JN0-532 JN0-532 JN0-532 www.it-pruefungen.ch
Prüfungsnummer : JN0-532
Prüfungsname:FWV,Specialist (JNCIS-FWV)
Version : Demo
1. Review the exhibit.
You’ve been asked to build a route-based hub and spoke network, with policy control for traffic travelling from spoke to spoke. Which two of the following configuration options will meet this requirement? (Choose two.)
A. Place the spoke tunnel interfaces in the trust zone and create policies on the spokes.
B. Place the spoke tunnel interfaces in the untrust zone and create policies on the spokes.
C. Create a single tunnel interface in the trust zone at the hub and enable intra-zone blocking.
D. Create separate tunnel interfaces at the hub and place them in different zones, then create policies at the hub.
Answer: BD
JN0-532 JN0-532 JN0-532 www.it-pruefungen.ch
2. Click the Exhibit button.
Review the exhibit. Track-ip has failed on the device, but the device did not fail over to the second unit in the cluster:
Why has failover not occurred?
A. The physical interfaces have not failed.
B. The track-ip interval is not sufficient to cause failover.
C. The track-ip address weight is not sufficient to cause failover.
D. The track-ip address threshold is not sufficient to cause failover.
Answer: C
JN0-532 JN0-532 JN0-532 www.it-pruefungen.ch
3. Click the Exhibit button.
In the exhibit, the firewall administrator at the Storefront is complaining that when the communication to the DataCenter1 fails, the preexisting transfers and applications are dropped when the traffic is switched to DataCenter2.
Which statement explains this behavior?
A. SYN checking is enabled in the tunnel.
B. The weight value for the DataCenter2 is too high.
C. VPN monitor is misconfigured in the DataCenter2.
D. Phase 1 and Phase 2 negotiations to DataCenter2 did not occur on time.
Answer: A
