Exam Code: JN0-522
Exam Name: Juniper Networks Certified Associate, FWV (JNCIA-FWV)
Address book entries identify hosts and networks by their location in relation to what?
A. Network entries in the routing table
B. A listing of addresses in the ARP table
C. Security zones on the firewall
D. An interface on the firewall
Which two options allow proper configuration of NAT-dst? (Choose two.)
A. A static route to the appropriate subnet using a private interface as the outbound interface
B. The default address book entry of "any" in the internal zone
C. The default address book entry of "any" in the external zone
D. An address book entry for the address to be translated in the internal zone
Which three options allow proper configuration of NAT-dst? (Choose three.)
A. The default address book entry of "any" in the external zone
B. An address book entry for the address to be translated in the internal zone
C. A static route to the appropriate subnet using a private interface as the outbound interface
D. The default address book entry of "any" in the internal zone
E. A secondary address on one of the interfaces in the internal zone
Which two protocols are defined in the IPSec standard? (Choose two.)
What is the purpose of the "Permitted IP" address on a ScreenOS device?
A. It is used in policy rules to determine which user traffic is allowed through the ScreenOS device
B. It defines a list of addresses that are trusted to perform management on the ScreenOS device
C. It is the address that an external device uses to gain management access to a ScreenOS device
D. It defines which range of addresses that can access devices connected to the ScreenOS device
In the exhibit, which routing command would allow Host A to communicate with host C?
A. Set route 0.0.0.0/0 int e0/3 gateway 220.127.116.11
B. Set route 18.104.22.168 interface e0/3 gateway 22.214.171.124
C. Configure route 126.96.36.199/24 gateway 188.8.131.52 int e0/3
D. Set route 184.108.40.206/24 interface e0/3 gateway 220.127.116.11
What are two benefits of configuring a ScreenOS device in transparent mode? (Choose two.)
A. Policies are easier to create since you do not have to include source and destination IP addresses
B. There is no need to create MIPs or VIPs for incoming traffic to reach protected servers
C. The product can support more VPNs and obtain greater throughput because there is less overhead to manage
D. There is no need to reconfigure the IP addresses of routers or protected servers
Which statement accurately describes the "config rollaback" feature?
A. Once the "Config rollback" feature is enabled, it allows the administrator to re-apply a previously saved configuration file from the flash
B. Once the "Config rollback" feature is enabled, it allows the administrator to revert to the prior ScreenOS image or configuration file in event an upgrade operation aborts
C. The "Config rollback" feature is enabled by default, it allows the administrator to re-reply a previously saved configuration file from flash
D. Once the "Config rollback" feature is enabled, it allows the administrator to re-apply a locked configuration file from a separate area in flash
See the exhibit. Which order of policies would allow all five policies to be effective in matching traffic?
Exam Code: JN0-532
Exam Name: Juniper Networks Certified Specialist, FWV (JNCIS-FWV)
You have created a VPN to a dynamic peer. Which two configured parameters must match? (Choose two.)
A. static side peer-id
B. dynamic side local-id
C. static side IP address
D. dynamic side IP address
You need to investigate some physical layer problems. Which command will provide you with information that you can use to analyze these type of problems?
A. get counter interface e0/0
B. get counter statistics e0/0
C. get counter flow interface e0/0
D. get counter statistics interface e0/0
Review the exhibit.
Based on the exhibit, what is wrong with this OSPF configuration?
A. No DR has been selected.
B. OSPF hellos are going to the wrong OSPF multicast address.
C. The interface is assigned to a different area than the peer device.
D. The hello interval on our device does not match the neighbor device.
Click the Exhibit button.
In the exhibit, you are attempting to snoop packets destined to 10.84.57.29. The output shown is not what you expected.
Which of the following commands would you enter next to work toward accomplishing your goal?
A. snoop on
B. snoop info
C. set ffilter
D. snoop ffilter
What must be enabled to protect Phase 2 key exchanges?
A. Phase 1 PFS
B. Phase 2 SHA
C. Phase 2 3-DES
D. Phase 2 DH key exchange
You have entered the command
set ffilter src-ip 18.104.22.168 dst-ip 10.1.10.5 ip-prot 6 What will be the resulting output in the debug for which this was created?
A. If the packet has a src-ip of 22.214.171.124 or a dst-ip of 10.1.10.5 or has TCP as its protocol then it will be captured
B. If the packet has a src-ip of 126.96.36.199 or a dst-ip of 10.1.10.5 or has UDP as its protocol then it will be captured
C. If the packet has a src-ip of 188.8.131.52 and a dst-ip of 10.1.10.5 and has TCP as its protocol then it will be captured
D. If the packet has a src-ip of 184.108.40.206 and a dst-ip of 10.1.10.5 and has UDP as its protocol then it will be captured
What is the default number of equal-cost routes that are used by a ScreenOS device?
Which ScreenOS CLI commands would match the 10.35.89.0/24 subnet for route redistribution?
A. set access-list 20 permit ip 10.35.89.0/24 10
set route-map name harry permit 5
set match ip 20
B. set access-list 5 permit 10.35.89.0 0.0.0.255
set route-map harry permit 10
set match ip address 5
C. set address Trust harry 10.35.89.0 255.255.255.0
set distribution-list harrylist 1
set address harry
D. set address Trust harry 10.35.89.0 255.255.255.0
set route-map harry permit 10
set ospf export harry
Your ScreenOS device has come under a SYN flood attack. In the logs, which severity level would you search to see this event?
Which three events would cause ScreenOS devices to generate SNMP traps? (Choose three.)
A. cold starts
B. traffic alarms
C. warm reboots
D. self log events
E. traffic log events
Which ScreenOS CLI commands would be used to enable traffic logging in policy edit mode?
A. Set policy traffic-log
B. Set traffic-log
C. Set log
D. Set logging
If you want to pass Juniper JN0-532 successfully, donot missing to read latest lead2pass Juniper JN0-532 dumps.
If you can master all lead2pass questions you will able to pass 100% guaranteed.
Why Choose Lead2pass?
If you want to pass the exam successfully in first attempt you have to choose the best IT study material provider, in my opinion, Lead2pass is one of the best way to prepare for the exam.
|One Time Purchase||✔||✖||✖||✖||✖|
|100% Pass Guarantee||✔||✖||✖||✖||✖|
|100% Money Back||✔||✖||✖||✖||✖|