2014 Latest Pass4sure&Lead2pass Juniper JN0-532 Exam Questions

Vendor: Juniper
Exam Code: JN0-522
Exam Name: Juniper Networks Certified Associate, FWV (JNCIA-FWV)

QUESTION 1
Address book entries identify hosts and networks by their location in relation to what?

A.    Network entries in the routing table
B.    A listing of addresses in the ARP table
C.    Security zones on the firewall
D.    An interface on the firewall

Answer: C

QUESTION 2
Which two options allow proper configuration of NAT-dst? (Choose two.)

A.    A static route to the appropriate subnet using a private interface as the outbound interface
B.    The default address book entry of "any" in the internal zone
C.    The default address book entry of "any" in the external zone
D.    An address book entry for the address to be translated in the internal zone

Answer: AD

QUESTION 3
Which three options allow proper configuration of NAT-dst? (Choose three.)

A.    The default address book entry of "any" in the external zone
B.    An address book entry for the address to be translated in the internal zone
C.    A static route to the appropriate subnet using a private interface as the outbound interface
D.    The default address book entry of "any" in the internal zone
E.    A secondary address on one of the interfaces in the internal zone

Answer: BCE

QUESTION 4
Which two protocols are defined in the IPSec standard? (Choose two.)

A.    ESP
B.    IKE
C.    GRE
D.    AH

Answer: AD

QUESTION 5
What is the purpose of the "Permitted IP" address on a ScreenOS device?

A.    It is used in policy rules to determine which user traffic is allowed through the ScreenOS device
B.    It defines a list of addresses that are trusted to perform management on the ScreenOS device
C.    It is the address that an external device uses to gain management access to a ScreenOS device
D.    It defines which range of addresses that can access devices connected to the ScreenOS device

Answer: B

QUESTION 6
In the exhibit, which routing command would allow Host A to communicate with host C?

A.    Set route 0.0.0.0/0 int e0/3 gateway 177.11.56.254
B.    Set route 1.1.70.0 interface e0/3 gateway 177.11.56.254
C.    Configure route 1.1.70.0/24 gateway 177.11.56.254 int e0/3
D.    Set route 1.1.70.0/24 interface e0/3 gateway 177.11.56.254

Answer: D

QUESTION 7
What are two benefits of configuring a ScreenOS device in transparent mode? (Choose two.)

A.    Policies are easier to create since you do not have to include source and destination IP addresses
B.    There is no need to create MIPs or VIPs for incoming traffic to reach protected servers
C.    The product can support more VPNs and obtain greater throughput because there is less overhead to manage
D.    There is no need to reconfigure the IP addresses of routers or protected servers

Answer: BD

QUESTION 8
Which statement accurately describes the "config rollaback" feature?

A.    Once the "Config rollback" feature is enabled, it allows the administrator to re-apply a previously saved configuration file from the flash
B.    Once the "Config rollback" feature is enabled, it allows the administrator to revert to the prior ScreenOS image or configuration file in event an upgrade operation aborts
C.    The "Config rollback" feature is enabled by default, it allows the administrator to re-reply a previously saved configuration file from flash
D.    Once the "Config rollback" feature is enabled, it allows the administrator to re-apply a locked configuration file from a separate area in flash

Answer: D

QUESTION 9
See the exhibit. Which order of policies would allow all five policies to be effective in matching traffic?

A.    3,4,2,5,1
B.    3,2,1,5,4
C.    5,3,1,2,4
D.    4,5,3,2,1
Vendor: Juniper
Exam Code: JN0-532
Exam Name: Juniper Networks Certified Specialist, FWV (JNCIS-FWV)
Version: DEMO

QUESTION 1
You have created a VPN to a dynamic peer. Which two configured parameters must match? (Choose two.)

A.    static side peer-id
B.    dynamic side local-id
C.    static side IP address
D.    dynamic side IP address

Answer: AB

QUESTION 2
You need to investigate some physical layer problems. Which command will provide you with information that you can use to analyze these type of problems?

A.    get counter interface e0/0
B.    get counter statistics e0/0
C.    get counter flow interface e0/0
D.    get counter statistics interface e0/0

Answer: D

QUESTION 3
Review the exhibit.
Based on the exhibit, what is wrong with this OSPF configuration?

A.    No DR has been selected.
B.    OSPF hellos are going to the wrong OSPF multicast address.
C.    The interface is assigned to a different area than the peer device.
D.    The hello interval on our device does not match the neighbor device.

Answer: D

QUESTION 4
Click the Exhibit button.
In the exhibit, you are attempting to snoop packets destined to 10.84.57.29. The output shown is not what you expected.
Which of the following commands would you enter next to work toward accomplishing your goal?

A.    snoop on
B.    snoop info
C.    set ffilter
D.    snoop ffilter

Answer: B

QUESTION 5
What must be enabled to protect Phase 2 key exchanges?

A.    Phase 1 PFS
B.    Phase 2 SHA
C.    Phase 2 3-DES
D.    Phase 2 DH key exchange

Answer: D

QUESTION 6
You have entered the command
set ffilter src-ip 1.1.7.250 dst-ip 10.1.10.5 ip-prot 6 What will be the resulting output in the debug for which this was created?

A.    If the packet has a src-ip of 1.1.7.250 or a dst-ip of 10.1.10.5 or has TCP as its protocol then it will be captured
B.    If the packet has a src-ip of 1.1.7.250 or a dst-ip of 10.1.10.5 or has UDP as its protocol then it will be captured
C.    If the packet has a src-ip of 1.1.7.250 and a dst-ip of 10.1.10.5 and has TCP as its protocol then it will be captured
D.    If the packet has a src-ip of 1.1.7.250 and a dst-ip of 10.1.10.5 and has UDP as its protocol then it will be captured

Answer: C

QUESTION 7
What is the default number of equal-cost routes that are used by a ScreenOS device?

A.    1
B.    2
C.    3
D.    4

Answer: A

QUESTION 8
Which ScreenOS CLI commands would match the 10.35.89.0/24 subnet for route redistribution?

A.    set access-list 20 permit ip 10.35.89.0/24 10
set route-map name harry permit 5
set match ip 20
B.    set access-list 5 permit 10.35.89.0 0.0.0.255
set route-map harry permit 10
set match ip address 5
C.    set address Trust harry 10.35.89.0 255.255.255.0
set distribution-list harrylist 1
set address harry
D.    set address Trust harry 10.35.89.0 255.255.255.0
set route-map harry permit 10
set ospf export harry

Answer: A

QUESTION 9
Your ScreenOS device has come under a SYN flood attack. In the logs, which severity level would you search to see this event?

A.    Alert
B.    Critical
C.    Warning
D.    Emergency

Answer: D

QUESTION 10
Which three events would cause ScreenOS devices to generate SNMP traps? (Choose three.)

A.    cold starts
B.    traffic alarms
C.    warm reboots
D.    self log events
E.    traffic log events

Answer: ABC

Answer: A

QUESTION 10
Which ScreenOS CLI commands would be used to enable traffic logging in policy edit mode?

A.    Set policy traffic-log
B.    Set traffic-log
C.    Set log
D.    Set logging

Answer: C

If you want to pass Juniper JN0-532 successfully, donot missing to read latest lead2pass Juniper JN0-532 dumps.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/JN0-532.html

Why Choose Lead2pass?