Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
sale

Want to Unlock All Questions for this Exam?

Full Exam Access, Discussions, No Robots Checks

27
Students signed up in the last 24H

Juniper JN0-696 Exam Actual Questions

The questions for JN0-696 were last updated on April 29, 2024.
  • Viewing page 1 out of 18 pages.
  • Viewing questions 1-4 out of 71 questions
 

Topic 1 - Single Topic

Question #1 Topic 1

You are having problems establishing an IPsec tunnel between two SRX Series devices.
What are two explanations for this problem? (Choose two.)

  • A. proposal mismatch
  • B. antivirus configuration
  • C. preshared key mismatch
  • D. TCP MSS clamping is disabled
Reveal Solution Hide Solution   Discussion   1

Correct Answer: AC 🗳️
Incorrect:
B, D: Antivirus and TCP MSS clamping has no relation to IPSec tunnels.

Question #2 Topic 1

Two SRX Series devices are having problems establishing an IPsec VPN session. One of the devices has a firewall filter applied to its gateway interface that rejects UDP traffic.
What would resolve the problem?

  • A. Disable the IKE Phase 1 part of the session establishment.
  • B. Disable the IKE Phase 2 part of the session establishment.
  • C. Change the configuration so that session establishment uses TCP.
  • D. Edit the firewall filter to allow UDP port 500.
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️
UDP port 500 is used by IKE.

Question #3 Topic 1

Your SRX Series device has the following configuration:
user@host> show security policies
...
Policy: my-policy, State: enabled, Index: 5, Sequence number: 1

Source addresses: any -

Destination addresses: any -

Applications: snmp -

Action: reject -
From zone: trust, To zone: untrust
...
When traffic matches my-policy, you want the device to silently drop the traffic; however, you notice that the device is replying with ICMP unreachable messages instead.
What is causing this behavior?

  • A. the snmp application
  • B. the reject action
  • C. the trust zone
  • D. the untrust zone
Reveal Solution Hide Solution   Discussion  

Correct Answer: B 🗳️

Question #4 Topic 1

You want to allow remote users using PCs running Windows 7 to access the network using an IPsec VPN. You implement a route-based hub-and-spoke VPN; however, users report that they are not able to access the network.
What is causing this problem?

  • A. The remote clients do not have proper licensing.
  • B. Hub-and-spoke VPNs cannot be route-based; they must be policy-based.
  • C. The remote clients' OS is not supported.
  • D. Hub-and-spoke VPNs do not support remote client access; a dynamic VPN must be implemented instead.
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️

Next Questions

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel