jn0-531 JNCIS Braindump
ExamSoon jn0-531 Exams
Juniper Networks FWV, Specailist(JNCIS-FWV)
O rder : jn0-531 Exam
Practice Exam: jn0-531
Exam Number/Code: jn0-531
Exam Name: FWV, Specailist(JNCIS-FWV)
Questions and Answers: 151 Q&As
Free jn0-531 Braindumps
Exam : Juniper JN0-531
Title : Juniper FWV, Specailist(JNCIS-FWV)
1. Which commands would you use to create a zone and make it ready to perform IP classification for a VSYS?
A. set zone name Zone1
set zone Zone1 ip-classification
B. set zone name Zone1 shared
set zone Zone1 ip-classification
C. set zone name Zone1
set zone Zone1 shared
set zone Zone1 ip-classification
D. set zone name Zone1
set zone Zone1 shared
set zone Zone1 ip-classification enable
Answer: C
2. Which two item pairs are exchanged during Phase 2 negotiations? (Choose two.)
A. proxy-id, SA proposal list
B. IKE cookie, SA proposal list
C. hash [ID + Key], DH key exchange
D. SA proposal list, optional DH key exchange
Answer: AD
3. Click the Exhibit button.
Review the exhibit. Track-ip has failed on the device, but the device did not fail over to the second unit in the cluster:
Why has failover not occurred?
A. The physical interfaces have not failed.
B. The track-ip interval is not sufficient to cause failover.
C. The track-ip address weight is not sufficient to cause failover.
D. The track-ip address threshold is not sufficient to cause failover.
Answer: C
4. Which three statements are true regarding IKE Phase 1? (Choose three.)
A. Placing the SA proposal list in message 1 is an option.
B. The digital certificate is used to decrypt the session key.
C. The DH key exchange is used to validate the session key.
D. The DH key exchange and digital certificates are both optional.
E. The proxy-id is used to determine which SA is referenced for the VPN.
Answer: ABC
5. Which command is used to verify that IGMP is running correctly?
A. get route igmp
B. get igmp query
C. set igmp query interface e0/1
D. exec igmp interface e0/1 query
Answer: D
6. What must be configured differently for a