JN0-533 Exam Questions
120 real JN0-533 exam questions with expert-verified answers and explanations. Page 1 of 3.
- Question #1
Your ScreenOS device does not have a static IP address. You want to be able to access it using its FQDN. How would you implement this task?
- Question #2
You have just installed a new ScreenOS device in your network and you want only a select range of IP addresses to have administrative access to the device. Which choice will allow...
- Question #3
A routing table contains an IBGP route for 192.168.0.0/24, a RIP route for 192.168.0.0/23, an OSPF route for 192.168.0.0/22, and a static route for 192.168.0.0/16. When the router...
- Question #4
You are troubleshooting telnet traffic destined to IP address 10.10.10.1. You decide to run debug and want to set the flow filter. Which command will show only the telnet traffic g...
- Question #5
Juniper JN0-533 Exam You have enabled BGP on your ScreenOS device and configured a single EBGP peer. The CLI shows that the BGP connection is transitioning between the CONNECT and...
- Question #6
You want to set up a last resort route and prevent route lookups in either the source-based routing table or the destination-based routing table. What should you do?
- Question #7
You have the following BGP configuration in place to establish a session with a remote peer over your ethernet4 interface. set vrouter trust-vr protocol bgp 65000 set vrouter trust...
- Question #8
You have only one public IP address available and you must allow external access to three servers on a DMZ network. Which two NAT types would allow you to accomplish your objective...
- Question #9
Your ScreenOS device is configured with multiple NAT types. What is the order of precedence in this situation?
- Question #10
You must translate a range of public IP addresses to a range of internal IP addresses. Which two mechanisms would you use to accomplish your objective? (Choose two.)
- Question #11
Your ScreenOS device is using NAT. Which NAT function allows you to use a single IP address from an untrust zone to communicate to multiple IP addresses in a trust zone?
- Question #12
Which two statements are true about NAT? (Choose two.)
- Question #13
Which NAT has bidirectional translation by default?
- Question #14
You are using interface-based NAT for traffic passing from the trust zone to the untrust zone. What will occur?
- Question #15
You have configured a single-port VIP to forward HTTP traffic from the untrust interface on your ScreenOS device to an internal Web server. You have configured a policy to allow th...
- Question #16
You must verify on your ScreenOS device that you have configured the correct tunnel peer and determine which IKE proposals the remote device is sending and accepting. Which command...
- Question #17
Juniper JN0-533 Exam You are building an IPsec VPN and want to authenticate and encrypt the content. Which two Phase 1/Phase 2 (P1/P2) proposals would achieve this goal? (Choose tw...
- Question #18
You are configuring a VPN with IKE between headquarters and a branch office that uses a dynamic public IP address. Which IKE mode should you use?
- Question #19
Which two statements are true about policy-based VPNs as compared to route-based IPsec VPNs when using ScreenOS devices? (Choose two.)
- Question #20
You want to ensure that the IKE Phase 2 key is totally independent of the IKE Phase 1 key. Which IKE feature would you enable?
- Question #21
Which two Diffie-Hellman (DH) groups are supported by ScreenOS software? (Choose two.)
- Question #22
How is a route-based VPN different from a policy-based VPN?
- Question #23
Which two statements are true about VPN Monitor on a ScreenOS device? (Choose two.)
- Question #24
Which two authentication algorithms does AutoKey IKE use during Phase 1 negotiations? (Choose two.)
- Question #25
You are receiving 3000 SYN packets per second from multiple outside sources to the same destination IP address in your network. You want the SYN proxy Screen option to engage when...
- Question #26
You have configured deep-packet inspection on a ScreenOS device. You have not modified the default threshold values. The device detects a single session that matches an attack. Whi...
- Question #27
A ScreenOS device detects a large number of sessions that match the same deep inspection attack object. What are two ways to configure the device? (Choose two.)
- Question #28
The ScreenOS software performs virus scanning for which three protocols? (Choose three.)
- Question #29
You have configured integrated Web filtering in the ScreenOS software. A URL appears in the blacklist, the whitelist, and a user-defined category. Additionally, the device can obta...
- Question #30
You have configured integrated Web filtering in the ScreenOS software. You find that users trying However, you want all users to be able to access this Web site. What are two metho...
- Question #31
You want to enable the integrated Web-filtering feature on a ScreenOS device. Which Web-filtering technology would be used?
- Question #32
Which two statements are correct about internal antivirus scanning? (Choose two.)
- Question #33
You want to copy an external configuration file to your ScreenOS device and have it become active only after the device reboots. How would you accomplish this goal?
- Question #34
You want to ensure that the ScreenOS device sends alert data to notify the security operation center. Which three log destinations would you set to accomplish your objective? (Choo...
- Question #35
You want to know the username and IP address of users who logged in to the WebUI. In which log would you find this information?
- Question #36
You manage a ScreenOS device. A user complains that the FTP download speed is slow. You suspect a cable or an interface might be the problem. Which command provides interface error...
- Question #37
You want to centralize the logging for all your ScreenOS devices and you must be able to synchronize the log. Which two actions would you perform to accomplish this? (Choose two.)
- Question #38
You have lost the admin user password for your NetScreen device. No other user accounts are configured on the device. How would you access the CLI?
- Question #39
You are the administrator of a NetScreen 5GT. The system administrator cannot use SSH to log in to the NetScreen 5GT. Referring to the exhibit, what is the problem? SSH V2 is activ...
- Question #40
User1 wants to create the policy in the ScreenOS device, but is not successful. Referring to the exhibit, what is the problem? set admin name "admin" set admin password "nOsYMqrbAs...
- Question #41
You are the administrator of a NetScreen 5GT. For troubleshooting purposes, you must be able to ping untrusted interfaces. Referring to the exhibit, how do you enable ping for inte...
- Question #42
In the exhibit, eth3/1 is in the client-vr virtual router and eth3/2 is in the server-vr virtual router. Your policies permit all traffic between all zones. You want to ensure Clie...
- Question #43
Referring to the output shown in the exhibit, which NAT configuration is being used?
- Question #44
Referring to the exhibit, what does the log show?
- Question #45
Referring to the exhibit, what is the appropriate VPN monitor status?
- Question #46
What is shown in the exhibit? Juniper JN0-533 Exam
- Question #47
The exhibit displays output from the event log of a ScreenOS device. Given the information shown in the exhibit, which two statements are correct? (Choose two.)
- Question #48
Which two statements are true about the exhibit? (Choose two.) Juniper JN0-533 Exam
- Question #49
Referring to the exhibit, which three statements are true? (Choose three.) NS5200(M)-> get nsrp nsrp version: 2.0 cluster info: cluster iD. 1, namE. 5200 local unit iD. 8000208 act...
- Question #50
Referring to the exhibit, both clustered devices are in a master state. What is the cause of this situation? NSPROD1(M)-> get nsrp ha-link total_ha_port = 2 probe on ha-link is dis...