You are looking at the event log of the initiating device and it says Received notify message for DOI <1> <14>
A. Phase 2 PFS failure
B. Phase 1 gateway failure
C. Phase 1 proposal mismatch
D. Phase 2 proposal mismatch
You are looking at the event log of the responding device and it says Rejected an initial Phase 1 packet from an unrecognized peer gateway Which is NOT a likely reason for the failure?
A. Peer ID misconfigured
B. gateway address misconfigured
C. Outgoing Interface misconfigured
D. Security proposals misconfigured
Your VPN is failing during Phase 2 communication. You check your local event log and do not see anything to indicate why the failure occurred. What action should be taken to fix the problem?
A. View the event log of the destination gateway
B. Configure the peer-id on your local IKE gateway
C. Delete the remote NetScreen configuration and rebuild it correctly
D. Run Debug on the local NetScreen to view the error output in the log
Which command is used to avoid IP Fragmentation when configuring IPSec on a NetScreen device?
A. set flow
B. set tcp-mss flow
C. set flow tcp-mss
D. set mss-flow size
Which three are part of the configuration of an IKE Phase 1 gateway? (Choose three.)
A. preshare key
B. security zone
C. negotiation mode
D. outgoing interface
E. Diffie-Hellman group number for PFS
Which command is used to avoid IP fragmentation when configuring IPSec on a ScreenOS device?
A. set flow
B. set tcp-mss flow
C. set flow tcp-mss
D. set mss-flow size
Which two statements are accurate about AH packets? (Choose two.)
A. AH authenticates the complete packet.
B. AH offers enhanced security over ESP.
C. AH allows the creation of unencrypted VPN networks.
D. AH cannot traverse NAT devices when operating in transport mode.
Which is NOT part of the configuration of an IKE Phase 1 gateway?
A. Security Zone
B. Security proposal
C. Peer identification
D. Outgoing interface
Which statement is correct about the sequence number in the IPSec packets?
A. The sequence number is used by default on all ScreenOS devices.
B. The sequence number is checked by default by the ScreenOS device for every received packet.
C. The sequence number is used to provide anti-replay services for ESP and AH packets.
D. The sequence number is used to uniquely identify every security parameter index in a tunnel.
Which two statements are true about symmetric key algorithms? (Choose two.)
A. DH and RSA are symmetric.
B. DES, 3DES, AES are symmetric.
C. Symmetric key algorithms are computationally more expensive.
D. Symmetric key algorithms are more suitable for bulk data transfers.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-740 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.