Download Security, Specialist (JNCIS-SEC).JN0-333.BrainDumps.2017-11-15.54q.vcex

Vendor: Juniper
Exam Code: JN0-333
Exam Name: Security, Specialist (JNCIS-SEC)
Date: Nov 15, 2017
File Size: 1 MB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
You have configured source NAT with port address translation. You also need to guarantee that the same IP address is assigned from the source NAT pool to a specific host for multiple concurrent sessions. 
Which NAT parameter would meet this requirement? 
  1. port block-allocation
  2. port range twin-port
  3. address-persistent
  4. address-pooling paired
Correct answer: D
Question 2
Click the Exhibit button. 
    
Referring to the exhibit, what will happen if client 172.16.128.50 tries to connect to destination 192.168.150.111 using HTTP? 
  1. The client will be denied by policy p2.
  2. The client will be denied by policy p1.
  3. The client will be permitted by policy p2.
  4. The client will be permitted by policy p1.
Correct answer: D
Question 3
Click the Exhibit button. 
   
Which feature is enabled with destination NAT as shown in the exhibit?
  1. NAT overload
  2. block allocation
  3. port translation
  4. NAT hairprinting
Correct answer: C
Question 4
Which two statements about security policy actions are true? (Choose two.)
  1. The log action implies an accept action.
  2. The log action requires an additional terminating action.
  3. The count action implies an accept action.
  4. The count action requires an additional terminating action.
Correct answer: BD
Question 5
Which two statements are true about global security policies? (Choose two.)
  1. Global security policies are evaluated before regular security policies.
  2. Global security policies can be configured to match addresses across multiple zones.
  3. Global security policies can match traffic regardless of security zones.
  4. Global security policies do not support IPv6 traffic.
Correct answer: BC
Question 6
Which statement is true about functional zones? 
  1. Functional zones are a collection of regulated transit network segments.
  2. Functional zones provide a means of distinguishing groups of hosts and their resources from one another.
  3. Functional zones are used for management.
  4. Functional zones are the building blocks for security policies.
Correct answer: C
Question 7
You have recently configured an IPsec tunnel between two SRX Series devices. One of the devices is assigned an IP address using DHCP with an IP address that changes frequently. Initial testing indicates that the IPsec tunnel is not working. Troubleshooting has revealed that Phase 1 negotiations are failing. 
Which two actions would solve the problem? (Choose two.) 
  1. Verify that the device with the IP address assigned by DHCP is the traffic initiator.
  2. Verify that VPN monitoring is enabled.
  3. Verify that the IKE policy is configured for aggressive mode.
  4. Verify that PKI is properly configured.
Correct answer: AC
Question 8
Click the Exhibit button. 
   
Which statement would explain why the IP-monitoring feature is functioning incorrectly?
  1. The global weight value is too large for the configured global threshold.
  2. The secondary IP address should be on a different subnet than the reth IP address.
  3. The secondary IP address is the same as the reth IP address.
  4. The monitored IP address is not on the same subnet as the reth IP address.
Correct answer: C
Question 9
Click the Exhibit button. 
   
You have configured NAT on your network so that Host A can communicate with Server B. You want to ensure that Host C can initiate communication with Host A using Host A’s reflexive address. 
Referring to the exhibit, which parameter should you configure on the SRX Series device to satisfy this requirement?
  1. Configure persistent NAT with the target-host parameter.
  2. Configure persistent NAT with the target-host-port parameter.
  3. Configure persistent NAT with the any-remote-host parameter.
  4. Configure persistent NAT with the port-overloading parameter.
Correct answer: A
Question 10
Which feature is used when you want to permit traffic on an SRX Series device only at specific times?
  1. scheduler
  2. pass-through authentication
  3. ALGs
  4. counters
Correct answer: A
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!