New question everyday ? You can learn NetScreen architecture



  • Hi All,

    I am planning to put 1 question everyday (exclude weekends … Thursday+ Friday in Saudi Arabia) in this topic as a brain dump with reference to Boson Juniper Test series and Certificate practise test from VUE for NetScreen. These are free practise test series so nobody should have any issue… 😎

    You may learn a lot with these…

    Today’s question:

    You are creating a VPN b/w two netscreen devices. On the local device, you create a local address book entry with the command: “set address trust 10.0.0.4/24 10.0.0.5/32” while on the remote device you create an address book entry with the following command “set address untrust 10.0.0.5/32 10.0.0.5/32” if everything else is configured properly, will the VPN b/w two devices work?

    Yes or No.

    Vote for the topic through post if you want it to continue.

    Thanks,
    Naveen Dhar. :idea:


  • Engineer

    Hey Naveen it’s a nice initiative …

    Why not using the poll for such question ?
    This one is funnier when you have to answer when looking at the WUI 😉



  • Thanks Florent… Even i thought of a voting poll but when i was posting article, i found no option of Poll whereas i get Poll option in VPN section.

    If you or Signal15 can enable it, then it would be even better.

    Today’s Question:
    **How Many authentication Servers can be defined on the NetScreen device?

    1. 10 including local database.
    2. 12 including local database.
    3. 10 excluding local database.
    4. 12 excluding local database.**

    Thanks,
    Naveen Dhar. 😎



  • Today’s Question :

    Which of the following two are not allowed in intra-zone policies:
    1. Interface level NAT
    2. Policy based NAT
    3. VPN tunnels
    4. MIP’s
    5. Destination NAT

    Thanks,
    Naveen Dhar. 😉



  • Sorry i forgot posting Question yesterday…

    **Yesterday’s Question:What are the Maximum Entries per Multi-Cell?

    Answeres:
    a. 1
    b. 4
    c. 8
    d. 16
    e. 32**

    Thanks,
    Naveen Dhar. 😎



  • **Today’s Question: A Bridge will _________ a frame of the destination MAC Address that is not a part of the known MAC address?

    1. Block
    2. Learn
    3.Forward
    4. Flood
    5. Filter**

    Thanks,
    Naveen Dhar. 😎



  • Today’s Question:
    Which are the two components required for NetScreen Deep Inspection implementation?
    1. Service book group Entries
    2.Address Book group Entries
    3. Policy Statements
    4. IDP Action statement
    5. Signature Database

    Thanks,
    Naveen Dhar. 😎


  • Engineer

    Hi Nav
    That’s a very nice idea, thank you.
    Why don’t you put the answer for each question the following day?
    Also, shall we put our answers here?



  • Hi Tarek,

    Happy Ramadan and thanks for the appreciation.
    About the questionaire, i don’t wish to provide Spoon feeding on NetScreen, let the audience strive hard. If anyone wants to discuss the topic with me, he is most welcome. let them feel that only questions similar to this are seen in Certification also as the standard of questioning is not that much tough. It’s just basic concept in JNCIA Exam.

    Thanks,
    Naveen Dhar. 😎



  • Today’s Question:
    I have created a VIP same as Untrust on 5GT for my Webserver on NetScreen, If policy, VIP definition and routing is perfect, then what can be the reason that i am not able to receive any HTTP request on my WebServer ?
    1. VIP for port 80 is not supported.
    2. A custom Service for HTTP traffic is needed.
    3. VIP same as Untrust is not supported on 5GT.
    4. Change the management port for WEBUI from 80 to 8080.

    Thanks,
    Naveen Dhar. 😎



  • Today’s Question: If you wanted to perform Source NAT when in route mode; what could you configure to perform this? ( Choose 2)
    1. Nothing NAT happens by default
    2. Policy based NAT
    3. Interface based NAT
    4.You can not perform NAT when in Route mode.
    5. DIP

    Thanks,
    Naveen Dhar. 😎



  • **Today’s Question: Your VPN is failing during Phase1 communication. You want to view the log messages for finding the fault. So what process has to be followed for troubleshooting???

    1. Rebuild the remote NetScreen VPN configuration again.
    2. Run debug on the local NetScreen to view the error output on the log.
    3. Configure the peer-id on your local ike gateway.
    4. View the event log of destination Gateway NetScreen for finding misconfiguration.**

    Thanks,
    Naveen Dhar. 😎



  • I was down in fever yesterday so couldn’t paste question yesterday.

    Yesterday’s Question:What can be taken as Source in Global policy?
    1. Any
    2. VIP
    3. MIP
    4. Both MIP and VIP
    5. All addresses defined in Global zone

    Thanks,
    Naveen Dhar. 😎



  • Today’s question:Which 2 of mentioned 5 conditions is true for NAT-Dst?
    1. A route has to be added for the Public IP on which NAT-Dst has to be performed.
    2. No route is needed.
    3. Route is automatically created when you check NAT-Dst in policy.
    4. Address book entry of NAT-Dst Public IP is compulsory needed in Source zone of policy.

    5. Address book entry of NAT-Dst Public IP is compulsory needed in Destination zone of policy.

    Thanks,
    Naveen Dhar. 😎



  • Ok Yesterday’s question… : Why i am getting fever again and again in Riyadh… :lol: that’s not the question.

    Question:what of the following two modes does IPSEC operate ?
    1. Transparent mode
    2.Transport mode
    3.Tunnel mode
    4. ISAKMP mode
    5. CRYPTO mode
    6. Encryption/decryption mode
    7. VPN mode

    Thanks,
    Naveen Dhar. 😎



  • Today’s Question : What are the type of admin users?
    1. Global user
    2.Active user
    3. Read only user
    4. Passive user
    4. Read-write user
    5.Domain User
    6. Root user

    Thanks,
    Naveen Dhar. 😎



  • Today’s Question:When defining ICMP services which of the following must you have?
    1. Type
    2. Code
    3. Port
    4. Position
    5. Area

    Thanks,
    Naveen Dhar. 😎



  • Today’s question: When creating a policy which of the following are mandatory?
    1. Zones
    2 Addresses
    3. Services
    4. Counting
    5. Logging
    6. Deep Inspection
    7. AV
    8. Schedule

    Ok friends i will be on leave/Out of Office from 10 to 19 Nov. so there is very less chance of me coming on Internet for the Forum… So see you all on 19 Nov.
    Have a Happy Ramadan and Eid Mubarak.

    Thanks,
    Naveen Dhar. 😎



  • @naveen_dharbhardwaj:

    Sorry i forgot posting Question yesterday…

    **Yesterday’s Question:What are the Maximum Entries per Multi-Cell?

    Answeres:
    a. 1
    b. 4
    c. 8
    d. 16
    e. 32**

    Thanks,
    Naveen Dhar. 😎


  • Engineer

    Welcome Back


 

23
Online

38.4k
Users

12.7k
Topics

44.5k
Posts