JNCIA JN0-400 試験のテーマ

Archive for the ‘JNCIS’ Category

 ジュニパーネットワークス認定インターネットスペシャリスト（JNCIS-SEC）認定資格を取得したかったら、必ずJN0-331試験を合格しなければなりません。Juniperオフィシャルホームページによって、終了する試験:JN0-330 は2009年11月1日で試験終了となります。新試験:JN0-331 はJN0-330の後継となる試験です。試験概要：ジュニパーネットワークスJUNOSソフトウェアについて中級程度の知識を持つネットワーク技術者（要実務経験）を対象に、インターネット技術、関連プラットフォームの設定・トラブルシューティングの技能に関する基礎知識を問う筆記試験です。
JNCIS JN0-331(SEC,Specialist(JNCIS-SEC))問題testpassportのITエンジニアと Juniper 製品の専門家によって作り上げて、最も新しい本試験題を含めています。この科目は131 の本試験の問題です。JN0-331無料デモダウンロードすることができます。
http://pdf.testpassport.jp/JN0-331.pdf
1. Regarding zone types, which statement is true?
A. You cannot assign an interface to a functional zone.
B. You can specifiy a functional zone in a security policy.
C. Security zones must have a scheduler applied.
D. You can use a security zone for traffic destined for the device itself.
Answer: D
2. Regarding attacks, which statement is correct?
A. Both DoS and propagation attacks exploit and take control of all unprotected network devices.
B. Propagation attacks focus on suspicious packet formation using the DoS SYN-ACK-ACK proxy flood.
C. DoS attacks are directed at the network protection devices, while propagation attacks are directed at
the servers.
D. DoS attacks are exploits in nature, while propagation attacks use trust relationships to take control of
the devices.
Answer: D
3. Click the Exhibit button.
[edit schedulers]
user@host# show
scheduler now {
monday all-day;
tuesday exclude;
wednesday {
start-time 07:00:00 stop-time 18:00:00;
}
thursday {
start-time 07:00:00 stop-time 18:00:00;
}
}
[edit security policies from-zone Private to-zone External]
The safer , easier way to help you pass any IT exams.
3 / 10
user@host# show
policy allowTransit {
match {
source-address PrivateHosts;
destination-address ExtServers;
application ExtApps;
}
then {
permit {
tunnel {
ipsec-vpn myTunnel;
}
}
}
scheduler-name now;
Based on the configuration shown in the exhibit, what are the actions of the security policy?
A. The policy will always permit transit packets and use the IPsec VPN myTunnel.
B. The policy will permit transit packets only on Monday, and use the IPsec VPN Mytunnel.
C. The policy will permit transit packets and use the IPsec VPN myTunnel all day Monday and
Wednesday 7am to 6pm, and Thursday 7am to 6pm.
D. The policy will always permit transit packets, but will only use the IPsec VPN myTunnel all day Monday
and Wednesday 7am to 6pm, and Thursday 7am to 6pm.
Answer: C
4. Which two statements are true regarding proxy ARP? (Choose two.)
A. Proxy ARP is enabled by default.
B. Proxy ARP is not enabled by default.
C. JUNOS security devices can forward ARP requests to a remote device when proxy ARP is enabled.
D. JUNOS security devices can reply to ARP requests intended for a remote device when proxy ARP is
enabled.
Answer: BD
5. For IKE phase 1 negotiations, when is aggressive mode typically used?
A. when one of the tunnel peers has a dynamic IP address
B. when one of the tunnel peers wants to force main mode to be used
C. when fragmentation of the IKE packet is required between the two peers
D. when one of the tunnel peers wants to specify a different phase 1 proposal
Answer: A
6. Click the Exhibit button.
[edit groups]
user@host# show
node0 {
system {
host-name NODE0;
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 1.1.1.1/24;
}
}
}
}
}
node1 {
system {
host-name NODE1;
}
The safer , easier way to help you pass any IT exams.
5 / 10
interfaces {
fxp0 {
unit 0 {
family inet {
address 1.1.1.2/24;
}
}
}
}
}
In the exhibit, what is the function of the configuration statements?
A. This section is where you define all chassis clustering configuration.
B. This configuration is required for members of a chassis cluster to talk to each other.
C. You can apply this configuration in the chassis cluster to make configuration easier.
D. This section is where unique node configuration is applied.
Answer: D
7. Which two statements describe the difference between JUNOS Software for security platforms and a
traditional router? (Choose two.)
A. JUNOS Software for security platforms supports NAT and PAT; a traditional router does not support
NAT or PAT.
B. JUNOS Software for security platforms does not forward traffic by default; a traditional router forwards
traffic by default.
C. JUNOS Software for security platforms uses session-based forwarding; a traditional router uses
packet-based forwarding.
D. JUNOS Software for security platforms performs route lookup for every packet; a traditional router
performs route lookup only for the first packet.
Answer: BC
8. Which two statements describe the difference between JUNOS Software for security platforms and a
traditional router? (Choose two.)
A. JUNOS Software for security platforms supports NAT and PAT; a traditional router does not support
NAT or PAT.
B. JUNOS Software for security platforms secures traffic by default; a traditional router does not secure
traffic by default.
C. JUNOS Software for security platforms allows for session-based forwarding; a traditional router uses
packet-based forwarding.
D. JUNOS Software for security platforms separates broadcast domains; a traditional router does not
separate broadcast domains.
Answer: BC
9. A traditional router is better suited than a firewall device for which function?
A. VPN establishment
B. packet-based forwarding
C. stateful packet processing
D. Network Address Translation
Answer: B
10. Which three functions are provided by JUNOS Software for security platforms? (Choose three.)
A. VPN establishment
B. stateful ARP lookups
C. Dynamic ARP inspection
D. Network Address Translation
E. inspection of packets at higher levels (Layer 4 and above)

どうしてJuniper 認証はそんな人気がありますか？いろいろな試験の中でJuniper認証は試験価値を持ちます。
資格名：ジュニパーネットワークス認定インターネットスペシャリスト（JNCIS-FWV）JN0-532はJN0-531 の後継となる試験でです。新試験の合格基準は80%以上の正答率になります。試験コード：JN0-532　出題形式：全75問、多肢選択式　合格基準：80％以上　成績?合否結果はただちに通知　受験に必要な認定資格：なし　JNCIS-FWVは2年間有効です。再認定は、最新版のJNCIS-FWV試験に合格することが条件となります。
JN0-532全称はFWV,Specialist (JNCIS -FWV)で、JNCIS JN0-532(FWV,Specialist (JNCIS -FWV)）問題はtestpassportのITエンジニアとJuniper Networks 製品の専門家によって作り上げて、最も新しい本試験題を含めています。この科目は146 の本試験の問題です。問題集はPDFバージョンとソフトバージョンを提供することができます。TESTPASSPORTの商品は品がよくて値段が安くて、品質がいいし合格率も高いです。更新周期は長くて一年間無料でアップロードすることができます。もっといいサービスを提供します。JN0-532試験無料デモダウンロードすることができます。
http://pdf.testpassport.jp/JN0-532.pdf
1.You have created a VPN to a dynamic peer. Which two configured parameters must match? (Choose
two.)
A.static side peer-id
B.dynamic side local-id
C.static side IP address
D.dynamic side IP address
Answer:A B
2.Which three events would cause ScreenOS devices to generate SNMP traps? (Choose three.)
A.cold starts
B.traffic alarms
C.warm reboots
D.self log events
E.traffic log events
Answer:A B C
3.Which command shows the filter applied to snoop captures?
A.get snoop
B.snoop info
C.get ffilter
D.get ffilter ip-proto snoop
Answer:B
6.You have entered the following BGP configuration: set vrouter trust-vr bgp 65530 set vrouter trust-vr
bgp enable set vrouter trust-vr protocol bgp neighbor 1.1.1.250 remote-as 65500 set vrouter trust-vr
protocol bgp neighbor 1.2.3.250 remote-as 65280 BGP is not working. What two elements are missing
from your configuration? (Choose two.)
A.You have not enabled the BGP peers.
B.You have not enabled EBGP multihop.
C.You have not placed the peers in a BGP peer group.
D.You have not enabled BGP on the interfaces connecting to the peers.
Answer:A D
7.Which ScreenOS CLI command(s) allow(s) for redistribution of type 1-3 LSAs?
A.set ospf export route external
B.set match route-type internal-ospf
C.set redistribute ospf lsa 1 set redistribute ospf lsa 2 set redistribute ospf lsa 3
D.set protocol ospf lsa 1 redistribute set protocol ospf lsa 2 redistribute set protocol ospf lsa 3 redistribute
Answer:B
8.When enabling OSPF over a hub and spoke VPN, what must you configure on the hub device tunnel
interface to allow spokes to receive routing updates?
A.point to multipoint
B.disable split-horizon
C.enable demand circuit
D.enable passive interface
Answer:A
9.What do you need to change in your IPSec VPN configuration to use certificates for authentication?
A.Replace the preshared key with the certificate name.
B.Select PFS in Phase 2, then select the certificate to be used.
C.Use a custom set of Phase 1 proposals, all beginning with rsa-.
D.Use a custom set of Phase 2 proposals, all beginning with rsa-.
Answer:C
11.You have enabled RIP in a hub and spoke VPN environment, using demand circuits. You are not
receiving routes from one of your spokes, although the VPN is up. When you debug RIP on the spoke
device, you see regular RIP updates being generated on the tunnel interface. You are receiving and
sending routes to the rest of your spokes. What is the problem?
A.You did not disable split horizon on the spoke device.
B.You did not configure demand circuit on the spoke device.
C.You did not configure passive interface on the spoke device.
D.You did not configure a RIP neighbor for the spoke device on the hub.
Answer:B
12.Which ScreenOS CLI command would be used for copying routes in the untrust-vr to OSPF in the
trust-vr?
A.set vrouter trust-vr ospf export vrouter untrust-vr address to-trust
B.set vrouter untrust-vr export list to-trust vrouter trust-vr protocol ospf
C.set vrouter untrust-vr export-to vrouter trust-vr route-map to-trust protocol ospf
D.set vrouter trust-vr protocol ospf import-from vrouter untrust-vr distribute-list to-trust
Answer:C

JN0-130全称はJuniper networks Certified internet specialist.e(jncis-e)で、Juniper Networks  JN0-130(Juniper networks Certified internet specialist.e(jncis-e))問題集はtestpassportのITエンジニアとJuniper Networks 製品の専門家によって作り上げて、

最も新しい本試験題を含めています。この科目は75の本試験の問題です。無料デモダウンロードすること

ができます

資格名：ジュニパーネットワークス認定インターネットスペシャリスト（JNCIS-E）
試験コード: JN0-130
出題形式：全75問、多肢選択式
合格基準：70％以上
成績?合否結果はただちに通知
受験に必要な認定資格: なし
概要：JNCIS-Eは、ジュニパーネットワークスのEシリーズプラットフォームについて、上級レベルの知識と実務経験を兼ね備えたネットワーク技術者を対象としています。JNCIS-E試験では、JNCIA-E試験よりも広く深い知識が問われます。試験では、Eシリーズプラットフォームのマニュアル類、製品取り扱いの実務経験に加え、インターネットの技術や設計理念の理解度など、スペシャリストの名にふさわしい知識を問う問題が出題されます。なお、この JNCIS-E試験に合格しなければ、JNCIP-E実技試験の受験資格が得られません。

JNCIS-Eは2年間有効です。再認定は、最新版のJNCIS-E試験に合格することが条件となります。

主な出題内容
上級のシステム運用?設定?トラブルシューティング、インタフェース設定、ルーティングプロトコル（RIP、OSPF、IS-IS、BGP）、MPLS、BRAS、上級テーマ（マルチキャスト、CoS、上級ポリシー管理、セキュリティ）

注）JNCIA-EとJNCIS-Eの試験で同一のテーマが出題される場合、JNCIS-E試験のほうが高度な問題となります。

もし、JN0-130認証試験を合格したいなら、こちらをクリックしてください。

以下はJN0-130認証試験のデモです。

http://pdf.testpassport.jp/JN0-130.pdf

1. If all OSPF routers on a broadcast network have the same OSPF priority, what parameter is used to
determine the new BDR at the time of a DR failure?
A. area ID
B. router ID
C. loopback address
D. IP address of interface on broadcast network
Answer: B
2. What type of router cannot exist within a stub area?
A. ABR
B. ASBR
C. internal router
D. non-backbone router
Answer: B
3. Which statement is true about the frequency of OSPF LSA transmissions?
A. They are configured per OSPF area.
B. They are configured per virtual router.
C. They are configured per OSPF process.
D. They are configured per OSPF interface.
Answer: D
4. During OSPF adjacency formation, what state is a router in when it is sending LSA header information
to its neighbor?
A. Init
B. 2Way
C. ExStart
D. Exchange
Answer: D
5. Why would you make a non-backbone area a stub or not-so-stubby area?
A. to aggregate routes learned from the ABR
B. to lower the cost of routes advertised by the ABR
C. to connect a non-contiguous area to the backbone
D. to decrease the size of the link-state database in that area
Answer: D
6. When configuring OSPF on the ERX, what is the default auto-cost reference-bandwidth value?
A. 1 Mbps
B. 10 Mbps
C. 100 Mbps
D. 1000 Mbps
Answer: C
7. What are the three OSPF authentication methods supported on the ERX Edge Router? (Choose three.)
A. null password
B. simple password
C. message digest 5
D. Password Authentication Protocol
E. Challenge Handshake Authentication Protocol
Answer: ABC
8. What is the purpose of the OSPF hello packet?
A. advertises reachable networks
B. acknowledges the receipt of update packets
C. establishes and maintains neighbor relationships
D. describes the contents of the link-state database
Answer: C
9. Which command displays the results of a loopback test you executed on a CT3 line module in slot 5,
port 0, t1 number 4?
A. show interface 5/0:4
B. show interface 5/0:4/1
C. show controllers t3 5/0:4 D. show controllers t3 5/0:4/1
Answer: C
10. Log messages are appearing very quickly on the console of your ERX Edge Router. Which Privileged
Exec command disables real-time console logging?
A. no log here
B. no log console
C. destination console severity 7
D. destination console logging off
Answer: A
11. Which configuration command removes all log filters currently configured on the ERX Edge Router?
A. no log here
B. no log fields
C. no log filters
D. no log severity
Answer: C
12. Which command is used to execute a macro called setup.mac ?
A. macro setup
B. macro setup.mac
C. run macro setup
D. run macro setup.mac
Answer: B