Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Juniper Official New Released JN0-332
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/JN0-332.html

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Question No: 361 – (Topic 4)

Click the Exhibit button.

You want to permit access to the Internet from the hr zone during a specified time. Which configuration will accomplish this task?

1. Configure a scheduler, apply it to a new policy, and insert it after internet-access to permit Internet access.

2. Configure a scheduler and apply it to the policy internet-access to deny Internet access.

3. Configure a scheduler and apply it to the policy internet-access to permit Internet access.

4. Configure a scheduler, apply it to a new policy, and insert it before internet-access to permit Internet access.

Answer: C

Question No: 362 – (Topic 4)

Click the Exhibit button.

Referring to the exhibit, you have two SRX Series devices in a chassis cluster, and Node 0 is currently the primary node. You want to ensure that traffic, using those interfaces, fails over to Node 1 when all interfaces go down.

Which configuration change should be made to ensure failover to Node 1?

1. Decrease the weight of the interfaces to 1.

2. Increase the weight of the interfaces to 255.

3. Increase the weight of the interfaces to between 86 and 128.

4. Decrease the weight of the interfaces to between 64 and 84.

Answer: D

Question No: 363 – (Topic 4)

Click the Exhibit button.

Referring to the exhibit, you have two SRX Series devices in a chassis cluster, and Node 0 is currently the primary node. You want to ensure that traffic using those interfaces fails over to Node 1 if one interface goes down.

Which configuration change should be made to ensure failover to Node 1?

1. Decrease the weight of the interfaces to 1.

2. Increase the weight of the interfaces to 255.

3. Increase the weight of the interfaces to between 128 and 254.

4. Decrease the weight of the interfaces to between 1 and 64.

Answer: B

Question No: 364 – (Topic 4)

Click the Exhibit button.

Referring to the exhibit, you have configured a scheduler to allow hosts access to the Internet during specific times. You notice that hosts are still accessing the Internet during times outside of the scheduler#39;s parameters.

What is allowing hosts to access the Internet?

1. The policy allow is allowing hosts access during unscheduled hours.

2. The policy hosts-allow should have a then statement of deny.

3. The policy hosts-allow should have an application of junos-http.

4. The policy deny should have the scheduler applied.

Answer: A

Question No: 365 – (Topic 4)

Which two statements are true when configuring security zones? (Choose two.)

1. You can assign one or more logical interfaces to a zone.

2. You can assign a logical interface to multiple zones.

3. You can assign one or more logical interfaces to a routing instance.

4. You can assign a logical interface to multiple routing instances.

Answer: A,C

Question No: 366 – (Topic 4)

Redundant Ethernet interfaces (reths) have a virtual MAC address based on which two attributes? (Choose two.)

1. interface ID of the reth

2. MAC of member interfaces

3. redundancy group ID

4. cluster ID

Answer: A,D

Question No: 367 – (Topic 4)

Click the Exhibit button.

Referring to the exhibit, which statement is correct about the IPsec configuration?

1. The IPsec tunnel endpoint does not have a static IP address.

2. IKE Phase 2 is established immediately from the hub.

3. Protocol AH is used with IKE Phase 2.

4. IKE Phase 2 uses a standard proposal.

Answer: A

Question No: 368 – (Topic 4)

You want to silently drop HTTP traffic. Which action will accomplish this task?

1. [edit security policies from-zone untrust to-zone trust policy drop-http] user@host# show

   match {

   source-address any; destination-address any; application junos-http;

   }

   then { deny;

   }

2. [edit security policies from-zone untrust to-zone trust policy drop-http] user@host# show

   match {

   source-address any; destination-address any; application junos-http;

   }

   then { reject;

   }

3. [edit security policies from-zone untrust to-zone trust policy drop-http] user@host# show

   match {

   source-address any; destination-address any; application junos-http;

   }

   then { block;

   }

4. [edit security policies from-zone untrust to-zone trust policy drop-http] user@host# show

match {

source-address any; destination-address any; application junos-http;

}

then { terminate;

}

Answer: A

Question No: 369 – (Topic 4)

You have just manually failed over Redundancy Group 0 on Node 0 to Node 1. You notice Node 0 is now in a secondary-hold state.

Which statement is correct?

1. The previous primary node moves to the secondary-hold state because an issue occurred during failover. It stays in that state until the issue is resolved.

2. The previous primary node moves to the secondary-hold state and stays there until manually reset, after which it moves to the secondary state.

3. The previous primary node moves to the secondary-hold state and stays there until the hold-down interval expires, after which it moves to the secondary state.

4. The previous primary node moves to the secondary-hold state and stays there until manually failed back to the primary node.

Answer: C

Question No: 370 – (Topic 4)

You are asked to implement the hashing algorithm that uses the most bits in the calculation on your Junos security device.

Which algorithm should you use?

1. SHA-512

2. SHA-256

3. MD5-Plus

4. MD5

Answer: B

100% Ensurepass Free Download!
–Download Free Demo:JN0-332 Demo PDF
100% Ensurepass Free Guaranteed!
–JN0-332 Dumps

	EnsurePass	ExamCollection	Testking
Lowest Price Guarantee	Yes	No	No
Up-to-Dated	Yes	No	No
Real Questions	Yes	No	No
Explanation	Yes	No	No
PDF VCE	Yes	No	No
Free VCE Simulator	Yes	No	No
Instant Download	Yes	No	No