Loading ...
Global Do...
News & Politics
1
0
Try Now
Log In
Pricing
Exam1pass Easiest way to pass IT exams Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com Exam : Juniper JN0-140 Title : Certified Internet Associate (JNCIA-AC) 140 Exam Version : Demo Exam1pass Easiest way to pass IT exams Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com 1. Which two statements are true about applying Host Checker at the realm level? (Choose two.) A. If Evaluate is checked then the client must pass policy to get the sign-in page. B. If Evaluate is checked then the client can fail policy and still get the sign-in page. C. If Require and Enforce is checked then the client must pass policy to get the sign-in page. D. If Require and Enforce is checked then the client can fail policy and still get the sign-in page. Answer: BC 2. Which log contains information about service restarts, system errors, warnings, and requests to check server connectivity? A. Events log B. System log C. User Access log D. Admin Access log Answer: A 3. Which statement is correct about defining an Infranet Enforcer for use as a RADIUS Client? A. You do not need to configure a RADIUS client policy. B. You must know the exact model number of the Infranet Enforcer. C. You must specify the NACN password of the device in the RADIUS client policy. D. You do not need to designate a location group to which the Infranet Enforcer will belong. Answer: A 4. Which configuration option can be set either in the initial console menu or the Admin UI of the Infranet Controller? A. VLAN ID B. Hostname C. Domain name D. Administrative timeout Answer: C 5. What is the primary purpose of creating a Location Group Policy? A. to associate more than one realm with an authentication server B. to logically group network access devices and associate them with specific sign-in policies C. to allow or prevent users from accessing resources in specific locations on the network D. to define the URL that users of network access devices can use to access the Infranet Controller Answer: B 6. What is true about the operation of the Infranet Enforcer? A. It assigns users a set of roles. B. It allows access based on auth table entries. Exam1pass Easiest way to pass IT exams Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com C. It verifies whether an endpoint meets security requirements. D. It configures the UAC agent to allow or deny access to resources. Answer: B 7. On a pre-existing OAC, which three options can the Infranet Controller overwrite when the user accesses the Infranet Controller? (Choose three.) A. SSID B. login name C. MAC address D. wired adapters E. encryption method Answer: ADE 8. What must be updated regularly to detect the newest versions of personal firewalls on endpoints? A. Infranet Enforcer firmware B. Infranet Controller rollback software C. Host Security Assessment Plug-in (HSAP) D. Endpoint Security Assessment Plug-in (ESAP) Answer: D 9. Which three statements about dynamic filtering are true? (Choose three.) A. Dynamic filtering creates a query statement. B. Dynamic filtering has an option to save query. C. Dynamic filtering can select any log field to filter. D. Dynamic filtering permanently removes other log entries. E. Dynamic filtering redraws the log when you select a variable link. Answer: ABE 10. A customer has installed UAC in their network. They have both Windows and Linux endpoints and must choose a deployment method that everyone can use. Which deployment method allows for multiple platforms? A. IPsec enforcement B. 802.1X enforcement C. Source IP enforcement D. Odyssey Access Client Answer: C 11. Which interface does the Infranet Controller use to push the configuration? A. trusted port B. internal port Exam1pass Easiest way to pass IT exams Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com C. trust interface D. untrust interface Answer: B 12. Which two actions are required to configure an Infranet Enforcer to communicate with an Infranet Controller? (Choose two.) A. Enable SSH. B. Configure DNS. C. Enable route mode. D. Set certificate validation options. Answer: AD 13. When the Infranet Enforcer is set up in transparent mode, which additional resource policy must be configured to use OAC for IPsec enforcement? A. IPsec Routing B. Access Control C. IP Address Pool D. Source Interface Answer: D 14. Which two methods of authentication are used by the Infranet Controller for IPSec enforcement? (Choose two.) A. dial-up VPN B. IKE authentication C. XAuth authentication D. shared IKE authentication Answer: AC 15. What will serve as a RADIUS Client to the Infranet Controller for 802.1x authentication? A. an ACE server B. a wireless network C. an Ethernet switch D. Odyssey Access Client Answer: C 16. If Host Checker restrictions are applied at the role level and the "Allow access to the role if any ONE of the select policies is passed" option is unchecked, which two statements are true? (Choose two.) A. All roles are evaluated together. B. Each role is evaluated separately. C. Clients must pass all policies to access the role. Exam1pass Easiest way to pass IT exams Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com D. Clients will pass as long as one policy is accepted. Answer: BC 17. Which additional configuration must be completed when setting up role restrictions using certificates? A. Set up a certificate authentication server. B. Configure the authentication realm to remember certificate information. C. Configure the authentication realm to use a certificate server for authentication. D. Configure a role mapping rule requiring certification information to map user to role. Answer: B 18. What happens when Host Checker is configured to perform checks every "0" minutes? A. Host Checker is disabled. B. Host Checker will perform continous checks. C. Host Checker will perform checks when user logs out. D. Host Checker will perform checks when user first logs in. Answer: D 19. Your company has a mix of employees and contractors. Contractor usernames always begin with "con-"; employee usernames never begin with "con-". You need to give employees access to all resources and give contractors access to a limited set of resources. Employee and contractor roles have been created with the appropriate access privileges, and the realm is set to merge settings for all assigned roles. Which role mapping ruleset would result in the correct access privileges being assigned? A. username="*" -> Employee-role Stop username="con-*" -> Contractor-role B. username="*" -> Employee-role username="con-*" -> Contractor-role Stop C. username="con-*" -> Contractor-role Stop username="*" -> Employee-role D. username="con-*" -> Contractor-role username="*" -> Employee-role Stop Answer: C 20. Which action is optional when adding an authentication realm for use on an Infranet Controller? A. Modify sign-in policy. B. Configure role mapping. C. Assign authentication server. D. Configure authentication policy. Answer: D
