JN0-332 题目列表
单选题Which command do you use to display the status of an antivirus database update?()Ashow security utm anti-virus statusBshow security anti-virus database statusCshow security utm anti-virus databaseDshow security utm anti-virus update
多选题An IPsec tunnel is established on an SRX Series Gateway on an interface whose IP address was obtained using DHCP.Which two statements are true? ()(Choose two.)AOnly main mode can be used for IKE negotiationBA local-identity must be definedCIt must be the initiator for IKEDA remote-identity must be defined
单选题A network administrator has configured source NAT, translating to an address that is on a locally connected subnet.The administrator sees the translation working, but traffic does not appear to come back. What is causing the problem?()AThe host needs to open the telnet port.BThe host needs a route for the translated address.CThe administrator must use a proxy-arp policy for the translated address.DThe administrator must use a security policy, which will allow communication between the zones.
多选题Which three components can be leveraged when defining a local whitelist or blacklist for antispam on a branch SRX Series device? (Choose three.)()Aspam assassin filtering scoreBsender countryCsender IP addressDsender domainEsender e-mail address
单选题A user wants to establish an HTTP session to a server behind an SRX device but is being pointed to Web page on the SRX device for additional authentication.Which type of user authentication is configured?()Apass-through with Web redirectBWebAuth with HTTP redirectCWebAuthDpass-through
单选题When using UTM features in an HA cluster, which statement is true for installing the licenses on the cluster members?()AOne UTM cluster license will activate UTM features on both members.BEach device will need a UTM license generated for its serial number.CEach device will need a UTM license generated for the cluster, but licenses can be applied to either member.DHA clustering automatically comes with UTM licensing, no additional actions are needed.
单选题The SRX device receives a packet and determines that it does not match an existing session.After SCREEN options are evaluated, what is evaluated next?()Asource NATBdestination NATCroute lookupDzone lookup
单选题Which UTM feature requires a license to function?()Aintegrated Web filteringBlocal Web filteringCredirect Web filteringDcontent filtering
单选题After applying the policy-rematch statement under the security policies stanza, what would happen to an existing flow if the policy source address or the destination address is changed and committed?()AThe Junos OS drops any flow that does not match the source address or destination address.BAll traffic is dropped.CAll existing sessions continue.DThe Junos OS does a policy re-evaluation.
多选题Which three components can be leveraged when defining a local whitelist or blacklist for antispam on a branch SRX Series device? (Choose three.)()Aspam assassin filtering scoreBsender countryCsender IP addressDsender domainEsender e-mail address
单选题What is the default session timeout for TCP sessions?()A1 minuteB15 minutesC30 minutesD90 minutes
单选题A system administrator detects thousands of open idle connections from the same source.Which problem can arise from this type of attack?()AIt enables an attacker to perform an IP sweep of devices.BIt enables a hacker to know which operating system the system is running.CIt can overflow the session table to its limit, which can result in rejection of legitimate traffic.DIt creates a ping of death and can cause the entire network to be infected with a virus.
多选题Which two UTM features require a license to be activated? ()(Choose two.)AantispamBantivirus (full AV)Ccontent filteringDWeb-filtering redirect
单选题Which statement is correct about HTTP trickling?()AIt prevents the HTTP client or server from timing-out during an antivirus updateBIt prevents the HTTP client or server from timing-out during antivirus scanning.CIt is an attack.DIt is used to bypass antivirus scanners.
单选题Which zone type can be specified in a policy?()AsecurityBfunctionalCuserDsystem