Your SRX device is performing NAT to provide an internal resource with a public address. Your DNS
server is on the same network segment as the server. You want your internal hosts to be able to reach the
internal resource using the DNS name of the resource.
How do you accomplish this goal?
A. Implement proxy ARP.
B. Implement NAT-Traversal.
C. Implement NAT hairpinning.
D. Implement persistent NAT.
Which two are required for the SRX device to perform DNS doctoring? (Choose two.)
A. DNS ALG
B. dns-doctoring stanza
C. name-server
D. static NAT
You want to implement persistent NAT for an internal resource so that external hosts are able to initiate communications to the resource, without the internal resource having previously sent packets to the external hosts. Which configuration setting will accomplish this goal?
A. persistent-nat permit target-host
B. persistent-nat permit any-remote-host
C. persistent-nat permit target-host-port
D. address-persistent
You have configured static NAT for a Web server in your DMZ. Both internal and external users can reach
the Web server using its IP address. However, only internal users are able to reach the Web server using
its DNS name. External users receive an error message from their browser.
Which action would solve this problem?
A. Modify the security policy.
B. Disable Web filtering.
C. Use destination NAT instead of static NAT.
D. Use DNS doctoring.
Which statement is true about NAT?
A. When you implement destination NAT, the router does not apply ALG services.
B. When you implement destination NAT, the router skips source NAT rules for the initiating traffic flow.
C. When you implement static NAT, each packet must go through a route lookup.
D. When you implement static NAT, the router skips destination NAT rules for the initiating traffic flow.
In which situation is NAT proxy NDP required?
A. when translated addresses belong to the same subnet as the ingress interface
B. when filter-based forwarding and static NAT are used on the same interface
C. when working with static NAT scenarios
D. when the security device operates in transparent mode
Which statement is true regarding dual-stack lite?
A. The softwire is an IPv4 tunnel over an IPv6 network.
B. The softwire initiator (SI) encapsulates IPv6 packets in IPv4.
C. The softwire concentrator (SC) decapsulates softwire packets.
D. SRX devices support the softwire concentrator and softwire initiator functionality.
Which two statements are true regarding DNS doctoring? (Choose two.)
A. DNS doctoring translates the DNS CNAME payload.
B. DNS doctoring for IPv4 is supported on SRX devices.
C. DNS doctoring for IPv4 and IPv6 is supported on SRX devices.
D. DNS doctoring translates the DNS A-record.
You want requests from the same internal transport address to be mapped to the same external transport address. Only internal hosts can initialize the session. Which Junos configuration setting supports the requirements?
A. any-remote-host
B. target-host
C. source-host
D. address-persistent
You are asked to merge the corporate network with the network from a recently acquired company. Both networks use the same private IPv4 address space (172.25.126.0/24). An SRX device serves as the gateway for each network. Which solution allows you to merge the two networks without adjusting the current address assignments?
A. source NAT
B. persistent NAT
C. double NAT
D. NAT444
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-633 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.