PrepAway - Latest Free Exam Questions & Answers

Category: JN0-696 (v.2)

Exam JN0-696: Security Support, Professional (JNCSP-SEC) (update December 13th, 2015)

Which action will resolve this problem?

Apr 27 19:11:09 company-fw init: low_mem_signal_processes: send signal 16 to routing Apr
27 19:11:09 company-fw /kernel: KERNEL_MEMORY_CRITICAL: System low on free
memory, notifying init (#4). Apr 27 19:11:09 company-fw rpd[1268]: Processing low memory
signal Apr 27 19:11:09 company-fw init: low_mem_signal_processes: send signal 16 to
idp-policy Apr 27 19:11:09 company-fw idpd[1295]: Processing low memory signal Apr 27
19:11:10 company-fw idpd[1987]: IDP_SECURITY_INSTALL_RESULT: security package
install result Done;Install aborted due to system reaching low memory condition!) You are
troubleshooting a problem where the IDP signature database update on your Junos device
has failed. Which action will resolve this problem?

Which parameter must be changed?

[edit security utm] user@host# show custom-objects { url-pattern { blocklist { value [
http://badsite.com http://blocksite.com ]; } acceptlist { value http://juniper.net; } }
custom-url-category { blacklist { value blocklist; } whitelist { value acceptlist; } } }
feature-profile { web-filtering { url-whitelist whitelist; url-blacklist blacklist; type juniper-local;
juniper-local { profile web-filter { custom-block-message “Site is not allowed”;
fallback-settings { default log-and-permit; } } } } } utm-policy utm1 { web-filtering { http-profile
web-filter; } } You set up Web filtering to allow employees to only access your internal
website. You notice that employees are still able to reach websites outside of the blacklists.
Which parameter must be changed?

What is causing this problem?

user@host> show configuration security utm custom-objects { url-pattern { block-juniper {
value *.spammer.com; } } custom-url-category { blacklist { value block-juniper; } } }
feature-profile { anti-spam { address-blacklist block-juniper; sbl { profile myprofile {
no-sbl-default-server; spam-action block; } } } } utm-policy wildcard-policy { anti-spam {
smtp-profile myprofile; } } You added a blacklist to your antispam policy to block any e-mails
from the spammer.com domain. However, your users are complaining that they are still
receiving spam e-mails from that domain. You run the utm test-string test and confirm that
the blacklist is not working. What is causing this problem?

What is causing the problem?

{hold:node0} user@host1> show chassis cluster status Cluster ID. 1 Node Priority Status
Preempt Manual failover Redundancy group: 0 , Failover count: 0 node0 1 hold no no
node1 0 lost n/a n/a {hold:node0} user@host1> show configuration | no-more system {
host-name host1; root-authentication { encrypted-password
“$1$KI99zGk6$MbYFuBbpLffu9tn2.sI7l1”; ## SECRET-DATA } name-server {
172.16.10.100; } services { ssh; telnet; web-management { http; } } syslog { user * { any
emergency; } file messages { any any; authorization info; } file interactive-commands {
interactive-commands any; } } } interfaces { ge-0/0/0 { unit 0 { family inet { address
10.210.14.131/26; } } } ge-0/0/8 { unit 0 { family inet { address 172.16.1.1/24; } } } ge-0/0/9 {

unit 0 { family inet { address 172.16.10.1/24; } } } } security { policies { default-policy {
permit-all; } } zones { functional-zone management { interfaces { ge-0/0/0.0; }
host-inbound-traffic { system-services { ssh; telnet; ping; traceroute; http; snmp; } } }
security-zone Trust { host-inbound-traffic { system-services { any-service; } } interfaces {
ge-0/0/9.0; } } security-zone Untrust { host-inbound-traffic { system-services { any-service; } }
interfaces { ge-0/0/8.0; } } } } —————- {hold:node1} user@host2> show chassis cluster
status Cluster ID. 1 Node Priority Status Preempt Manual failover Redundancy group: 0 ,
Failover count: 0 node0 0 lost n/a n/a node1 1 hold no no {hold:node1} user@host2> show
configuration | no-more system { host-name host2; root-authentication {
encrypted-password “$1$KI99zGk6$MbYFuBbpLffu9tn2.sI7l1”; ## SECRET-DATA }
name-server { 172.16.10.100; } services { ssh; telnet; web-management { http; } } syslog {
user * { any emergency; } file messages { any any; authorization info; } file
interactive-commands { interactive-commands any; } } } interfaces { ge-0/0/0 { unit 0 { family
inet { address 10.210.14.132/26; } } } ge-0/0/8 { unit 0 { family inet { address 172.16.1.1/24; }
} } ge-0/0/9 { unit 0 { family inet { address 172.16.10.1/24; } } } } security { policies {
default-policy { permit-all; } } zones { functional-zone management { interfaces { ge-0/0/0.0; }
host-inbound-traffic { system-services { ssh; telnet; ping; traceroute; http; snmp; } } }
security-zone Trust { host-inbound-traffic { system-services { any-service; } } interfaces {
ge-0/0/9.0; } } security-zone Untrust { host-inbound-traffic { system-services { any-service; } }
interfaces { ge-0/0/8.0; } } } } A user attempted to form a chassis cluster on an SRX240;
however, the cluster did not form. While investigating the problem, you see the output
shown in the Above. What is causing the problem?

which configuration would resolve this problem?

Click the Exhibit button. There is an existing chassis cluster connected to the corporate
network 192.168.1.0/24. You are asked to connect another department to this VLAN. To
achieve this, you add a new chassis cluster to the network. After connecting to the network,
the cluster experiences traffic problems. You have verified that the addresses and VLAN
IDs are configured correctly. Referring to the exhibit, which configuration would resolve this
problem?

What is causing this problem?

— Exhibit — {primary:node0} user@host> show configuration chassis | display inheritance
cluster { redundancy-group 1 { node 0 priority 200; node 1 priority 100; interface-monitor {
ge-0/0/12 weight 255; ge-5/0/12 weight 255; } } } — Exhibit — A customer reports that their
SRX failover is not working as expected. They expected node1 to become the primary node
for the control plane when interface ge-0/0/12 failed. However, when ge- 0/0/12 failed,
node0 remained the primary node. They send you the output shown in the exhibit. What is
causing this problem?


Page 4 of 41234