Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Juniper JN0-730 Exam - Cheat-Test.com

Free JN0-730 Sample Questions:

Q: 1
What type of interface is a tunnel interface?
A. sub-interface
B. virtual interface
C. physical interface
D. redundant interface
Answer: B

Q: 2
Tunnel binding is accomplished during which part of the VPN configuration process?
A. Phase 1
B. Phase 2
C. Route Creation
D. Replay protection
E. Tunnel Interface Creation
Answer: B

Q: 3
What is required to support policy-based NAT when using route-based VPNs?
A. Tunnel interface
B. Tunnel interface must have an IP address.
C. Tunnel interface must have an unnumbered IP.
D. Tunnel interface must have an unnumbered IP address.
Answer: B

Q: 4
Tunnel Binding is accomplished during which part of the VPN configuration process?
A. Phase 1
B. Phase 2
C. Route Creation
D. Replay protection
E. Tunnel Interface Creation
Answer: B

Q: 5
What is required to support policy-based NAT when using route-based VPNs?
A. Policy defined for VPN traffic.
B. Tunnel interface must be unnumbered.
C. Tunnel interface must have an IP address.
D. Tunnel interface must have a custom zone assigned.
Answer: C

Q: 6
Which statement is correct about tunnel interfaces?
A. They can have overlapping IP addresses.
B. They need to be configured in the zone where the protected resources reside.
C. They can be unnumbered and used in policy-based translations if the interface is in route mode.
D. They can be unnumbered from any interface residing on the same virtual router as the protected resources.
Answer: D

Q: 7
Which is NOT a component of a tunnel interface configuration?
A. zone
B. virtual router
C. subnet mask
D. IP addressing
Answer: B

Q: 8
You have created your tunnel interface in the untrust zone. Traffic from the trust zone is able to enter the tunnel and pass to the destination. However traffic from a different interface in the untrust zone is not able to pass traffic through the tunnel. You are using a single virtual router.
What could be causing this problem?
A. Two virtual routers need to be configured.
B. A policy is needed since intra-zone blocking is on by default in the untrust zone.
C. The tunnel is configured with a proxy id that does not include the address from the untrust interface.
D. The routing tables are not correctly configured to allow the traffic from the untrust source to be delivered to the destination.
Answer: B

Q: 9
You want to minimize the number of IP addresses and subnets in use. How should you configure your tunnel interface?
A. Configure the tunnel interface with an IP address with a 32 bit subnet mask
B. Configure the tunnel interface with an IP address with a 30 bit subnet mask
C. Configure the tunnel interface as unnumbered and place the interface in the same zone as the designated interface
D. Configure the tunnel interface as unnumbered, but place the tunnel interface in a different zone than the designated interface
Answer: C

Q: 10
Which is NOT a component of a tunnel interface configuration?
A. zone
B. virtual router
C. subnet mask
D. IP addressing
Answer: B

Q: 11
You have created your tunnel interface in the untrust zone. Traffic from the trust zone is able to enter the tunnel and pass to the destination. However traffic from a different interface in the untrust zone is not able to pass traffic through the tunnel. You are using a single virtual router.
What is causing this problem?
A. Two virtual routers need to be configured.
B. A policy is needed since intra-zone blocking is on by default in the untrust zone.
C. The tunnel is configured with a proxy id that does not include the address from the untrust interface.
D. The routing tables are not correctly configured to allow the traffic from the untrust source to be delivered to the destination.
Answer: B

Q: 12
You want to minimize the number of IP addresses, subnets, and policies in use. How should you configure your tunnel interface?
A. Configure the tunnel interface with an IP address with a 32-bit subnet mask.
B. Configure the tunnel interface with an IP address with a 30-bit subnet mask.
C. Configure the tunnel interface as unnumbered and place the interface in the same zone as the designated interface.
D. Configure the tunnel interface as unnumbered, but place the tunnel interface in a different zone than the designated interface.
Answer: C

Q: 13
What are three components of a tunnel interface configuration? (Choose three.)
A. zone
B. virtual router
C. subnet mask
D. IP addressing
E. virtual system
Answer: A,C,D

Q: 14
You are creating route-based VPNs on a NS208. When creating your 101st interface, you receive an error message and are prevented from creating additional tunnel interfaces. What would cause this problem?
A. There is a limit of 100 tunnel interfaces per zone
B. There is a limit of 100 tunnel interfaces per NS208
C. There is a limit of 100 tunnel interfaces per virtual router
D. Acquire a license key to increase the number of tunnel interfaces that can be created.
Answer: B

Q: 15
You have created a route-based VPN. When you try to connect to the remote device you see the following message in your event log:
No policy exists for the proxy id received What two (2) things can cause this to occur?
A. A proxy id conflict
B. An unbound tunnel interface
C. The remote device is a policy-based VPN
D. The tunnel interface is configured in a different zone than the physical interface
Answer: A,C

Q: 16
You are creating route-based VPNs on a NS208. When creating your 101st interface, you receive an error message and are prevented from creating additional tunnel interfaces.
What would cause this problem?
A. There is a limit of 100 tunnel interfaces per zone.
B. There is a limit of 100 tunnel interfaces per NS208.
C. There is a limit of 100 tunnel interfaces per virtual router.
D. Acquire a license key to increase the number of tunnel interfaces that can be created.
Answer: B

Q: 17
You have created a route-based VPN in your ScreenOS device. When the remote device tries to connect you see the following message in your event log:
No policy exists for the proxy id received.
Which two would cause this to occur? (Choose two.)
A. a proxy-id conflict
B. an unbound tunnel interface
C. the remote device is a policy-based VPN
D. the tunnel interface is configured in a different zone than the physical interface
Answer: A,C

Q: 18
Which number is used by get event <number> to view all VPN events?
A. 356
B. 536
C. 563
D. 634
Answer: B

Q: 19
Which command is used to verify IKE Phase 1 is complete?
A. get sa active
B. get ike active
C. get ike cookie
D. get flow active
Answer: C

Q: 20
Which command would you run to check IPSec Phase 1 active status?
A. get sa
B. get event
C. get sa active
D. get ike cookie
Answer: D


© 2014 Cheat-Test.com, All Rights Reserved