Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Juniper JN0-633 Exam - Cheat-Test.com

Free JN0-633 Sample Questions:

Q: 1
You are troubleshooting an SRX240 acting as a NAT translator for transit traffic. Traffic is dropping at the SRX240 in your network. Which three tools would you use to troubleshoot the issue? (Choose three.)
A. security flow traceoptions
B. monitor interface traffic
C. show security flow session
D. monitor traffic interface
E. debug flow basic
Answer: A,B,C

Q: 2
Somebody has inadvertently configured several security policies with application firewall rule sets on an SRX device. These security policies are now dropping traffic that should be allowed. You must find and remove the application firewall rule sets that are associated with these policies.
Which two commands allow you to view these associations? (Choose two.)
A. show security policies
B. show services application-identification application-system-cache
C. show security application-firewall rule-set all
D. show security policies application-firewall
Answer: A,D

Q: 3
You are asked to troubleshoot ongoing problems with IPsec tunnels and security policy processing. Your network consists of SRX240s and SRX5600s.
Regarding this scenario, which two statements are true? (Choose two.)
A. You must enable data plane logging on the SRX240 devices to generate security policy logs.
B. You must enable data plane logging on the SRX5600 devices to generate security policy logs.
C. IKE logs are written to the kmd log file by default.
D. IPsec logs are written to the kmd log file by default.
Answer: B,D

Q: 4
A security administrator has configured an IPsec tunnel between two SRX devices. The devices are configured with OSPF on the st0 interface and an external interface destined to the IPsec endpoint. The adminstrator notes that the IPsec tunnel and OSPF adjacency keep going up and down. Which action would resolve this issue?
A. Create a firewall filter on the st0 interface to permit IP protocol 89.
B. Configure the IPsec tunnel to accept multicast traffic.
C. Create a /32 static route to the IPsec endpoint through the external interface.
D. Increase the OSPF metric of the external interface.
Answer: C

Q: 5
You are asked to configure class of service (CoS) on an SRX device running in transparent mode.
Which command would you use?
A. set interfaces ge-0/0/0 unit 0 classifiers dscp priority-app
B. set class-of-service interfaces ge-0/0/0 unit 0 classifiers dscp priority-app
C. set class-of-service interfaces ge-0/0/0 unit 0 classifiers ieee-802.1 priority-app
D. set interfaces ge-0/0/0 unit 0 classifiers inet-precedence priority-app
Answer: C

Q: 6
Which QoS function is supported in transparent mode?
A. 802.1p
B. DSCP
C. IP precedence
D. MPLS EXP
Answer: A

Q: 7
What is the default action for an SRX device in transparent mode to determine the outgoing interface for an unknown destination MAC address?
A. Perform packet flooding.
B. Send an ARP query.
C. Send an ICMP packet with a TTL of 1.
D. Perform a traceroute request.
Answer: A

Q: 8
For an SRX chassis cluster in transparent mode, which action occurs to signal a high availability failover to neighboring switches?
A. the SRX chassis cluster generates Spanning Tree messages
B. the SRX chassis cluster generates gratuitous ARPs
C. the SRX chassis cluster flaps the former active interfaces
D. the SRX chassis cluster uses IP address monitoring
Answer: C

Q: 9
You want to configure in-band management of an SRX device in transparent mode.
Which command is required to enable this functionality?
A. set interfaces irb unit 1 family inet address
B. set interfaces vlan unit 1 family inet address
C. set interfaces ge-0/0/0 unit 0 family inet address
D. set interfaces ge-0/0/0 unit 0 family bridge address
Answer: A

Q: 10
You are attempting to establish an IPsec VPN between two SRX devices. However, there is another device between the SRX devices that does not pass traffic that is using UDP port 4500.
How would you resolve this problem?
A. Enable NAT-T.
B. Disable NAT-T.
C. Disable PAT.
D. Enable PAT.
Answer: B


© 2014 Cheat-Test.com, All Rights Reserved