Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Juniper JN0-530 Exam - Cheat-Test.com

Free JN0-530 Sample Questions:

Q: 1 What is the purpose and use of digital certificates?
A. Prove authenticity and bind public keys to an entity
B. Prove authenticity and bind private keys to an entity
C. Hold both public and private keys of the bearer of the certificate
D. Hold both the public and private keys of the issuer of the certificate
Answer: A

Q: 2 You create a policy-based VPN, and select an address group for the source address. What will be the source part of the proxy-id seen by the remote security gateway?
A. 0.0.0.0/0
B. The last member of the address group
C. The first member of the address group
D. A string of all of the addresses in the address group
E. The subnet that contains all addresses in the address group
Answer: A

Q: 3 What two (2) ways can a NetScreen Firewall/VPN device be administered by a secure, encrypted connection?
A. SSH
B. HTTP
C. Telnet
D. HTTPS
E. Console
Answer: A, D

Q: 4 Which two (2) processes are able to use certificates on a NetScreen device?
A. IKE Phase 2 VPNS
B. Certify NTP Servers
C. IKE Phase 1 Gateways
D. Management using SNMP
E. Management SSL traffic
Answer: C, E

Q: 5 How many tunnels would have to be created to build a full mesh between 10 VPN devices?
A. 9
B. 10
C. 20
D. 45
E. 100
Answer: D

Q: 6 You have created a VPN to a dynamic peer. Which two (2) configured parameters must match?
A. Peer id on the static side
B. Local id on the static side
C. Peer id on the dynamic side
D. Local id on the dynamic side
E. IP address on the static side
F. IP address on the dynamic side
Answer: A, D

Q: 7 What three (3) items do you need to download and install on your NetScreen device for IKE gateways to be able to use digital certificates without OCSP?
A. The CRL list
B. The SCEP list
C. A local Certificate
D. The CA public key certificate
E. The CA private key Certificate
Answer: A, C, D

Q: 8 Which two (2) statements regarding NHTB are correct?
A. If the hub device is running pre-5.0 software, manual configuration of NHTB is required on the hub
B. If the spoke device is not a NetScreen device, manual configuration of NHTB is required on the hub
C. If the spoke device is not a NetScreen device, manual configuration of NHTB is required on the spoke
D. If the spoke device is running pre-5.0 software, manual configuration of NHTB is required on the hub device
E. If the spoke device is running pre-5.0 software, manual configuration of NHTB is required on the spoke device
Answer: B, D

Q: 9 What three (3) components make up a redundant VPN configuration?
A. Master
B. Slaves
C. Monitor
D. Targets
E. Backups
F. VPN Groups
Answer: C, D, F

Q: 10 Which is a valid Phase 1 IKE proposal?
A. pre-g1-des-md5
B. g2-esp-des-md5
C. g2-esp-aes128-md5
D. nopfs-esp-des-md5
Answer: A

Q: 11 Which two (2) statements are correct?
A. RA stands for Registration Agent
B. RA stands for Registration Authority
C. An RA is required in order to run a CA
D. An RA distributes registration information
E. An RA accepts registration requests on behalf of a CA
Answer: B, E

Q: 12 You are concerned about log entries being overwritten and would like to save this valuable information on an external system. Which three (3) systems will work with Netscreen devices to accomplish this goal?
A. SNMP
B. WebSense
C. WebTrends
D. Syslog Server
E. NetScreen Security Manager
Answer: C, D, E

Q: 13 Which two (2) route-based VPN configurations would still require a policy?
A. A policy is never needed to get traffic to a route-based VPN
B. The tunnel interface is in a different zone than the traffic source interface
C. The tunnel interface is in a different zone than the traffic destination interface
D. The tunnel interface is in the same zone as the traffic source interface and intra-zone blocking is turned off
Answer: B, C

Q: 14 Which messages exchange certificates during IKE Main Mode negotiations?
A. Messages 1 & 2
B. Messages 2 & 3
C. Messages 3 & 4
D. Messages 5 & 6
E. Certificates are not exchanged in main mode.
Answer: D

Q: 15 What is the recommended order for a basic policy-based VPN configuration?
1) create address objects
2) set maximum segment size
3) create IKE gateway
4) create policy
5) create vpn
A. 1,4,3,5,2
B. 2,1,4,3,5
C. 2,3,5,1,4
D. 3,5,1,3,2
Answer: C

Q: 16 Which CLI command will allow you to change the root administrators name?
A. set admin joehouser
B. set admin name joehouser
C. set admin user name joehouser
D. set admin joehouser password 2Wx3rpYq
Answer: B

Q: 17 How many queues are available to manage traffic priority on a NetScreen device?
A. 4
B. 8
C. 16
D. 32
E. 64
Answer: B

Q: 18 You create three (3) policies that will send traffic through an interface configured for 1.544 mbps. All Policies are configured to have 256 kbps Guaranteed bandwidth and 512 kbps of Maximum bandwidth. Each policy has been assigned the following priorities:
Policy 1 = priority 4
Policy 2 = priority 5
Policy 3 = priority 3
Each policy receives a constant stream of 1 mbps. How much bandwidth will Policy 2 get to use?
A. 0 kbps
B. 256 kbps
C. 512 kbps
D. 768 kbps
E. 1 mbps
Answer: C

Q: 19 What bits of DSCP mapping do NetScreen devices use?
A. first 3 bits
B. first 4 bits
C. last 2 bits
D. last 3 bits
E. last 4 bits
Answer: A

Q: 20 What is the best definition of maximum bandwidth?
A. The total amount of bandwidth (configured in mbps) that can be used by a policy after guaranteed bandwidth has been serviced
B. The total amount of bandwidth (configured in kbps) that can be used by a policy after all guaranteed bandwidth has been serviced
C. The additional amount of bandwidth over the guaranteed bandwidth amount (configured in kbps) that can be used by a policy after guaranteed bandwidth has been serviced
D. The additional amount of bandwidth over the guaranteed bandwidth amount (configured in mbps) that can be used by a policy after guaranteed bandwidth has been serviced
Answer: B

Q: 21 What is the maximum number of interfaces available for user traffic on the NetScreen 5400? (Assume that 5000-FE24 cards are supported)
A. 24
B. 30
C. 72
D. 78
E. 79
Answer: D

Q: 22 What is the correct method to reference a sub-interface?
A. Ethernet 2/1/1
B. Ethernet 2/1:1
C. Ethernet 2/1-1
D. Ethernet 2/1.1
Answer: D

Q: 23 What formula does NetScreen use to determine which policies will be checked when traffic enters the device?
A. NetScreen builds an index on source IP and searches only those policies matching the source IP of the ingress packet
B. NetScreen checks all policies that have been created with a special algorithm that checks all policies with fewer CPU cycles
C. NetScreen builds an index on destination IP and searches only those policies matching the destination IP of the ingress packet
D. NetScreen checks a subset of all policies based on the ingress zone of the packet combined with the egress zone of the packet
Answer: D

Q: 24 Which component is responsible for performing both the forwarding lookup and policy evaluation on the first packet in a session received by an NS-500?
A. RAM
B. CPU
C. ASIC on system board
D. ASIC on interface card
Answer: B

Q: 25 What are the minimum configuration requirements for configuring a NetScreen device for administrative access? (select the best two (2) answers)
A. Policies
B. Adding routes
C. SNMP configuration
D. Interface addressing
E. Creating an administrator
Answer: B, D

Q: 26 What is the maximum number of ports that can be added to an aggregate interface group on a 24 FE card?
A. 2
B. 4
C. 5
D. 8
E. 16
Answer: D

Q: 27 Which two (2) commands would build a valid default gateway to a NetScreen device using 1 virtual router and having a next hop of 1.1.1.1?
A. set route 0.0.0.0/0 int untrust
B. set route 1.1.1.1 gateway 0.0.0.0/0
C. set route 0.0.0.0/0 interface untrust gateway 1.1.1.1
D. set vr trust-vr route 0.0.0.0/0 gateway 1.1.1.1
E. set route 0.0.0.0/255.255.255.255 gateway 1.1.1.1
Answer: C, D


© 2014 Cheat-Test.com, All Rights Reserved