Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Juniper JN0-531 Exam -

Free JN0-531 Sample Questions:

Q: 1 How many tunnels would need to be created to build a full mesh between 10 VPN devices?
A. 10
B. 20
C. 45
D. 100
Answer: C

Q: 2 You have configured a secondary path for the NSRP cluster. Which type of traffic is sent over the secondary path?
A. NSRP heartbeats
B. RTO message sync
C. NSRP data packet forwarding
D. configuration sync messages
Answer: A

Q: 3 Which statement is correct about the configuration of GRE?
A. It can be enabled on any tunnel interface.
B. It can provide simple encryption by enabling a key option.
C. It can be enabled by going to the advanced AutoKey IKE options.
D. It requires matching keep-alive settings on both sides of the tunnel.
Answer: A

Q: 4 You need to investigate some physical layer problems. Which command will provide you with information that you can use to analyze these types of problems?
A. get log event
B. get counter screen e0/0
C. get counter flow interface e0/0
D. get counter statistics interface e0/0
Answer: D

Q: 5 Which feature minimizes OSPF routing exchanges and hello traffic over VPN links?
A. demand circuit
B. passive interface
C. point-to-multipoint interface
D. inter-area route summarization
Answer: A

Q: 6 Which ScreenOS CLI command is necessary for configuring IGMP on interface ethernet0/1?
A. set igmp interface ethernet0/1
B. set multicast interface ethernet0/1
C. set interface ethernet0/1 igmp router
D. set igmp interface ethernet0/1 enable
Answer: C

Q: 7 When you configure integrated web filtering, which settings are needed on the client's PC?
A. No client IP is needed.
B. No settings are needed.
C. A browser setting to define a proxy server.
D. A browser setting to point to the ingress IP address.
Answer: B

Q: 8 When configuring security proposals with the NetScreen-Remote client, how many Phase 2 proposals are included by default when you configure a new connection?
A. 1
B. 2
C. 3
D. 4
Answer: A

Q: 9 Which two methods can the ScreenOS device use to assign traffic to a VSYS? (Choose two.)
A. IP-based classification
B. VLAN-based classification
C. policy-based classification
D. interface-based classification
Answer: A, D

Q: 10 When enabling RIP over a hub and spoke VPN, what must you configure on the hub device tunnel interface to allow spokes to receive routing updates?
A. point to multipoint
B. disable split-horizon
C. enable demand circuit
D. enable passive interface
Answer: B

Q: 11 You are creating a DIP pool of 30 addresses. You would like to see how addresses are being allocated to different traffic streams. Which command will you use to view this information?
A. snoop
B. get dip all
C. get session
D. get address xlate
Answer: C

Q: 12 Which statement is correct regarding the configuration of basic dialup VPN networks?
A. The WebUI permits only the configuration of FQDN IKE users.
B. The number of configured IKE users is platform-specific.
C. You can assign an IP address to a remote user when creating an IKE user.
D. Creating individual users for basic VPN networks is more secure than using a group ID.
Answer: C

Q: 13 What are three components that make up a redundant VPN configuration? (Choose three.)
A. master
B. targets
C. monitor
D. backups
E. VPN groups
Answer: B, C, E

Q: 14 Which commands would you use to create a zone and make it ready to perform IP classification for a VSYS?
A. set zone name Zone1
set zone Zone1 ip-classification
B. set zone name Zone1 shared
set zone Zone1 ip-classification
C. set zone name Zone1
set zone Zone1 shared
set zone Zone1 ip-classification
D. set zone name Zone1
set zone Zone1 shared
set zone Zone1 ip-classification enable
Answer: C

Q: 15 Which CLI command identifies the multicast sources visible to your ScreenOS device?
A. get route pim
B. get igmp source all
C. exec pim interface all query
D. get vrouter trust-vr protocol pim
Answer: D

Q: 16 What are the three building blocks to create a PBR policy? (Choose three.)
A. action groups
B. match groups
C. session groups
D. extended access lists
E. extended access groups
Answer: A, B, D

Q: 17 How is antivirus scanning enabled on a ScreenOS device?
A. Antivirus scanning is implemented in a policy.
B. Antivirus scanning is implemented at the interface.
C. Antivirus scanning is a stand-alone product and manually enabled.
D. Antivirus scanning is enabled by default on some ScreenOS devices.
Answer: A

Q: 18 During main mode negations a failure has occurred while using IKE certificates. Which message pair would you review to troubleshoot this failure?
A. messages 1 & 2
B. messages 2 & 3
C. messages 3 & 4
D. messages 5 & 6
Answer: D

Q: 19 Which description about an Active/Active configuration is accurate?
A. Both ScreenOS devices are passing traffic. If one device fails, or if a monitored interface fails, all traffic will fail over to the other device.
B. Both ScreenOS devices are operational. NSRP provides for a virtual device MAC address. If one device or port fails the other device continues the traffic flow immediately.
C. Both ScreenOS devices are turned on, but only one carries traffic. The second device listens to traffic and builds all session tables, VPN, SA, and ARP table entries to take over in event of a failure.
D. Both ScreenOS devices are passing traffic. If one device fails completely the other one will carry traffic for both devices. If a monitored interface fails the other device will carry the traffic just for that interface.
Answer: A

Q: 20 Which three VSYS features can only be created by the root administrator? (Choose three.)
B. policies
C. subinterfaces
D. dedicated interfaces
E. VSYS read/write Admin
Answer: C, D, E

Q: 21 You are using NSRP and enable preempt on a device with a priority of 120.
The other device has the default priority set. What will be the result of this action?
A. The device will be come master immediately.
B. The device will only become master if the device with default priority fails.
C. The device will wait the defined holdtime period and then take over as master.
D. The device will enter a pending state until the next maintenance window and then assume the master role.
Answer: B

© 2014, All Rights Reserved