Juniper JN0-637 Practice Test - Questions Answers, Page 9
Question list
List of questions
Related questions
Which two elements are necessary to configure a rule under an APBR profile? (Choose Two)
instance type
match condition
then action
RIB group
RIB group: RIB groups are used for route management and are not directly involved in APBR rule configuration.
Referring to the exhibit, you are attempting to set up a remote access VPN on your SRX series devices.
However you are unsure of which system services you should allow and in which zones they should be allowed to correctly finish the remote access VPN configuration
Which two statements are correct? (Choose two.)
You should add the host-inbound-traffic system-service ike statement to the Untrust zone.
You should add the host-inbound-traffic system-service ike statement to the VPN zone.
You should add the host-inbound-traffic system-service tcp-encap statement to the Untrust zone
You should add the host-inbound-traffic system-service tcp-encap statement to the VPN zone
What are three configurable monitor components for a service redundancy group? (Choose two)
Interface
BFD
hardware alarm
IP
ARP
The SRX series device is performing static NAT. you want to ensure that host A can reach the
internal webserver www.juniper.net using domain name.
Referring to the exhibit, which two Junos features are required to accomplish this task? (Choose two.)
DNS doctoring
proxy ARP
persistent NAT
STUN
You want to enable transparent mode on your SRX series device.
In this scenario, which three actions should you perform? (Choose three.)
Enable the ethernet-switching family on your Layer 2 interfaces
Install a Layer 2 feature license.
Reboot the SRX device.
Ensure that no IRB interfaces are configured on the device.
Add your Layer 2 interfaces to a security zone.
Referring to the exhibit, you have been assigned the user LogicalSYS1 credentials shown in
the configuration.
In this scenario, which two statements are correct? (Choose two.)
When you log in to the device, you will be permitted to view all routing tables available on the SRX device
When you log in to the device, you will be permitted to view only the routing tables for Logic
When you log in to the device, you will be located at the operational mode of the Logic
When you log in to the device, you will be located at the operational mode of the main system
Exhibit:
You created a Unified security policy called test on the network edge srx series firewall.
According to the firewall, this new security policy is not passing traffic.
Which two statements are correct in this scenario? (Choose two.)
The test policy should be the last policy.
A match exists on the test policy, but the dynamic application is waiting to be discovered
The source address cannot be any when a dynamic application is configured.
The drop-http policy is a terminating rule and will drop the traffic.
Exhibit:
Referring to the exhibit, which technology would you use to provide communication between
IPv4 host1 and ipv4 internal host
DS-Lite
NAT444
NAT46
full cone NAT
You are attempting to ping the IP address that is assigned to the loopback interface on the
SRX series device shown in the exhibit.
What is causing this problem?
The loopback interface requires encapsulation.
The loopback interface is not assigned to a security zone.
The incorrect interface index ID is assigned to the loopback interface.
The IP address on the loopback interface is a private address.
What are three requirements to run OSPF over GRE over IPsec? (Choose Three)
The GRE interface must be configured in OSPF Area 0.
The OSPF interface must be placed in a zone and must have GRE configured
Overlapping addresses should exist between remote networks.
The GRE interface must be placed in a zone and must have OSPF configured in is host
Overlapping addresses should not exist between remote networks.
Question