Juniper JN0-332 Free Practice Exam & Test Training

Question 1 ( Topic 1 )

An IPsec tunnel is established on an SRX Series Gateway on an interface whose IP address was obtained using DHCP. Which two statements are true? (Choose two.)

A. Only main mode can be used for IKE negotiation.
B. A local-identity must be defined.
C. It must be the initiator for IKE.
D. A remote-identity must be defined.

Answer : B,C

Question 2 ( Topic 1 )

The SRX device receives a packet and determines that it does not match an existing session.After SCREEN options are evaluated, what is evaluated next?

A. source NAT
B. destination NAT
C. route lookup
D. zone lookup

Answer : B

Question 3 ( Topic 1 )

You want to allow your device to establish OSPF adjacencies with a neighboring device connected to interface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone. Under which configuration hierarchy must you permit OSPF traffic?

A. [edit security policies from-zone HR to-zone HR]
B. [edit security zones functional-zone management protocols]
C. [edit security zones protocol-zone HR host-inbound-traffic]
D. [edit security zones security-zone HR host-inbound-traffic protocols]

Answer : D

Question 4 ( Topic 1 )

How do you apply UTM enforcement to security policies on the branch SRX series?

A. UTM profiles are applied on a security policy by policy basis.
B. UTM profiles are applied at the global policy level.
C. Individual UTM features like anti-spam or anti-virus are applied directly on a security policy by policy basis.
D. Individual UTM features like anti-spam or anti-virus are applied directly at the global policy level.

Answer : A

Question 5 ( Topic 1 )

At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? (Choose two.)

A. [edit security idp]
B. [edit security zones security-zone trust interfaces ge-0/0/0.0]
C. [edit security zones security-zone trust]
D. [edit security screen]