Top 10 free samples JN0-332 for IT specialist (1 to 10)

Highest Quality of JN0-332 training materials and testing bible for Juniper certification for IT engineers, Real Success Guaranteed with Updated JN0-332 pdf dumps vce Materials. 100% PASS uniper Networks Certified Internet Specialist, SEC (JNCIS-SEC) exam Today!

2016 Jun JN0-332 Study Guide Questions:

Q1. — Exhibit –security { 

policies { 

from-zone TRUST to-zone UNTRUST { 

policy allow-all { 

match { 

source-address any; 

destination-address any; 

application any; 

then { 

deny; 

policy allow-hosts { 

match { 

source-address hosts; 

destination-address any; 

application junos-http; 

then { 

permit; 

scheduler-name block-hosts; 

policy deny { 

match { 

source-address any; 

destination-address any; 

application any; 

then { 

deny; 

schedulers { 

scheduler block-hosts { 

daily { 

start-time 10:00:00 stop-time 18:00:00; 

— Exhibit —

Click the Exhibit button. 

Referring to the exhibit, you have configured a scheduler to allow hosts access to the Internet during specific times. You notice that hosts are unable to access the Internet. 

What is blocking hosts from accessing the Internet? 

A. The policy allow-all should have the scheduler applied. 

B. The policy allow-hosts should match on source-address any. 

C. The policy allow-hosts should have an application of any. 

D. The policy allow-all should have a then statement of permit. 

Answer: D 

Q2. You must configure a SCREEN option that would protect your device from a session table flood. Which configuration meets this requirement? 

A. [edit security screen] 

user@host# show 

ids-option protectFromFlood { 

icmp { 

ip-sweep threshold 5000; 

flood threshold 2000; 

B. [edit security screen] 

user@host# show 

ids-option protectFromFlood { 

tcp { 

syn-flood { 

attack-threshold 2000; 

destination-threshold 2000; 

C. [edit security screen] 

user@host# show 

ids-option protectFromFlood { 

udp { 

flood threshold 5000; 

D. [edit security screen] 

user@host# show 

ids-option protectFromFlood { 

limit-session { 

source-ip-based 1200; 

destination-ip-based 1200; 

Answer: D 

Q3. Click the Exhibit button. 

user@host> show interfaces ge-0/0/0.0 | match host-inbound 

Allowed host-inbound traffic : ping ssh telnet 

Which configuration would result in the output shown in the exhibit? 

A. [edit security zones security-zone trust] 

user@host# show 

host-inbound-traffic { 

system-services { 

ping; 

telnet; 

}} 

interfaces { 

ge-0/0/0.0 { 

host-inbound-traffic { 

system-services { 

ssh; 

telnet; 

}}}} 

B. [edit security zones functional-zone management] 

user@host# show 

interfaces { 

all; 

host-inbound-traffic { 

system-services { 

all; 

ftp { 

except; 

}}} 

C. [edit security zones functional-zone management] 

user@host# show 

interfaces { 

all { 

host-inbound-traffic { 

system-services { 

ping; 

}}}} 

host-inbound-traffic { 

system-services { 

telnet; 

ssh; 

}} 

D. [edit security zones security-zone trust] 

user@host# show 

host-inbound-traffic { 

system-services { 

ssh; 

ping; 

telnet; 

}} 

interfaces { 

ge-0/0/3.0 { 

host-inbound-traffic { 

system-services { 

ping; 

}}} 

ge-0/0/0.0; 

Answer: D 

JN0-332  free question

Up to the immediate present JN0-332 actual test:

Q4. Which statement is true about a logical interface? 

A. A logical interface can belong to multiple zones 

B. A logical interface can belong to multiple routing instances 

C. A logical interface can belong to only one routing instance 

D. All logical interfaces in a routing instance must belong to a single zone 

Answer: C 

Q5. Which three contexts can be used as matching conditions in a source NAT configuration? (Choose three.) 

A. routing-instance 

B. zone 

C. interface 

D. policy 

E. rule-set 

Answer: ABC 

Q6. — Exhibit –[edit security utm feature-profile content-filtering] 

user@host# show 

profile profileA { 

block-content-type { 

exe; 

zip; 

notification-options { 

type message; 

custom-message "Not permitted. illegal file type"; 

— Exhibit —

Click the Exhibit button. 

Your SRX Series device includes the content filtering configuration shown in the exhibit. 

Assuming the content filtering profile has been properly applied, what happens when a user attempts to send a zip file through the SRX device using FTP? 

A. The file is blocked and silently dropped. 

B. The file is blocked and a message is sent back to the user. 

C. The file is permitted and forwarded to its destination, and a message is sent back to the user. 

D. The file is permitted and forwarded to its destination. 

Answer: D 

certleader.com

Accurate JN0-332 answers:

Q7. Click the Exhibit button. 

Referring to the exhibit, what is the correct proxy-id? 

A. local 1.1.1.0/24, remote 2.1.1.0/24 

B. local 2.1.1.0/24, remote 1.1.1.0/24 

C. local 12.1.1.0/24, remote 11.1.1.0/24 

D. local 11.1.1.0/24, remote 12.1.1.0/24 

Answer: D 

Q8. Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone and send them through the IPsec VPN. You must also have the device generate a log message when the session ends. 

Which configuration meets this requirement? 

A. [edit security policies from-zone Private to-zone External] 

user@host# show 

policy allowTransit { 

match { 

source-address PrivateHosts; 

destination-address ExtServers; 

application ExtApps; 

then { 

permit { 

tunnel { 

ipsec-vpn VPN; 

log { 

session-init; 

B. [edit security policies from-zone Private to-zone External] 

user@host# show 

policy allowTransit { 

match { 

source-address PrivateHosts; 

destination-address ExtServers; 

application ExtApps; 

then { 

permit { 

tunnel { 

ipsec-vpn VPN; 

} } count { session-close; } } } 

C. [edit security policies from-zone Private to-zone External] 

user@host# show 

policy allowTransit { 

match { 

source-address PrivateHosts; 

destination-address ExtServers; 

application ExtApps; 

then { 

permit { 

tunnel { 

ipsec-vpn VPN; 

log { 

session-close; 

D. [edit security policies from-zone Private to-zone External] 

user@host# show 

policy allowTransit { 

match { 

source-address PrivateHosts; 

destination-address ExtServers; 

application ExtApps; 

then { 

permit { 

tunnel { 

ipsec-vpn VPN; 

log; 

count session-close; 

Answer: C 

Q9. How do you apply UTM enforcement to security policies on the branch SRX series? 

A. UTM profiles are applied on a security policy by policy basis. 

B. UTM profiles are applied at the global policy level. 

C. Individual UTM features like anti-spam or anti-virus are applied directly on a security policy by policy basis. 

D. Individual UTM features like anti-spam or anti-virus are applied directly at the global policy level. 

Answer: A 

Q10. Which two statements are correct regarding reth interfaces? (Choose two.) 

A. Child interfaces must be in the same slot on both nodes 

B. Child interfaces do not need to be in the same slot on both nodes. 

C. Child interfaces must be the same Ethernet interface type. 

D. Child interfaces can be a mixture of Ethernet interface types. 

Answer: BC 

About JN0-332 Information: JN0-332 Dumps

Certleader Dumps
Certleader is a company specialized on providing high quality IT exam materials and fully committed to assist our respected clients crack any IT certification tests on their 1st efforts.