Free Download Latest 2014 Pass4sure&Lead2pass Juniper JN0-696 Dumps

Vendor: Juniper
Exam Code: JN0-696
Exam Name: Juniper Networks Certified Support Professional (JNCSP-SEC)
QUESTION 1
You want to allow remote users using PCs running Windows 7 to access the network using an IPsec VPN. You implement a route-based hub-and-spoke VPN; however, users report that they are not able to access the network. What is causing this problem?

A.    The remote clients do not have proper licensing.
B.    Hub-and-spoke VPNs cannot be route-based; they must be policy-based.
C.    The remote clients' OS is not supported.
D.    Hub-and-spoke VPNs do not support remote client access; a dynamic VPN must be implemented instead.

Answer: B

QUESTION 2
Click the Exhibit button. Referring to the exhibit, PC-1 is unable to ping Server-1. Traffic from PC-1 to Server-1 arrives on interface fe-0/0/3 but return traffic from Server-1 to PC-1 should be sent out from interface fe- 0/0/2. What would you change on SRX-1 to resolve this problem?

A.    Configure a security policy to allow traffic from the DMZ zone to the untrust-1 zone.
B.    Configure a security policy to allow traffic from the DMZ zone to the untrust-2 zone.
C.    Move both interface fe-0/0/2 and fe-0/0/3 to the same security zone.
D.    Disable TCP SYN check and TCP sequence check.

Answer: C

QUESTION 3
You are having problems establishing an IPsec tunnel between two SRX Series devices. What are two explanations for this problem? (Choose two.)

A.    proposal mismatch
B.    antivirus configuration
C.    preshared key mismatch
D.    TCP MSS clamping is disabled

Answer: BD

QUESTION 4
Two SRX Series devices are having problems establishing an IPsec VPN session. One of the devices has a firewall filter applied to its gateway interface that rejects UDP traffic. What would resolve the problem?

A.    Disable the IKE Phase 1 part of the session establishment.
B.    Disable the IKE Phase 2 part of the session establishment.
C.    Change the configuration so that session establishment uses TCP.
D.    Edit the firewall filter to allow UDP port 500.

Answer: A

QUESTION 5
Your SRX Series device has the following configuration:
user@host> show security policies
...
Policy: my-policy, State: enabled, Index: 5, Sequence number: 1 Source addresses: any
Destination addresses: any
Applications: snmp
Action: reject
From zone: trust, To zone: untrust
...
When traffic matches my-policy, you want the device to silently drop the traffic; however, you notice that the device is replying with ICMP unreachable messages instead. What is causing this behavior?

A.    the snmp application
B.    the reject action
C.    the trust zone
D.    the untrust zone

Answer: C

If you want to pass Juniper JN0-696 successfully, donot missing to read latest lead2pass Juniper JN0-696 exam questions.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/JN0-696.html ¹

1. http://www.lead2pass.com/JN0-696.html