policy-based VPN, and select an address group for the source address. What will be the
source part of the proxy-id seen by the remote security gateway?
A.0.0.0.0/0
B.The last member of the address group
C.The first member of the address group
D.A string of all of the addresses in the address group
E.The subnet that contains all addresses in the address group
Answer: A
NO.25 Which messages exchange certificates during IKE Main Mode negotiations?
A.Messages 1 & 2
B.Messages 2 & 3
C.Messages 3 & 4
D.Messages 5 & 6
E.Certificates are not exchanged in main mode.
Answer: D
NO.26 When using NSRP, what command will insure uninterrupted communications for VPNs using certificates
for authentication?
A.set hostname
B.set NSRP clustername
C.set NSRP cluster name
D.set NSRP cluster hostname
Answer: C
NO.27 What are the minimum configuration requirements for configuring a NetScreen device for
administrative access? (select the best two (2) answers)
A.Policies
B.Adding routes
C.SNMP configuration
D.Interface addressing
E.Creating an administrator
Answer: BD
NO.28 Which two (2) port groups represent an allowed aggregate interface configuration on a NetScreen
5400?
A.E2/1 and E3/1
B.E2/2 and E2/3
C.E3/1 and E3/3
D.E3/1 and E3/2
E.E4/5 and E4/6
Answer: DE
NO.29 What formula does NetScreen use to determine which policies will be checked when traffic enters the
device?
A.NetScreen builds an index on source IP and searches only those policies matching the source IP of the
ingress packet
B.NetScreen checks all policies that have been created with a special algorithm that checks all policies
with fewer CPU cycles
C.NetScreen builds an index on destination IP and searches only those policies matching the destination
IP of the ingress packet
D.NetScreen checks a subset of all policies based on the ingress zone of the packet combined with the
egress zone of the packet
Answer: D
NO.30 Place the following items in the order most closely matches the NetScreen Packet Flow process.
A.2,1,3,5,4
B.4,2,3,1,5
C.5,2,1,3,4
D.5,3,2,1,4
E.5,4,3,2,1
Answer: D
Juniper JN0-530최신버전덤프공부자료
Posted 2013/10/16 6:24:32 | Category: 미분류 | Tag: