Juniper Juniper Certifications JN0-333 Questions & Answers

• Question 31:

  Click the Exhibit button.

  

  Referring to the exhibit, which action will be taken for traffic coming from the untrust zone going to the trust zone?

  A. Source address 2001:db8::8 will be translated to 10.1.1.5.

  B. Source address 2001:db8::8 will be translated to 10.1.1.8.

  C. Source address 10.1.1.8 will be translated to 2001:db8::8.

  D. Source address 10.1.1.5 will be translated to 2001:db8::8.

  Correct Answer: B

• Question 32:

  Which three elements does AH provide in an IPsec implementation? (Choose three.)

  A. confidentiality

  B. authentication

  C. integrity

  D. availability

  E. replay attack protection

  Correct Answer: BCE

• Question 33:

  What is the correct ordering of Junos policy evaluation from first to last?

  A. global policy > zone-based policy > default policy

  B. default policy > zone-based policy > global policy

  C. global policy > default policy > zone-based policy

  D. zone-based policy > global policy > default policy

  Correct Answer: D

• Question 34:

  Click the exhibit button.

  

  Referring to the exhibit, which statement is true?

  A. Packets entering the interface are being dropped because of a stateless filter.

  B. Packets entering the interface matching an ALG are getting dropped.

  C. TCP packets entering the interface are failing the TCP sequence check.

  D. Packets entering the interface are getting dropped because the interface is not bound to a zone.

  Correct Answer: D

• Question 35:

  Click the Exhibit button.

  

  Host A is attempting to connect to Host B using the domain name, which is tied to a public IP address. All attempts to connect to Host B have failed. You have examined the configuration on your SRX340 and determined that a NAT policy is required.

  Referring to the exhibit, which two NAT types will allow Host A to connect to Host B? (Choose two.)

  A. source NAT

  B. NAT-T

  C. destination NAT

  D. static NAT

  Correct Answer: CD

• Question 36:

  You are asked to support source NAT for an application that requires that its original source port not be changed.

  Which configuration would satisfy the requirement?

  A. Configure a source NAT rule that references an IP address pool with interface proxy ARP enabled.

  B. Configure the egress interface to source NAT fixed-port status.

  C. Configure a source NAT rule that references an IP address pool with the port no-translation parameter enabled.

  D. Configure a source NAT rule that sets the egress interface to the overload status.

  Correct Answer: C

• Question 37:

  Click to the Exhibit button.

  

  Referring to the exhibit, what does proxy ARP allow?

  A. the internal network to ARP for the internal address of the server

  B. the external network to ARP for the internal address of the server

  C. the internal network to ARP for the public address of the server

  D. the external network to ARP for the public address of the server

  Correct Answer: A

• Question 38:

  A link from the branch SRX Series device chassis cluster to the Internet requires more bandwidth. In this scenario, which command would you issue to begin provisioning a second link?

  A. set chassis cluster reth-count 2

  B. set interfaces fab0 fabric-options member-interfaces ge-0/0/1

  C. set interfaces ge-0/0/1 gigether-options redundant-parent reth1

  D. set chassis cluster redundancy-group 1 node 1 priority 1

  Correct Answer: B

• Question 39:

  Click the Exhibit button.

  

  Referring to the exhibit, what will happen if client 172.16.128.50 tries to connect to destination

  192.168.150.3 using HTTP?

  A. The client will be denied by policy p2.

  B. The client will be permitted by the global policy.

  C. The client will be permitted by policy p1.

  D. The client will be denied by policy p3.

  Correct Answer: C

• Question 40:

  Screens help prevent which three attack types? (Choose three.)

  A. SYN flood

  B. port scan

  C. NTP amplification

  D. ICMP fragmentation

  E. SQL injection

  Correct Answer: ABD