JN0-522 Exam Questions
154 real JN0-522 exam questions with expert-verified answers and explanations. Page 1 of 4.
- Question #1
Address book entries identify hosts and networks by their location in relation to what?
- Question #2
Which two options allow proper configuration of NAT-dst? (Choose two.)
- Question #3
Which three options allow proper configuration of NAT-dst? (Choose three.)
- Question #4
Which two protocols are defined in the IPSec standard? (Choose two.)
- Question #6
In the exhibit, which routing command would allow Host A to communicate with host C?
- Question #8
Juniper JN0-522 Exam Which statement accurately describes the "config rollaback" feature?
- Question #9
See the exhibit. Which order of policies would allow all five policies to be effective in matching traffic?
- Question #10
Which ScreenOS CLI commands would be used to enable traffic logging in policy edit mode?
- Question #11
Which command would you run to check IPSec Phase 1 active status?
- Question #12
Telnet management has been enabled on an interface in the untrust zone. What else should be configured to limit telnet access to the ScreenOS devie from trusted management PCs?
- Question #13
In the exhibit, which two forms of address translation would have generated the output shown? (Choose two.)
- Question #14
Which statement accurately describes the "config rollaback" feature?
- Question #15
What needs to be configured in Phase 2 of a route-based VPN that does not need to be configured in a policy-based VPN?
- Question #16
You are looking at the event log of the responding device and it says " Rejected an initial Phase 1 packet from un unrecognized peer gateway". What are three likely reasons for the...
- Question #17
A ScreenOS firewall is running in transparent mode. The firewall receives a packet which has no entry in its forwarding table. What will the firewall do?
- Question #18
you are looking at the event log of the responding device and it says " Rejected an initial Phase 1 packet from un unrecognized peer gateway". What are three likely reasons for the...
- Question #19
See the Exhibit: For the SSG 20 to have full reachability to all host in the network, how many static routes need to be added?
- Question #20
You have created a route-based VPN in your ScreenOS device. When the remote device tries to connect you see the following message in your event log, "No Policy exist for the proxy...
- Question #21
Juniper JN0-522 Exam Which command is used to verify IKE Phase 1 is complete?
- Question #22
Your VPN tunnel does not pass traffic. You run the get ike cookie command and discover that there is no cookie. Which two should be verified? (Choose two.)
- Question #24
Which two statements are accurate about AH packets? (Choose two.)
- Question #25
Which three options allow proper configuration of NAT-dst? (Choose three.)
- Question #26
Which two statements are accurate about AH packets? (Choose two.)
- Question #27
Which ScreenOS CLI command would be useful for troubleshooting a policy deny?
- Question #28
In the exhibit to enable interface-based NAT between Host A and Host D, which interface(s) must be in NAT mode?
- Question #29
If all interfaces are configured for route mode, what will be modified by the ScreenOS device when traffic travels from the trust zone to the untrust zone?
- Question #30
Which three options allow proper configuration of NAT-dst? (Choose three.)
- Question #31
Which ScreenOS CLI command is used to verify MIP operation?
- Question #32
What is the default mode for an interface in the untrust zone?
- Question #33
A ScreenOS firewall has one interface in the user zone and one interface in the server zone. Both interfaces are addressed and active. The configured policy allows user traffic fro...
- Question #34
See the exhibit: In the Exhibit, which interface would be used to forward traffic to host 1.1.7.5?
- Question #35
What is the purpose of the sequence number of the ESP or AH header?
- Question #36
Which two statements are true in regards to a ScreenOS firewall in transparent mode? (Choose two.)
- Question #37
See the command: Set int e8 dip 5 shift-from 10.1.1.5 1.1.10.2 1.1.10.40 What will be the source IP address of the egress packet for the second user requesting an address from the...
- Question #38
What is the purpose of the "Managed IP" address on a ScreenOS device?
- Question #39
See the Exhibit carefully: Why the packet is dropped? Juniper JN0-522 Exam
- Question #40
See the exhibit: In this route-based VPN configuration, where are the two policies going to be required? (Choose two.)
- Question #41
Juniper JN0-522 Exam Which ScreenOS CLI policy statement keyword would be used to enable traffic counters?
- Question #42
What are three major concerns when sending private data over a public medium? (Choose three.)
- Question #43
Which ScreenOS CLI command is used to verify MIP operation?
- Question #44
Which command is used to avoid IP fragmentation when configuration IPSec on a ScreenOS device?
- Question #45
See the exhibit: In the exhibit, you need to make a bidirectional VPN between the SSG 5 and the SSG 550. On the SSG550, which address will you use to configure the IKE gateway? Jun...
- Question #46
Which three commands are used to verify that routing is correctly configured? (Choose three.)
- Question #47
When configuration a ScreenOS device in transparent mode, what is required to forward traffic?
- Question #48
Assuming factory default settings, which statement describes the minimum requirements for webui management access to the SSG 5?
- Question #49
See the Exhibit: In the exhibit, which two forms of address translation would have generated the output shown? (Choose two.)
- Question #50
You have created a VPN to a dynamic peer. Which two configured parameters must match? (Choose two)
- Question #51
You need to investigate some physical layer problems. Which command will provide you with information that you can use to analyze these type of problems?
- Question #52
What must be enabled to protect Phase 2 key exchanges?
- Question #53
Which parameters can you modify on a predefined service?