passguide jn0-532 demo
Question: 22
Which statement about integrated Web filtering is true?
A. You must configure a category profile.
B. You must add categories to the black list and white list.
C. User-defined categories are searched after pre-defined categories.
D. The local cache contains the black list, white list, and all URLs in the user-defined categories.
Answer: D Question: 23
Which two statements are true about redundant interfaces? (Choose two.)
A. Only one link in a redundant group is active at a time.
B. You can place up to four interfaces in a redundant group.
C. All interfaces in the redundant group are active, providing more bandwidth.
D. Each interface in the redundant group should be connected to a different L2 device.
Answer: A, D Question: 24
You are a read/write VSYS administrator. Your configuration requires the use of a MIP. Which statement correctly describes this situation?
Page 7 of 47
Exam Name: FWV, Specialist (JNCIS -FWV)
Exam Type: Juniper
Exam Code: JN0-532 Total Questions 146
A. MIP creation can only be done by the root administrator, not a VSYS administrator.
B. You can create the MIPs on any interface imported into your VSYS, but not on shared interfaces.
C. You can create MIPs on any interface you can see in your interface list, including both private and shared interfaces.
D. You can create MIPs only on sub-interfaces within your VSYS. All other MIPs need to be created by the root level VSYS admin.
Answer: A Question: 25
Using VSYS profiles, which three can you limit on a per-VSYS basis? (Choose three.)
A. zones
B. sessions
C. subinterfaces
D. CPU allocation
E. memory allocation
Answer: A, B, D Question: 26
Click the Exhibit button.
In the exhibit, what is the source IP address of the multicast traffic?
A. 236.1.1.1
B. 10.10.10.1
C. 20.20.20.10
D. 20.20.20.200
Answer: B
Page 8 of 47
Exam Name: FWV, Specialist (JNCIS -FWV)
Exam Type: Juniper
Exam Code: JN0-532 Total Questions 146
Question: 27
Which command is used to verify that IGMP is running correctly?
A. get route igmp
B. get igmp query
C. set igmp query interface e0/1
D. exec igmp interface e0/1 query
Answer: D Question: 28
You create three policies that will send traffic through an interface configured for 1.544 Mbps. All policies are configured to have 256 Kbps guaranteed bandwidth and 512 Kbps of maximum
bandwidth. Each policy has been assigned the following priorities:
Policy 1 = priority 4
Policy 2 = priority 5
Policy 3 = priority 3
Each policy receives a constant stream of 1 Mbps. How much bandwidth will be available for Policy 2?
A. 256 Kbps
B. 512 Kbps
C. 1.544 Mbps
D. 1 Mbps
Answer: B Question: 29
When adding deep inspection to a policy, when will inspection be performed?
A. before the policy lookup
B. after the routing lookup
C. before the destination lookup
D. after the packet has been permitted
Answer: D Question: 30
Which three statements are true regarding IKE Phase 1? (Choose three.)
A. Placing the SA proposal list in message 1 is an option.
B. The digital certificate is used to decrypt the session key.
C. The DH key exchange is used to validate the session key.
D. The DH key exchange and digital certificates are both optional.
E. The proxy-id is used to determine which SA is referenced for the VPN.
Answer: A, B, C Question: 31
What should you configure to insure an HA cable failure does not result in both devices attempting to become master?
A. failover count
Page 9 of 47
Exam Name: FWV, Specialist (JNCIS -FWV)
Exam Type: Juniper
Exam Code: JN0-532 Total Questions 146
B. secondary path
C. monitor threshold
D. heartbeat threshold
Answer: B Question: 32
Click the Exhibit button.
In the exhibit, which two can be determined about the VPN? (Choose two.)
A. NAT-traversal is enabled.
B. The rekey interval is 8 hours.
C. This device initiated the Phase 1 negotiations.
D. The certificate used in this exchange is set to never expire.
Answer: B, C Question: 33
You have taken your backup ScreenOS device out of production for some maintenance. The device is brought back online and rejoins the NSRP cluster. You determine that the two devices are out of sync. Which command will sync the devices and on which device should it be run?
A. set nsrp sync global-config save run on the Master B. set nsrp sync global-config save run on the Backup C. exec nsrp sync global-config save run on the Master D. exec nsrp sync global-config save run on the Backup
Answer: D Question: 34
Click the Exhibit button.
You have configured your device with a tunnel interface in the untrust zone, and your protected resources in the trust zone. The remote gateway is defined using an FQDN. The tunnel went down and has not reestablished. Based on the exhibit, what are two reasons why the tunnel is failing to reestablish? (Choose two.)
Page 10 of 47
Exam Name: FWV, Specialist (JNCIS -FWV)
Exam Type: Juniper
Exam Code: JN0-532 Total Questions 146
A. The policy used by this VPN was deleted.
B. The Phase 1 preshared key was modified in one of the devices.
C. One of the devices was modified so that the peer ID and local ID no longer match.
D. The IP address of the remote peer changed and your DNS table has not updated with the new address.
Answer: B, D Question: 35
Which parameter do you adjust on a static route to create a floating static route?
A. cost
B. metric
C. weight
D. preference
Answer: D Question: 36
Which two OSPF parameters are protocol-level parameters? (Choose two.)
A. cost
B. priority
C. neighbor list
D. summarization
E. advertise default route
Answer: D, E
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book.
