What are two uses of NAT? (Choose two.)
A. enabling network migrations
B. conserving public IP addresses
C. allowing stateful packet inspection
D. preventing unauthorized connections from outside the network
Under which configuration hierarchy is an access profile configured for firewall user authentication?
A. [edit access]
B. [edit security access]
C. [edit firewall access]
D. [edit firewall-authentication]
Which two statements are true about juniper-express-engine (express AV)? (Choose two.)
A. It does not support scan mode by extension.
B. It can detect polymorphic viruses.
C. It cannot decompress a zipped file transmitted using FTP.
D. It cannot decompress a zipped file transmitted using POP3.
Which statement is true for interfaces residing outside of redundancy groups?
A. The interfaces cannot be mapped to security zones.
B. Only interfaces that have redundancy can be active in the chassis cluster.
C. All interfaces will be redundant if they reside on a system that is part of a chassis cluster.
D. Interfaces that are not in a redundancy group can still forward traffic, but no redundancy is available for them.
Which two statements are true regarding high-availability chassis clustering? (Choose two.)
A. A chassis cluster consists of two devices.
B. A chassis cluster consists of two or more devices.
C. Devices participating in a chassis cluster can be different models.
D. Devices participating in a chassis cluster must be the same models.
You must configure a SCREEN option that will protect your router from a session table flood.
Which configuration meets this requirement?
A. [edit security screen] user@host# show ids-option protectFromFlood { icmp { ip-sweep threshold 5000; flood threshold 2000; } }
B. [edit security screen] user@host# show ids-option protectFromFlood { tcp { syn-flood { attack-threshold 2000; destination-threshold 2000; } } }
C. [edit security screen] user@host# show ids-option protectFromFlood { udp { flood threshold 5000; } }
D. [edit security screen] user@host# show ids-option protectFromFlood { limit-session { source-ip-based 1200; destination-ip-based 1200; } }
Which two statements are true about IPsec traffic? (Choose two.)
A. IPsec traffic can be forwarded when no IKE SA is present.
B. IPsec traffic can be forwarded when no IPsec SA is present.
C. For traffic that has to be encrypted, the security policy must be crafted based on the IP addresses in the inner IP header of the final ESP packet.
D. For traffic that has to be encrypted, the security policy must be crafted based on the IP addresses in the outer IP header of the final ESP packet.
Which element occurs first during the first-packet-path processing?
A. destination NAT
B. forwarding lookup
C. route lookup
D. SCREEN options
Which statement describes the behavior of source NAT with address shifting?
A. Source NAT with address shifting translates both the source IP address and the source port of a packet.
B. Source NAT with address shifting defines a one-to-one mapping from an original source IP address to a translated source IP address.
C. Source NAT with address shifting can translate multiple source IP addresses to the same translated IP address.
D. Source NAT with address shifting allows inbound connections to be initiated to the static source pool IP addresses.
To determine whether a particular file has a virus by only inspecting a few initial packets before receiving the entire file, which UTM feature do you enable?
A. URL white lists
B. intelligent pre-screening
C. trickling
D. scan mode extensions
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-332 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.