You
can free download part of the exam Juniper JN0-633 questions and answers. Our
reliability can be checked by our Juniper JN0-633 demo
and detect the quality of our products. Enjoy a year of free update service for Juniper JN0-633
pdf. We have full confidence
that our Juniper JN0-633 study materials will give you total sense depends on time
you dedicate.
Exam Name:
Security,
Professional (JNCIP-SEC)
|
Question: 1
|
Click the Exhibit:
Exhibit:
Referring to the exhibit, you notice that filter-based
forwarding is not working. What is the reason for this behavior?
A. The RIB group is configured incorrectly.
B. The routing policy is configured incorrectly.
C. The routing instance is configured incorrectly.
D. The default static routes are configured in correctly.
|
Answer: C
|
|
Question: 2
|
Your company has added a connection to a new ISP and you
have been asked to send specific traffic to the new ISP. You have decided to
implement filter-based forwarding. You have configured new routing instances
with type forwarding. You must direct traffic into each instance. Which step
would accomplish this goal?
A. Add a firewall filter to the ingress interface that
specifies the intended routing instance as the action.
B. Create a routing policy to direct the traffic to the
required forwarding instances.
C. Configure the ingress and egress interfaces in each
forwarding instance.
D. Create a static default router for each ISP in inet.0,
each pointing to a deferent forwarding instance.
|
Answer: A
|
|
Question: 3
|
Click the Exhibit button:
You have been asked to block YouTube video streaming for
internal users. You have implemented the configuration show in the exhibit;
however users are still able to stream videos. What must be modified to correct
the problem?
A. The application firewall rule needs to be applied to
an IDP policy.
B. You must create a custom application to block YouTube
streaming.
C. The application firewall rule needs to be applied to
the security policy.
D. You must apply the dynamic application to the security
policy.
|
Answer: C
|
|
Question: 4
|
You are asked to implement an IPsec VPN between your main
office and a new remote office. The remote office receives its IKE gateway
address from their ISP dynamically. Regarding this scenario, which statement is
correct?
A. Configure a fully qualified domain name (FQDN) as the
IKE identity.
B. Configure the dynamic-host-address option as the IKE
identity.
C. Configure the unnumbered option as the IKE identity.
D. Configure a dynamic host configuration name (DHCN) as
the IKE identity.
|
Answer: A
|
|
Question: 5
|
Your company provides managed services for two customers.
Each customer has been segregated within its own routing instance on your SRX
device. Customer A and customer B inform you that they need to be able to reach
certain hosts on each other’s network. Which two configurations setting would
be used to share routes between these routing instances? (Choose two)
A. routing-group
B. instance-import
C. import-rib
D. next-table
|
Answer: BC
|
Click the link below to download demo or buy full
version only $39
No comments:
Post a Comment