JN0-522 Exam Questions
154 real JN0-522 exam questions with expert-verified answers and explanations. Page 2 of 4.
- Question #54
When configuring a ScreenOS device in transparent mode, what is required to forward traffic?
- Question #55
You are looking at the event log of the initiating device and it says, received only message for DOI<1> <14> <NO_PROPOSAL_CHOSEN>. What is the problem?
- Question #56
What are two reasons for using HMACs? (Choose two.)
- Question #57
Which ScreenOS CLI command would be used to view traffic logs?
- Question #58
When adding an address book entry for a host, which mask should be used?
- Question #59
By default from which hardware component is the startup copy of the ScreenOS loaded?
- Question #60
See the Exhibit: Which two network addresses could appear in the remote proxy-id for the SSG 550 during the IKE phase two exchange? (Choose two.) Juniper JN0-522 Exam
- Question #61
See the Exhibit: Which command generated the output shown in the exhibit?
- Question #62
What is the purpose of the "Permitted IP" address on a ScreenOS device?
- Question #63
Which type of NAT is performed when you implement interface-based NAT?
- Question #64
You enter the following command: set int e0/8 mip 1.1.8.32 host 10.1.10.32 netmask 255.255.255.248 How many MIP address translations have you just configured?
- Question #65
Which statement is correct about tunnel interface?
- Question #66
Which ScreenOS CLI policy statement keyword would enable a policy only during specified times, days and/or dates?
- Question #67
Which statement accurately describes the "config rollaback" feature?
- Question #68
Which three options allow proper configuration of NAT-dst? (Choose three.)
- Question #69
See the Exhibit: In the exhibit, what is the correct address book entry for host C?
- Question #70
Which two steps are required for MIP configuration? (Choose two.)
- Question #71
Juniper JN0-522 Exam Which ScreenOS CLI command is used to verify MIP operation?
- Question #72
See the Exhibit: In the exhibit, which two elements would you configure to provide fixed-port translation for traffic leaving the corporate network destined for the internet? (Choo...
- Question #73
While looking at your policies using the WebUI, you notice that the green permit policy has turned blue what would cause this?
- Question #74
Which statement about multi-cell policies is true?
- Question #75
In the packet forwarding decision process, how is the second packet handled differently than the first in a series of allowed interzone packets?
- Question #76
What is the default mode for an interface in the trust zone?
- Question #77
Which command is used to verify IKE Phase 1 is complete?
- Question #78
Juniper JN0-522 Exam Which two protocols are defined in the IPSec standard? (Choose two.)
- Question #79
Which ScreenOS CLI Command would be used to add services to an existing multi-cell policy?
- Question #81
In the packet forwarding decision process, how is the second packet handled differently than the first in a series of allowed interzone packets?
- Question #82
What is required to support policy-based NAT when using route-based VPNs?
- Question #84
Which three must a policy contain? (Choose three.)
- Question #85
See the Exhibit: Traffic from the internet to the partner servers must use a VIP. In the exhibit, what is the true about the configuration of this feature? Juniper JN0-522 Exam
- Question #86
Which three must a policy contain? (Choose three.)
- Question #87
What is the maximum number of custom proposals sent by a ScreenOS device when negotiating IKE Phase 1 or Phase 2?
- Question #88
Which process describes how an addressed physical interface is moved into a Layer 2 zone?
- Question #89
What is the default mode for an interface in the untrust zone?
- Question #90
What are two benefits of configuring a ScreenOS device in transparent mode? (Choose two.)
- Question #91
You have one VIP configured on your device, using public address 191.111.222.5. When you configure the policy, what will you select for the VIP and where will you select it?
- Question #92
Which command is used to avoid IP fragmentation when configuration IPSec on a ScreenOS device?
- Question #93
When performing an image upgrade using the CLI, which three locations would be a source for this image? (Choose three.)
- Question #94
Which three must a policy contain? (Choose three.)
- Question #95
Which ScreenOS WebUI button reorders policies?
- Question #96
What are three components of a tunnel interface configuration? (Choose three.)
- Question #97
You have entered the command set ffilter src-ip 1.1.7.250 dst-ip 10.1.10.5 ip-prot 6 What will be the resulting output in the debug for which this was created?
- Question #98
What is the default number of equal-cost routes that are used by a ScreenOS device?
- Question #99
Which ScreenOS CLI commands would match the 10.35.89.0/24 subnet for route redistribution?
- Question #100
Which two configuration components are different when configuring a route-based VPN gateway rather than a policy-based VPN gateway? (Choose two.)
- Question #101
Which ScreenOS CLI command is required to enable a policy during specified times, days or dates?
- Question #102
A ScreenOS firewall has one interface in the user zone and one interface in the server zone. Both interfaces are addressed and active. The configured policy allows user traffic fro...
- Question #103
You want to minimize the number of IP addresses, subnets and policies in use. How should you you configure your tunnel interface?
- Question #104
When configuring a firewall in a critical environment where a local backup configuration is quickly needed, what should be completed on a periodic basis?
- Question #105
In the command, save config from tftp 1.1.7.250 abcde.cfg merge, which function does the merge parameter specify?