JN0-633 Exam
JN0-633 guidance(81 to 90) for consumer: Mar 2021 Edition
Virtual of JN0-633 test materials and discount pack for Juniper certification for customers, Real Success Guaranteed with Updated JN0-633 pdf dumps vce Materials. 100% PASS Security, Professional (JNCIP-SEC) exam Today!
2021 Mar JN0-633 exam cost
Q81. Which two configuration statements are used to share interface routes between routing instances? (Choose two.)
A. export-rib
B. static rib-group
C. interface-routes rib-group
D. import-rib
Answer: C,D
Q82. What is the default action for an SRX device in transparent mode to determine the outgoing interface for an unknown destination MAC address?
A. Perform packet flooding.
B. Send an ARP query.
C. Send an ICMP packet with a TTL of 1.
D. Perform a traceroute request.
Answer: A
Explanation: Reference: http://www.juniper.net/techpubs/software/junos-security/junos-security95/junos-security-swconfig-interfaces-and-routing/understand-l2-forwarding-tables-section.html
Q83. How does the SRX5800, in transparent mode, signal failover to the connected switches?
A. It initiates spanning-tree BPDUs.
B. It sends out gratuitous ARPs.
C. It flaps the impaired interfaces.
D. It uses an IP address monitoring configuration.
Answer: B
Q84. Click the Exhibit button.
[edit security nat static rule-set 12] user@SRX2# show
from zone untrust; rule 1 {
match {
destination-address 192.168.1.1/32;
}
then { static-nat { prefix {
10.60.60.1/32;
}
}
}
}
Host-2 initiates communication with Host-1. All other routing and policies are in place to allow the traffic.
What is the result of the communication?
A. The 192.168.0.1 address is translated to the 10.60.60.1 address.
B. The 10.60.60.1 address is translated to the 192.168.1.1 address.
C. No translation occurs.
D. The 192.168.0.1 address is translated to the 192.168.1.1 address.
Answer: B
Q85. What is a secure key management protocol used by IPsec?
A. AH
B. ESP
C. TCP
D. IKE
Answer: D
Renovate JN0-633 practice test:
Q86. What are two configurable routing instance types? (Choose two.)
A. IPsec
B. VPLS
C. GRE
D. VRF
Answer: B,D
Q87. Two companies, A and B, are connected as separate customers on an SRX5800 residing on two virtual routers (VR-A and VR-B). These companies have recently been merged and now operate under a common IT security policy. You have been asked to facilitate communication between these VRs. Which two methods will accomplish this task? (Choose two.)
A. Use instance-import to share the routes between the two VRs.
B. Create logical tunnel interfaces to interconnect the two VRs.
C. Use a physical connection between VR-A and VR-B to interconnect them.
D. Create a static route using the next-table action in both VRs.
Answer: A,D
Explanation:
Logical or physical connections between instances on the same Junos device and route between the connected instances
Reference :http://kb.juniper.net/InfoCenter/index?page=content&id=KB21260
Q88. A local user complains that they cannot connect to an FTP server on the DMZ network. You investigate and confirm that the security policy allows FTP traffic from the trust zone to the DMZ zone.
What are two reasons for this problem? (Choose two.)
A. The FTP server has no route back to the local network.
B. No route is configured to the DMZ network.
C. No security policy exists for traffic from the DMZ zone to the trust zone.
D. The FTP ALG is disabled.
Answer: A,D
Q89. You have initiated the download of the IPS signature database on your SRX Series device. Which command would you use to confirm the download has completed?
A. request security idp security-package install
B. request security idp security-package download
C. request security idp security-package install status
D. request security idp security-package download status
Answer: D
Q90. What are two network scanning methods? (Choose two.)
A. SYN flood
B. ping of death
C. ping sweep
D. UDP scan
Answer: C,D
Explanation:
The question is about the network scanning. So correct answers are ping sweep and UDP scan as both are port scanning types.
Reference:URL:http://althing.cs.dartmouth.edu/local/Network_Scanning_Techniques.pdf