그렇게 많은 IT인증덤프공부자료를 제공하는 사이트중 Pass4Test의 인지도가 제일 높은 원인은 무엇일가요?그건 Pass4Test의 제품이 가장 좋다는 것을 의미합니다. Pass4Test에서 제공해드리는 Jun iper JN0-530덤프공부자료는  Juniper JN0-530실제시험문제에 초점을 맞추어 시험커버율이 거의 100%입니다. 이 덤프만 공부하시면 Juniper JN0-530시험패스에 자신을 느끼게 됩니다.

 

 

NO.1 When using NSRP, what command will insure uninterrupted communications for VPNs using certificates
for authentication?
A.set hostname
B.set NSRP clustername
C.set NSRP cluster name
D.set NSRP cluster hostname
Answer: C

NO.2 Which is a valid Phase 2 IKE proposal?
A.pre-g1-des-md5
B.rsa-g2-3des-sha
C.g2-esp-3des-md5
D.g2-esp-aes120-md5
Answer: C

NO.3 Which two (2) route-based VPN configurations would still require a policy?
A.A policy is never needed to get traffic to a route-based VPN
B.The tunnel interface is in a different zone than the traffic source interface
C.The tunnel interface is in a different zone than the traffic destination interface
D.The tunnel interface is in the same zone as the traffic source interface and intra-zone blocking is turned
off
Answer: BC

NO.4 Which two (2) port groups represent an allowed aggregate interface configuration on a NetScreen
5400?
A.E2/1 and E3/1
B.E2/2 and E2/3
C.E3/1 and E3/3
D.E3/1 and E3/2
E.E4/5 and E4/6
Answer: DE

NO.5 What is the recommended order for a basic policy-based VPN configuration?
A.1,4,3,5,2
B.2,1,4,3,5
C.2,3,5,1,4
D.3,5,1,3,2
Answer: C

NO.6 Which two (2) processes are able to use certificates on a NetScreen device?
A.IKE Phase 2 VPNS
B.Certify NTP Servers
C.IKE Phase 1 Gateways
D.Management using SNMP
E.Management SSL traffic
Answer: CE

NO.7 Which is a valid Phase 1 IKE proposal?
A.pre-g1-des-md5
B.g2-esp-des-md5
C.g2-esp-aes128-md5
D.nopfs-esp-des-md5
Answer: A

NO.8 What is the maximum number of interfaces available for user traffic on the NetScreen 5400? (Assume
that 5000-FE24 cards are supported)
A.24
B.30
C.72
D.78
E.79
Answer: D

NO.9 You need to investigate some physical layer problems. Which command will provide you with
information that you can use to analyze these type of problems?
A.get log event
B.get counter screen
C.get counter flow interface
D.get counter statistics interface
Answer: D

NO.10 Which three (3) elements are required to build a route-based VPN?
A.create routes
B.create policies
C.create tunnel interfaces
D.Create address book entries
E.bind VPN to tunnel interfaces
Answer: ACE

NO.11 Which representation of an interface depicts a VSI?
A.e1/1:1
B.e2;2
C.e3/1.2
D.e4:4.1
Answer: A

NO.12 What must be configured differently for a IKE Phase 1 gateway used by a route-based VPN than an
IKE Phase 1 gateway for a policy-based VPN?
A.Proposals
B.Pre-shared key
C.Remote gateway type
D.Binding the tunnel interface
E.There are no differences in building a route based IKE gateway and a Policy based IKE gateway
Answer: E

NO.13 What is the maximum number of ports that can be added to an aggregate interface group on a 24 FE
card?
A.2
B.4
C.5
D.8
E.16
Answer: D

NO.14 You are a read/write VSYS administrator. Your configuration requires the use of a DIP. Which statement
correctly describes this situation?
A.DIP creation can only be done by the root administrator, not a VSYS administrator
B.You can create the DIP on any interface imported into your VSYS, but not on shared interfaces
C.You can create DIPs on any interface you can see in your interface list, including both private and
shared interfaces
D.You can create DIPs only on sub-interfaces within your VSYS. All other DIPs need to be created by the
root level VSYS admin
Answer: A

NO.15 You need to configure your NetScreen device for management from a remote network. Which two of
the following configuration elements would be the minimum required elements? (The other three
elements are valid but optional.)
A.Default route
B.Manage IP address
C.Manager IP address
D.Interface IP address
E.Creating an administrator
Answer: AD

NO.16 Which two commands would be necessary to set up a default route on a NetScreen device using two
virtual routers? The default path is connected to vr-untrust, with a next-hop address of 1.1.8.1.
A.set route 0.0.0.0/0 vrouter untrust-vr
B.set vrouter trust-vr route 0.0.0.0/0 gate 1.1.8.1
C.set vrouter untrust-vr route 0.0.0.0/0 int untrust
D.set route 0.0.0.0/0 int untrust gateway 1.1.8.1
E.set vrouter untrust-vr route 0.0.0.0/0 gate 1.1.8.1
Answer: AE

NO.17 You create a policy-based VPN, and select an address group for the source address. What will be the
source part of the proxy-id seen by the remote security gateway?
A.0.0.0.0/0
B.The last member of the address group
C.The first member of the address group
D.A string of all of the addresses in the address group
E.The subnet that contains all addresses in the address group
Answer: A

NO.18 You are trying to configure VLANs on your NetScreen device. You cannot find the option to add a VLAN
tag to the interface.
Which two (2) of the following could be the reason?
A.The interface is in transparent mode
B.The primary interface is in NAT mode
C.The primary interface is in route mode
D.You have bound the interface to the untrust zone
E.You are trying to create the VLAN off of a physical interface
Answer: AE

NO.19 Click the Exhibit button.
You are having problems with traffic getting to destinations out of interface Ethernet 1. You execute a "get
route" command and get the results seen in the exhibit. What can you determine from the this routing
table?
A.The physical link may be down on the interface and that problem has to be corrected
B.Since the preference is 0 it is not being chosen to pass any routes. You must configure the preference
to be a higher value
C.Ethernet 1 does not have a gateway assigned to it so the system does not know where to send the
traffic using that interface
D.You cannot tell why traffic would not be going out Ethernet 1. You will need to try other troubleshooting
commands to find your problem
Answer: A

NO.20 How can you view the value of a Phase 1 pre-shared key on a device running ScreenOS 5.0 or later?
A.get ike gateway
B.get ike pre-share
C.get conf | inc gateway
D.You cannot retrieve the pre-shared key value. It is encrypted and cannot be viewed.
Answer: D

NO.21 Which parameter is exchanged during Phase 2 negotiations?
A.Proxy-id
B.Certificates
C.Preshared Key
D.NAT-Transversal Data
E.Asymmetric Private Keys
Answer: A

NO.22 Which messages exchange certificates during IKE Main Mode negotiations?
A.Messages 1 & 2
B.Messages 2 & 3
C.Messages 3 & 4
D.Messages 5 & 6
E.Certificates are not exchanged in main mode.
Answer: D

NO.23 Which two (2) commands would build a valid default gateway to a NetScreen device using 1 virtual
router and having a next hop of 1.1.1.1?
A.set route 0.0.0.0/0 int untrust
B.set route 1.1.1.1 gateway 0.0.0.0/0
C.set route 0.0.0.0/0 interface untrust gateway 1.1.1.1
D.set vr trust-vr route 0.0.0.0/0 gateway 1.1.1.1
E.set route 0.0.0.0/255.255.255.255 gateway 1.1.1.1
Answer: CD

NO.24 What is the correct method to reference a sub-interface?
A.Ethernet 2/1/1
B.Ethernet 2/1:1
C.Ethernet 2/1-1
D.Ethernet 2/1.1
Answer: D

NO.25 Place the following items in the order most closely matches the NetScreen Packet Flow process.
A.2,1,3,5,4
B.4,2,3,1,5
C.5,2,1,3,4
D.5,3,2,1,4
E.5,4,3,2,1
Answer: D

NO.26 What are the minimum configuration requirements for configuring a NetScreen device for
administrative access? (select the best two (2) answers)
A.Policies
B.Adding routes
C.SNMP configuration
D.Interface addressing
E.Creating an administrator
Answer: BD

NO.27 What is the number of interfaces available for user traffic on a NetScreen 500 configured with 2
mini-GBIC cards, 1 regular GBIC Card and 1 10/100 Ethernet card?
A.4
B.7
C.8
D.11
E.16
Answer: B

NO.28 When the NetScreen 5200 receives a packet for a session which is already established, which
component is responsible for performing the session match?
A.RAM
B.CPU
C.ASIC on interface card
D.ASIC on management card
Answer: C

NO.29 Which component is responsible for performing both the forwarding lookup and policy evaluation on
the first packet in a session received by an NS-500?
A.RAM
B.CPU
C.ASIC on system board
D.ASIC on interface card
Answer: B

NO.30 What formula does NetScreen use to determine which policies will be checked when traffic enters the
device?
A.NetScreen builds an index on source IP and searches only those policies matching the source IP of the
ingress packet
B.NetScreen checks all policies that have been created with a special algorithm that checks all policies
with fewer CPU cycles
C.NetScreen builds an index on destination IP and searches only those policies matching the destination
IP of the ingress packet
D.NetScreen checks a subset of all policies based on the ingress zone of the packet combined with the
egress zone of the packet
Answer: D