JN0-532 JNCIS Braindump
ExamSoon JN0-532 Exams
Juniper Networks Juniper Networks Certified Internet Specialist, FWV (JNCIS-FWV)
O rder : JN0-532 Exam
Practice Exam: JN0-532
Exam Number/Code: JN0-532
Exam Name: Juniper Networks Certified Internet Specialist, FWV (JNCIS-FWV)
Questions and Answers: 151 Q&As
Free JN0-532 Braindumps
Exam : Juniper JN0-532
Title : FWV,Specialist(JNCIS-FWV)
1. During main mode negations a failure has occurred while using IKE certificates.
Which message pair would you review to troubleshoot this failure?
A. messages 1 & 2
B. messages 2 & 3
C. messages 3 & 4
D. messages 5 & 6
Answer: D
2. You have entered the command
set ffilter src-ip 1.1.7.250 dst-ip 10.1.10.5 ip-prot 6
What will be the resulting output in the debug for which this was created?
A. If the packet has a src-ip of 1.1.7.250 or a dst-ip of 10.1.10.5 or has TCP as its protocol then it will be captured
B. If the packet has a src-ip of 1.1.7.250 or a dst-ip of 10.1.10.5 or has UDP as its protocol then it will be captured
C. If the packet has a src-ip of 1.1.7.250 and a dst-ip of 10.1.10.5 and has TCP as its protocol then it will be captured
D. If the packet has a src-ip of 1.1.7.250 and a dst-ip of 10.1.10.5 and has UDP as its protocol then it will be captured
Answer: C
3. Which two item pairs are exchanged during Phase 2 negotiations? (Choose two.)
A. proxy-id, SA proposal list
B. IKE cookie, SA proposal list
C. hash [ID + Key], DH key exchange
D. SA proposal list, optional DH key exchange
Answer: AD
4. What must be enabled to protect Phase 2 key exchanges?
A. Phase 1 PFS
B. Phase 2 SHA
C. Phase 2 3-DES
D. Phase 2 DH key exchange
Answer: D
5. You have configured the following on your device.
set address trust MyPC 10.1.1.5/32
set address untrust CorpNet 10.10.0.0/16
set policy from trust to untrust MyPC CorpNet any permit
set int tunnel.1 zone untrust
set int tunnel.1 ip unnumbered int bgroup1
set ike gateway GW address 1.1.1.1 outgoing-interface e0/1 preshare Secret sec-level standard
set vpn VPN gateway GW s