JN0-332 Online Practice Questions and Answers

Which two parameters are configured in IPsec policy? (Choose two.)

A. mode

B. IKE gateway

C. security proposal

D. Perfect Forward Secrecy

Regarding fast path processing, when does the system perform the policy check?

A. The policy is determined after the SCREEN options check.

B. The policy is determined only during the first packet path, not during fast path.

C. The policy is determined after the zone check.

D. The policy is determined after the SYN TCP flag.

Which two statements are true about pool-based source NAT? (Choose two.)

A. PAT is not supported.

B. PAT is enabled by default.

C. It supports the address-persistent configuration option.

D. It supports the junos-global configuration option.

Which two statements are true about juniper-express-engine (express AV)? (Choose two.)

A. It does not support scan mode by extension.

B. It can detect polymorphic viruses.

C. It cannot decompress a zipped file transmitted using FTP.

D. It cannot decompress a zipped file transmitted using POP3.

What are three valid Juniper Networks IPS attack object types? (Choose three.)

A. signature

B. anomaly

C. trojan

D. virus

E. chain

Which command would you use to enable chassis clustering on an SRX device, setting the cluster ID to 1 and node to 0?

A. user@host# set chassis cluster cluster-id 1 node 0 reboot

B. user@host> set chassis cluster id 1 node 0 reboot

C. user@host> set chassis cluster cluster-id 1 node 0 reboot

D. user@host# set chassis cluster id 1 node 0 reboot

Which statement is true about source NAT?

A. Source NAT works only with source pools.

B. Destination NAT is required to translate the reply traffic.

C. Source NAT does not require a security policy to function.

D. The egress interface IP address can be used for source NAT.

Which statement accurately describes firewall user authentication?

A. Firewall user authentication provides another layer of security in a network.

B. Firewall user authentication provides a means for accessing a JUNOS Software-based security device.

C. Firewall user authentication enables session-based forwarding.

D. Firewall user authentication is used as a last resort security method in a network.

Which statement is correct about zone and interface dependencies?

A. A logical interface can be assigned to multiple zones.

B. A zone can be assigned to multiple routing instances.

C. Logical interfaces are assigned to a zone.

D. A logical interface can be assigned to multiple routing instances.

Which two parameters are configurable under the [edit security zones security-zone zoneA] stanza? (Choose two.)

A. the TCP RST feature

B. the security policies for intrazone communication

C. the zone-specific address book

D. the default policy action for firewall rules in this zone