You want to use ESP for your VPN Tunneling transport mechanism.
Which port must be open on your firewall to the Junos Pulse Secure Access Service in a default configuration?
A. TCP 500
B. UDP 4500
C. UDP 500
D. TCP 4500
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
A Network Connect (NC) user attempts to start a VPN tunnel and receives the error message shown below:
"The secure gateway denied the connection request from this client".
What are two reasons why this error would occur? (Choose two.)
A. There is no IP address pool defined for the user's role in the NC Connection Profile.
B. A DNS profile has not been configured in the NC Connection Profile.
C. The DHCP server configured to assign IP Addresses in the NC Connection Profile is not responding.
D. A firewall is blocking access between the client and Secure Access Gateway.
正解:A,C
質問 3:
What are three ways a Junos Pulse connection is initiated to a Junos Pulse Secure Access Service? (Choose three.)
A. The connection is initiated when the Web browser requires that a VPN tunnel be established.
B. The connection is initiated after the user signs in to the PC.
C. The connection is initiated after the PC starts.
D. The connection is initiated only if application acceleration is enabled.
E. The user manually initiates a connection.
正解:B,C,E
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
You have configured a Web Resource Profile to allow access to your company's Intranet site and assigned the Web role to the profile. A bookmark to the site was configured and will be displayed on the user's start page. You also enabled the Web URL browse bar. You did not modify any of the default auto-allow policies.
What will users in the Web role be able to access?
A. Users will have access to any Web site in the domain.
B. Users will not be able to access any Web sites.
C. Users will need the administrator to create additional bookmarks to access other sites.
D. Users will only have access to the bookmark on the start page.
正解:A
質問 5:
What are three benefits of choosing Junos Pulse for VPN tunneling? (Choose three.)
A. ESP transport methods are available for Windows, Macintosh, and Linux platforms.
B. Support is available for a variety of mobile devices.
C. Endpoint security is integrated with Junos Pulse.
D. WSAM integration is available for Microsoft Windows platforms.
E. SSL transport methods are available for Linux platforms.
正解:B,C,D
質問 6:
Which two statements are true about Online Certificate Status Protocol (OCSP)? (Choose two.)
A. OCSP must have the Allow Clock Discrepancy field set to zero.
B. The Revocation Checking option must be disabled in OCSP.
C. OCSP provides real-time certificate verification.
D. The Junos Pulse Secure Access Service is an OCSP client.
正解:C,D
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
-- Exhibit -
C:\Pasban Work\Cert Paper Exams\Juniper\JN0-355\86.bmp
-- Exhibit -
After performing the initial configuration, you browse to the Admin sign-in page for the first time and a certificate error is displayed as shown in the exhibit.
What is causing this error?
A. The device is using a self-signed certificate.
B. The device certificate authority has been revoked.
C. The device certificate is using an invalid cipher.
D. The device is using an SSL certificate that has expired.
正解:A
質問 8:
-- Exhibit -
Root::user1(patch management)[Web Users] - Start Policy [WEBURL/REWRITING] evaluation for
resource http://www.juniper.net:80/
Root::user1(patch management)[Web Users] - Applying Policy [Initial Rewrite Policy]...
Root::user1(patch management)[Web Users] - Action [Rewrite Content (auto-detect content type)]
is returned
Root::user1(patch management)[Web Users] - Policy [Initial Rewrite Policy] applies to resource
Root::user1(patch management)[Web Users] - Passthrough proxy policies are not applicable for
http://www.juniper.net
Root::user1(patch management)[Web Users] - Start Policy [WEBURL/ACCESS] evaluation for
resource http://www.juniper.net:80/
Root::user1(patch management)[Web Users] - Applying Policy [Web]...
Root::user1(patch management)[Web Users] - Evaluating Policy Rule 1...
Root::user1(patch management)[Web Users] - Resource filter [http://www.juniper.com:80/*] does
not match
Root::user1(patch management)[Web Users] - No Policy Rule applies to resource
Root::user1(patch management)[Web Users] - Applying Policy [Initial Open Policy]...
Root::user1(patch management)[Web Users] - User roles [Web Users] do not match with
configured roles [Exclusive:Web Users]
Root::user1(patch management)[Web Users] - No Policy applies to resource
Root::user1(patch management)[Web Users] - Start Auto Allow evaluation on WEBURL for
resource http://www.juniper.net:80/
Root::user1(patch management)[Web Users] - No Auto Allow resources configured
-- Exhibit --
A user should be able to access a Web resource but instead is receiving an error that access to the site is blocked.
Referring to the exhibit, which policy must be modified to allow access to the resource?
A. selective rewrite policy
B. initial rewrite policy
C. initial open policy
D. pass-through proxy policy
正解:B
Matsumoto -
すごい。
Pass4Testの問題集は助かりました。JN0-355の本場試験に合格致しました。