IT인증,IT자격증,IT자격증시험,IT인증시험

http://www.pass4test.net/

Juniper JN0-530 시험대비덤프공부

Juniper JN0-530 (Juniper networks Certified internet specialist(jncis-fwv)) 시험패스는 IT업계종사자들이 승진 혹은 연봉협상 혹은 이직 등 보든 면에서 날개를 가해준것과 같습니다.IT업계는  Junip er JN0-530 (Juniper networks Certified internet specialist(jncis-fwv)) 시험을 패스한 전문가를 필요로 하고 있습니다. Pass4Test의 Juniper JN0-530 (Juniper networks Certified internet specialist(jncis-fwv)) 덤프로 시험을 패스하고 자격증을 취득하여 더욱더 큰 무대로 진출해보세요.

 

 

 

NO.1 What formula does NetScreen use to determine which policies will be checked when traffic enters the
device?
A.NetScreen builds an index on source IP and searches only those policies matching the source IP of the
ingress packet
B.NetScreen checks all policies that have been created with a special algorithm that checks all policies
with fewer CPU cycles
C.NetScreen builds an index on destination IP and searches only those policies matching the destination
IP of the ingress packet
D.NetScreen checks a subset of all policies based on the ingress zone of the packet combined with the
egress zone of the packet
Answer: D

NO.2 You create a policy-based VPN, and select an address group for the source address. What will be the
source part of the proxy-id seen by the remote security gateway?
A.0.0.0.0/0
B.The last member of the address group
C.The first member of the address group
D.A string of all of the addresses in the address group
E.The subnet that contains all addresses in the address group
Answer: A

NO.3 Which two (2) route-based VPN configurations would still require a policy?
A.A policy is never needed to get traffic to a route-based VPN
B.The tunnel interface is in a different zone than the traffic source interface
C.The tunnel interface is in a different zone than the traffic destination interface
D.The tunnel interface is in the same zone as the traffic source interface and intra-zone blocking is turned
off
Answer: BC

NO.4 What is the maximum number of ports that can be added to an aggregate interface group on a 24 FE
card?
A.2
B.4
C.5
D.8
E.16
Answer: D

NO.5 Which two (2) commands would build a valid default gateway to a NetScreen device using 1 virtual
router and having a next hop of 1.1.1.1?
A.set route 0.0.0.0/0 int untrust
B.set route 1.1.1.1 gateway 0.0.0.0/0
C.set route 0.0.0.0/0 interface untrust gateway 1.1.1.1
D.set vr trust-vr route 0.0.0.0/0 gateway 1.1.1.1
E.set route 0.0.0.0/255.255.255.255 gateway 1.1.1.1
Answer: CD

NO.6 Which representation of an interface depicts a VSI?
A.e1/1:1
B.e2;2
C.e3/1.2
D.e4:4.1
Answer: A

NO.7 What is the maximum number of interfaces available for user traffic on the NetScreen 5400? (Assume
that 5000-FE24 cards are supported)
A.24
B.30
C.72
D.78
E.79
Answer: D

NO.8 Which is a valid Phase 1 IKE proposal?
A.pre-g1-des-md5
B.g2-esp-des-md5
C.g2-esp-aes128-md5
D.nopfs-esp-des-md5
Answer: A

NO.9 Which three (3) elements are required to build a route-based VPN?
A.create routes
B.create policies
C.create tunnel interfaces
D.Create address book entries
E.bind VPN to tunnel interfaces
Answer: ACE

NO.10 How can you view the value of a Phase 1 pre-shared key on a device running ScreenOS 5.0 or later?
A.get ike gateway
B.get ike pre-share
C.get conf | inc gateway
D.You cannot retrieve the pre-shared key value. It is encrypted and cannot be viewed.
Answer: D

NO.11 You need to configure your NetScreen device for management from a remote network. Which two of
the following configuration elements would be the minimum required elements? (The other three
elements are valid but optional.)
A.Default route
B.Manage IP address
C.Manager IP address
D.Interface IP address
E.Creating an administrator
Answer: AD

NO.12 Which messages exchange certificates during IKE Main Mode negotiations?
A.Messages 1 & 2
B.Messages 2 & 3
C.Messages 3 & 4
D.Messages 5 & 6
E.Certificates are not exchanged in main mode.
Answer: D

NO.13 Which two (2) port groups represent an allowed aggregate interface configuration on a NetScreen
5400?
A.E2/1 and E3/1
B.E2/2 and E2/3
C.E3/1 and E3/3
D.E3/1 and E3/2
E.E4/5 and E4/6
Answer: DE

NO.14 Which two (2) processes are able to use certificates on a NetScreen device?
A.IKE Phase 2 VPNS
B.Certify NTP Servers
C.IKE Phase 1 Gateways
D.Management using SNMP
E.Management SSL traffic
Answer: CE

NO.15 You are a read/write VSYS administrator. Your configuration requires the use of a DIP. Which statement
correctly describes this situation?
A.DIP creation can only be done by the root administrator, not a VSYS administrator
B.You can create the DIP on any interface imported into your VSYS, but not on shared interfaces
C.You can create DIPs on any interface you can see in your interface list, including both private and
shared interfaces
D.You can create DIPs only on sub-interfaces within your VSYS. All other DIPs need to be created by the
root level VSYS admin
Answer: A

NO.16 Which two commands would be necessary to set up a default route on a NetScreen device using two
virtual routers? The default path is connected to vr-untrust, with a next-hop address of 1.1.8.1.
A.set route 0.0.0.0/0 vrouter untrust-vr
B.set vrouter trust-vr route 0.0.0.0/0 gate 1.1.8.1
C.set vrouter untrust-vr route 0.0.0.0/0 int untrust
D.set route 0.0.0.0/0 int untrust gateway 1.1.8.1
E.set vrouter untrust-vr route 0.0.0.0/0 gate 1.1.8.1
Answer: AE

NO.17 Which parameter is exchanged during Phase 2 negotiations?
A.Proxy-id
B.Certificates
C.Preshared Key
D.NAT-Transversal Data
E.Asymmetric Private Keys
Answer: A

NO.18 What are the minimum configuration requirements for configuring a NetScreen device for
administrative access? (select the best two (2) answers)
A.Policies
B.Adding routes
C.SNMP configuration
D.Interface addressing
E.Creating an administrator
Answer: BD

NO.19 What is the recommended order for a basic policy-based VPN configuration?
A.1,4,3,5,2
B.2,1,4,3,5
C.2,3,5,1,4
D.3,5,1,3,2
Answer: C

NO.20 What is the number of interfaces available for user traffic on a NetScreen 500 configured with 2
mini-GBIC cards, 1 regular GBIC Card and 1 10/100 Ethernet card?
A.4
B.7
C.8
D.11
E.16
Answer: B

NO.21 You need to investigate some physical layer problems. Which command will provide you with
information that you can use to analyze these type of problems?
A.get log event
B.get counter screen
C.get counter flow interface
D.get counter statistics interface
Answer: D

NO.22 What is the correct method to reference a sub-interface?
A.Ethernet 2/1/1
B.Ethernet 2/1:1
C.Ethernet 2/1-1
D.Ethernet 2/1.1
Answer: D

NO.23 You are trying to configure VLANs on your NetScreen device. You cannot find the option to add a VLAN
tag to the interface.
Which two (2) of the following could be the reason?
A.The interface is in transparent mode
B.The primary interface is in NAT mode
C.The primary interface is in route mode
D.You have bound the interface to the untrust zone
E.You are trying to create the VLAN off of a physical interface
Answer: AE

NO.24 Place the following items in the order most closely matches the NetScreen Packet Flow process.
A.2,1,3,5,4
B.4,2,3,1,5
C.5,2,1,3,4
D.5,3,2,1,4
E.5,4,3,2,1
Answer: D

NO.25 What must be configured differently for a IKE Phase 1 gateway used by a route-based VPN than an
IKE Phase 1 gateway for a policy-based VPN?
A.Proposals
B.Pre-shared key
C.Remote gateway type
D.Binding the tunnel interface
E.There are no differences in building a route based IKE gateway and a Policy based IKE gateway
Answer: E

NO.26 Click the Exhibit button.
You are having problems with traffic getting to destinations out of interface Ethernet 1. You execute a "get
route" command and get the results seen in the exhibit. What can you determine from the this routing
table?
A.The physical link may be down on the interface and that problem has to be corrected
B.Since the preference is 0 it is not being chosen to pass any routes. You must configure the preference
to be a higher value
C.Ethernet 1 does not have a gateway assigned to it so the system does not know where to send the
traffic using that interface
D.You cannot tell why traffic would not be going out Ethernet 1. You will need to try other troubleshooting
commands to find your problem
Answer: A

NO.27 Which component is responsible for performing both the forwarding lookup and policy evaluation on
the first packet in a session received by an NS-500?
A.RAM
B.CPU
C.ASIC on system board
D.ASIC on interface card
Answer: B

NO.28 Which is a valid Phase 2 IKE proposal?
A.pre-g1-des-md5
B.rsa-g2-3des-sha
C.g2-esp-3des-md5
D.g2-esp-aes120-md5
Answer: C

NO.29 When the NetScreen 5200 receives a packet for a session which is already established, which
component is responsible for performing the session match?
A.RAM
B.CPU
C.ASIC on interface card
D.ASIC on management card
Answer: C

NO.30 When using NSRP, what command will insure uninterrupted communications for VPNs using certificates
for authentication?
A.set hostname
B.set NSRP clustername
C.set NSRP cluster name
D.set NSRP cluster hostname
Answer: C
 
Posted 2013/10/16 6:26:20  |  Category: 미분류  |  Tag: