JN0-740 Online Practice Questions and Answers

Telnet management has been enabled on an interface in the untrust zone. What else should be configured to limit telnet access to the ScreenOS device from trusted management PCs?

A. Define a permitted IP address.

B. Define a policy from trust to untrust.

C. Define a trusted IP in the address table.

D. Define a manage IP address on this interface.

When a device is in transparent mode, which fields will be modified as the traffic transverses the firewall?

A. None of the above

B. The source port only

C. The source and destination IP

D. The source IP but not the destination IP

E. The destination IP but not the source IP

Which three describe a loopback interface? (Choose three.)

A. It is always on.

B. It is always in the null zone.

C. It is used for device management.

D. It can only have private IP addresses.

E. It is reachable using any physical interface.

Which statement about address configuration is correct?

A. Address groups cannot be used with VPN policies.

B. Address groups must be associated with a single zone.

C. You can create address groups as needed from within a policy.

D. You cannot reference individual addresses once they have been added to a group.

Which ScreenOS WebUI button reorders policies?

A. Shift

B. Move

C. Reorder

D. Transfer

Which form of NAT performs bi-directional translation?

A. VIP

B. MIP

C. DIP

D. NAT-dst

E. NAT-src

Using the information below, what is the recommended order for configuring NAT-dst? 1)Configurepolicy 2)Configureroute or secondary address on internal interface 3)Configureaddress book entry for public address

A. 1,2,3

B. 1,3,2

C. 2,3,1

D. 3,1,2

E. 3,2,1

You enter the following command set int e8 mip 1.1.8.32 host 10.1.10.32 netmask 255.255.255.255 How many MIP address translations have you just configured?

A. 1

B. 8

C. 32

D. 128

E. 256

You are looking at your policies via the Web UI and you notice that the green permit policy has turned blue. What would cause this?

A. The policy is currently inactive

B. The policy is configured to support a MIP

C. That the policy is configured for unidirectional NAT

D. The Policy has failed to pass permitted traffic due to a virus

E. The policy is currently passing traffic beyond its traffic limits and it is currently in alarm

Which command is used to avoid IP Fragmentation when configuring IPSec on a NetScreen device?

A. set flow

B. set tcp-mss flow

C. set flow tcp-mss

D. set mss-flow size