Study Guides and Actual Real Exam Questions For Oracle OCP, MCSE, MCSA, CCNA, CompTIA


Advertise

Submit Braindumps

Forum

Tell A Friend

    Contact Us

 Home

 Search

Latest Brain Dumps

 BrainDump List

 Certifications Dumps

 Microsoft

 CompTIA

 Oracle

  Cisco
  CIW
  Novell
  Linux
  Sun
  Certs Notes
  How-Tos & Practices 
  Free Online Demos
  Free Online Quizzes
  Free Study Guides
  Free Online Sims
  Material Submission
  Test Vouchers
  Users Submissions
  Site Links
  Submit Site

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Online Training Demos and Learning Tutorials for Windows XP, 2000, 2003.

 

 

 

 





Braindumps for "JN0-332" Exam

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

 Question 1.
Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing a security policy change?

A. policy-rematch
B. policy-evaluate
C. rematch-policy
D. evaluate-policy

Answer: A

Explanation:

Question 2.
Click the Exhibit button.
You need to alter the security policy shown in the exhibit to send matching traffic to an IPsec VPN tunnel. 

Which command causes traffic to be sent through an IPsec VPN named remote-vpn?

A. [edit security policies from-zone trust to-zone untrust]
    user@host# set policy tunnel-traffic then tunnel remote-vpn
B. [edit security policies from-zone trust to-zone untrust]
    user@host# set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn
C. [edit security policies from-zone trust to-zone untrust]
    user@host# set policy tunnel-traffic then permit ipsec-vpn remote-vpn
D. [edit security policies from-zone trust to-zone untrust]
    user@host# set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn

Answer: D

Explanation:

Question 3.
Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH? (Choose three.)

A. data integrity
B. data confidentiality
C. data authentication
D. outer IP header confidentiality
E. outer IP header authentication

Answer: A, C, E

Explanation:

Question 4.
You must configure a SCREEN option that would protect your router from a session table flood.

Which configuration meets this requirement?

A. [edit security screen]
    user@host# show
    ids-option protectFromFlood {
    icmp {
    ip-sweep threshold 5000;
    flood threshold 2000;
    }
    }
B. [edit security screen]
    user@host# show
    ids-option protectFromFlood {
    tcp {
    syn-flood {
    attack-threshold 2000;
    destination-threshold 2000;
   }
   }
   }
C. [edit security screen]
   user@host# show
   ids-option protectFromFlood {
   udp {
   flood threshold 5000;
   }
   }
D. [edit security screen]
   user@host# show
   ids-option protectFromFlood {
   limit-session {
   source-ip-based 1200;
   destination-ip-based 1200;
   }
   }

Answer: D

Explanation:

Question 5.
Which type of Web filtering by default builds a cache of server actions associated with each URL it has checked?

A. Websense Redirect Web filtering
B. integrated Web filtering
C. local Web filtering
D. enhanced Web filtering

Answer: B

Explanation:

Question 6.
Which security or functional zone name has special significance to the Junos OS?

A. self
B. trust
C. untrust
D. junos-global

Answer: D

Explanation:

Question 7.
Which command do you use to display the status of an antivirus database update?

A. show security utm anti-virus status
B. show security anti-virus database status
C. show security utm anti-virus database
D. show security utm anti-virus update

Answer: A

Explanation:

Question 8.
Which statement contains the correct parameters for a route-based IPsec VPN?

A. [edit security ipsec]
   user@host# show
proposal ike1-proposal {
protocol esp;
authentication-algorithm hmac-md5-96;
encryption-algorithm 3des-cbc;
lifetime-seconds 3200;
}
policy ipsec1-policy {
perfect-forward-secrecy {
keys group2;
}
proposals ike1-proposal;
}
vpn VpnTunnel {
interface ge-0/0/1.0;
ike {
gateway ike1-gateway;
ipsec-policy ipsec1-policy;
}
establish-tunnels immediately;
}
B. [edit security ipsec]
user@host# show
proposal ike1-proposal {
protocol esp;
authentication-algorithm hmac-md5-96;
encryption-algorithm 3des-cbc;
lifetime-seconds 3200;
}
policy ipsec1-policy {
perfect-forward-secrecy {
keys group2;
}
proposals ike1-proposal;
}
vpn VpnTunnel {
interface st0.0;
ike {
gateway ike1-gateway;
ipsec-policy ipsec1-policy;
}
establish-tunnels immediately;
}
C. [edit security ipsec]
user@host# show
proposal ike1-proposal {
protocol esp;
authentication-algorithm hmac-md5-96;
encryption-algorithm 3des-cbc;
lifetime-seconds 3200;
}
policy ipsec1-policy {
perfect-forward-secrecy {
keys group2;
}
proposals ike1-proposal;
}
vpn VpnTunnel {
bind-interface ge-0/0/1.0;
ike {
gateway ike1-gateway;
ipsec-policy ipsec1-policy;
}
establish-tunnels immediately;
}
D. [edit security ipsec]
   user@host# show
proposal ike1-proposal {
protocol esp;
authentication-algorithm hmac-md5-96;
encryption-algorithm 3des-cbc;
lifetime-seconds 3200;
}policy ipsec1-policy {
perfect-forward-secrecy {
keys group2;
}
proposals ike1-proposal;
}
vpn VpnTunnel {
bind-interface st0.0;
ike {
gateway ike1-gateway;
ipsec-policy ipsec1-policy;
}
establish-tunnels immediately;
}

Answer: D

Explanation:

Question 9.
Which zone is system-defined?

A. security
B. functional
C. junos-global
D. management

Answer: C

Explanation:

Question 10.
You want to allow your device to establish OSPF adjacencies with a neighboring device connected to interface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone.

Under which configuration hierarchy must you permit OSPF traffic?

A. [edit security policies from-zone HR to-zone HR]
B. [edit security zones functional-zone management protocols]
C. [edit security zones protocol-zone HR host-inbound-traffic]
D. [edit security zones security-zone HR host-inbound-traffic protocols]

Answer: D

Explanation:


Google
 
Web www.certsbraindumps.com


Study Guides and Real Exam Questions For Oracle OCP, MCSE, MCSA, CCNA, CompTIA





              Privacy Policy                   Disclaimer                    Feedback                    Term & Conditions

www.helpline4IT.com

ITCertKeys.com

Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.