JN0-332 Exam - Free Juniper Questions and Answers

Question #6 (Topic: Topic 1)

What are three configuration objects used to build JunosIDP rules? (Choose three.)

A. zone objects B. policy objects C. attack objects D. alert and notify objects E. network and address objects

Answer: A,C,E

Question #7 (Topic: Topic 1)

A network administrator is using source NAT for traffic from source network 10.0.0.0/8. The
administrator must also disable NAT for any traffic destined to the 202.2.10.0/24
network.Which configurationwould accomplish this task?

A. [edit security nat source rule-set test] user@host# show from zone trust; to zone untrust; rule A { match { source-address 202.2.10.0/24; } then { source-nat { pool { A; } } } } rule B { match { destination-address 10.0.0.0/8; } then { source-nat { off; } } } B. [edit security nat source] user@host# show rule-set test from zone trust; to zone untrust; rule 1 { match { destination-address 202.2.10.0/24; } then { source-nat { off; } } } rule 2 { match { source-address 10.0.0.0/8; } then { source-nat { pool { A; } } } } C. [edit security nat source rule-set test] user@host# show from zone trust; to zone untrust; rule A { match { source-address 10.0.0.0/8; } then { source-nat { pool { A; } } } } rule B { match { destination-address 202.2.10.0/24; } then { source-nat { off; } } } D. [edit security nat source rule-set test] user@host# show from zone trust; to zone untrust; rule A { match { source-address 10.0.0.0/8; } then { source-nat { pool { A; } } } }

Answer: B

Question #8 (Topic: Topic 1)

Which URL database do branch SRX Series devices use when leveraging local Web
filtering?

A. The SRX Series device will download the database from an online repository to locally inspect HTTP traffic for Web filtering. B. The SRX Series device will use an offline database to locally inspect HTTP traffic for Web filtering. C. The SRX Series device will redirect local HTTP traffic to an external Websense server for Web filtering. D. The SRX Series administrator will define the URLs and their associated action in the local database to inspect the HTTP traffic for Web filtering.

Answer: D

Question #9 (Topic: Topic 1)

Which configuration shows a pool-based source NAT without PAT?

A. [edit security nat source] user@host# show pool A { address { 207.17.137.1/32 to 207.17.137.254/32; } } rule-set 1A { from zone trust; to zone untrust; rule 1 { match { source-address 10.1.10.0/24; } then { source-nat pool A; port no-translation; } } } B. [edit security nat source] user@host# show pool A { address { 207.17.137.1/32 to 207.17.137.254/32; } overflow-pool interface; } rule-set 1A { from zone trust; to zone untrust; rule 1 { match { source-address 10.1.10.0/24; } then { source-nat pool A; port no-translation; } } } C. [edit security nat source] user@host# show pool A { address { 207.17.137.1/32 to 207.17.137.254/32; } port no-translation; } rule-set 1A { from zone trust; to zone untrust; rule 1 { match { source-address 10.1.10.0/24; } then { source-nat pool A; } } } D. [edit security nat source]. user@host# show pool A { address { 207.17.137.1/32 to 207.17.137.254/32; } overflow-pool interface; } rule-set 1A { from zone trust; to zone untrust; rule 1 { match { source-address 10.1.10.0/24; } then { source-nat pool A; } } }

Answer: C

Question #10 (Topic: Topic 1)

Click the Exhibit button.
[Juniper-JN0-332-25.0/Juniper-JN0-332-10_2.png]
In the exhibit, a new policy named DenyTelnet was created. You notice that Telnet traffic is
still allowed.
Which statement will allow you to rearrange the policies for the DenyTelnet policy to be
evaluated before your Allow policy?

A. insert security policies from-zone A to-zone B policy DenyTelnet before policy Allow B. set security policies from-zone B to-zone A policy DenyTelnet before policy Allow C. insert security policies from-zone A to-zone B policy DenyTelnet after policy Allow D. set security policies from-zone B to-zone A policy Allow after policy DenyTelnet

Answer: A

Juniper JN0-332 - Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC) Exam