Issuu on Google+

Exam JN0-522 study material Made available by Examsexpert.com

Free JN0-522 Exam Preparation Questions Exam JN0-522: FXV, Associate (JNCIA-FWV)

For Latest JN0-522 Exam Questions and study guides- visit- http://www.Examsexpert.com/ JN0-522.html


Question: 1 In the flow decision process, the system has found a route entry matching the packet destination IP. Which pair will identify the policy that is applied to this packet? A. Source and destination MAC B. Source and destination interface C. Source and destination TCP port D. Source and destination IP address Answer: B Question: 2 Which parameter(s) can you modify on a predefined service? A. Protocol timeout B. Source port, destination port and protocol C. Source port range, destination port range, and protocol D. Source IP, source port range, destination IP, destination port range, and protocol Answer: A Question: 3 Click the Exhibit button. In the exhibit, which two elements would you configure to provide fixed-port translation for traffic leaving the corporate network destined for the Internet? (Choose two.)

A. Fixed-port DIP on e0/4 B. Global NAT-src policy C. Fixed-port DIP on both e0/1 and e0/2 D. NAT-src policy from Corporate to Internet zones Answer: A, D Question: 4 Which command is used when configuring web management on the VLAN1 interface for a client connected to an e3 interface in the DMZ zone? A. set int eth3 manage web B. set zone v1-dmz manage web C. set int dmz zone manage web D. set int VLAN1 zone dmz manage web Answer: B Question: 5 When performing an image upgrade using the CLI, which three locations would be a source for this image? (Choose three.) A. FTP server B. TFTP server C. Internal flash D. PC local disk E. Compact Flash Card Answer: B, C, E Question: 6 When a firewall receives the first packet in a series, what will it immediately do? For Latest JN0-522 Exam Questions and study guides- visit- http://www.Examsexpert.com/ JN0-522.html


A. Check its route table. B. Check its session table. C. Determine if traffic is crossing zones. D. Verify that it is not malformed or a fragment. Answer: D Question: 7 Which ScreenOS WebUI button allows multi-cell policy creation? A. Cells B. Group C. Multicell D. Multiple Answer: D Question: 8 Which statement about address configuration is correct? A. Address groups cannot be used with VPN policies. B. Address groups must be associated with a single zone. C. You can create address groups as needed from within a policy. D. You cannot reference individual addresses once they have been added to a group. Answer: B Question: 9 Your VPN is failing during Phase 2 negotiation, and you are the initiator. You check your local event log and see IPSec messages but no failures. What is the next logical troubleshooting step? A. View the event log of the responding gateway. B. Configure the peer-id on your local IKE gateway. C. Double check routing reacheability to the remote network. D. Turn on logging in the policy and check the event logs again. Answer: A Question: 10 You are trying to remove an address book entry by going to the Objects > Addresses > List display of the WebUI, but you cannot find the remove option. What would cause this problem? A. An address book entry can only be deleted from the command line interface. You will need to use the CLI to delete it. B. The address book entry is misconfigured. You need to correct the address book entry before it will allow you to delete it. C. You cannot remove an address book entry from this screen. You need to use the delete option found under the management options screen. D. The address book entry is being used by a policy. You must delete the policy or remove the address book entry from the policy before it can be deleted. Answer: D Question: 11 Click the Exhibit button. Which command will allow you to configure the Ethernet interface to have the IP address shown in the exhibit?

A. set int e0/0 ip 1.1.1.250 B. set int e0/0 ip 1.1.1.250/24 C. set int e0/0 zone untrust ip 1.1.1.250 D. set int e0/0 zone untrust ip 1.1.1.250/24 Answer: B Question: 12 For Latest JN0-522 Exam Questions and study guides- visit- http://www.Examsexpert.com/ JN0-522.html


Which ScreenOS CLI command would be used to verify WebAuth authentication? A. get webauth B. get auth users C. get auth table D. get webauth users Answer: C Question: 13 Which statement accurately describes the "config rollback" feature? A. Once the "config rollback" feature is enabled, it allows the administrator to re-apply a previously saved configuration file from flash. B. The "config rollback" feature is enabled by default, it allows the administrator to re-apply a previously saved configuration file from flash. C. Once the "config rollback" feature is enabled, it allows the administrator to re-apply a locked configuration file from a separate area in flash. D. Once the "config rollback" feature is enabled, it allows the administrator to revert to the prior ScreenOS image or configuration file in the event an upgrade operation aborts. Answer: C Question: 14 When configuring a firewall in a critical environment where a local backup configuration is quickly needed, what should be completed on a periodic basis? A. Execute exec config rollback. B. Execute save config to last-known-good. C. Execute save regularly or create a script that does this. D. Execute save software from flash to pcmcia <filename>. Answer: B Question: 15 Which two options allow proper configuration of NAT-dst? (Choose two.) A. The default address book entry of "any" in the internal zone B. The default address book entry of "any" in the external zone C. An address book entry for the address to be translated in the internal zone D. A static route to the appropriate subnet using a private interface as the outbound interface Answer: C, D Question: 16 Which two protocols are defined in the IPSec standard? (Choose two.) A. AH B. ESP C. GRE D. IKE Answer: A, B Question: 17 You are looking at the event log of the initiating device and it says, Received notify message for DOI <1> <14> <NO_PROPOSAL_CHOSEN>. What is the problem? A. Phase 2 PFS failure B. Phase 1 gateway failure C. Phase 1 proposal mismatch D. Phase 2 proposal mismatch Answer: D Question: 18 You have a host that is assigned an IP from a private address space, but needs to access systems within the public address space. Which form of NAT should you use to minimize Configuration requirements? A. VIP B. MIP C. NAT-dst D. NAT-src For Latest JN0-522 Exam Questions and study guides- visit- http://www.Examsexpert.com/ JN0-522.html


Answer: D Question: 19 Which two statements are true about symmetric key algorithms? (Choose two.) A. DH and RSA are symmetric. B. DES, 3DES, AES are symmetric. C. Symmetric key algorithms are computationally more expensive. D. Symmetric key algorithms are more suitable for bulk data transfers. Answer: B, D Question: 20 Click the Exhibit button. Which command generated the output shown in the exhibit?

A. get route B. trace-route C. get route ip D. get interface Answer: C Question: 21 Which three commands are used to verify that routing is correctly configured? (Choose three.) A. ping B. get route C. trace-route D. get session E. get interface Answer: A, B, C Question: 22 Click the Exhibit button. Which order of policies would allow all five policies to be effective in matching traffic? (Note: The numbers in the answer choices below refer to the policy ID numbers shown in the exhibit.)

A. 3,4,2,5,1 B. 4,5,3,2,1 C. 3,2,1,5,4 D. 5,3,1,2,4 Answer: A

For Latest JN0-522 Exam Questions and study guides- visit- http://www.Examsexpert.com/ JN0-522.html


For complete Exam JN0-522 Training kits and Self-Paced Study Material

Visit: http://www.examsexpert.com/JN0-522.html

www.Examsexpert.com

For Latest JN0-522 Exam Questions and study guides- visit- http://www.Examsexpert.com/ JN0-522.html


Exam JN0-522 Preparation Questions