You are asked to verify that a license for AppSecure is installed on an SRX Series device.In this scenario, which command will provide you with the required information?

user@srx> show services accounting

user@srx> show configuration system

user@srx> show chassis firmware

Click the Exhibit button. Referring to the exhibit, a user is placed in which hierarchy when the exit command is run?

[edit security policies from-zone trust to-zone dmz] user@vSRX-1#

[edit security policies]user@vSRX-1#

You want to enable the minimum Juniper ATP services on a branch SRX Series device.In this scenario, what are two requirements to accomplish this task? (Choose two.)

Register for a Juniper ATP account on https://sky.junipersecurity.net.

Execute the Juniper ATP script on the branch device.

Install a basic Juniper ATP license on the branch device.

Configure the juniper-atp user account on the branch device.

Register for a Juniper ATP account on https://sky.junipersecurity.net.

Execute the Juniper ATP script on the branch device.

When are Unified Threat Management services performed in a packet flow?

after network address translation

before security policies are evaluated

as the packet enters an SRX Series device

only during the first path process

after network address translation

Which statement about global NAT address persistence is correct?

The same IP address from a source NAT pool will be assigned for all sessions from a given host.

The same IP address from a source NAT pool is not guaranteed to be assigned for all sessions from a given host.

The same IP address from a destination NAT pool will be assigned for all sessions for a given host.

The same IP address from a destination NAT pool is not guaranteed to be assigned for all sessions for a given host.

Which two statements are correct about IKE security associations? (Choose two.)

IKE security associations are established during IKE Phase 1 negotiations.

IKE security associations are bidirectional.

IKE security associations are established during IKE Phase 1 negotiations.

IKE security associations are unidirectional.

IKE security associations are established during IKE Phase 2 negotiations.

IKE security associations are bidirectional.

You want to deploy a NAT solution.In this scenario, which solution would provide a static translation without PAT?

pool-based NAT with address shifting

You want to provide remote access to an internal development environment for 10 remote developers.Which two components are required to implement Juniper Secure Connect to satisfy this requirement? (Choose two.)

an additional license for an SRX Series device

Juniper Secure Connect client software

an additional license for an SRX Series device

Juniper Secure Connect client software

an SRX Series device with an SPC3 services card

Marvis virtual network assistant

Click the Exhibit button. Referring to the exhibit, which two statements are correct about the ping command? (Choose two.)

The DMZ routing-instance is the source.

The 10.10.102.10 IP address is the destination.

The DMZ routing-instance is the source.

The 10.10.102.10 IP address is the source.

The 10.10.102.10 IP address is the destination.

The DMZ routing-instance is the destination.

Which three Web filtering deployment actions are supported by Junos? (Choose three.)

Use Juniper Enhanced Web Filtering.

Click the Exhibit button. What is the purpose of the host-inbound-traffic configuration shown in the exhibit?

to permit all host inbound traffic on the internal security zone, but deny HTTP traffic

to permit host inbound HTTP traffic and deny all other traffic on the internal security zone

to deny and log all host inbound traffic on the internal security zone, except for HTTP traffic

to permit all host inbound traffic on the internal security zone, but deny HTTP traffic

to permit host inbound HTTP traffic on the internal security zone

Which two statements are correct about the default behavior on SRX Series devices? (Choose two.)

The SRX Series device is in flow mode.

The SRX Series device supports stateless firewalls filters.

The SRX Series device is in flow mode.

The SRX Series device supports stateless firewalls filters.

The SRX Series device is in packet mode.

The SRX Series device does not support stateless firewall filters.

Which two statements are correct about functional zones? (Choose two.)

Functional zone cannot be referenced in security policies or pass transit traffic.

Functional zones are used for out-of-band device management.

Functional zones must have a user-defined name.

Functional zone cannot be referenced in security policies or pass transit traffic.

Multiple types of functional zones can be defined by the user.

Functional zones are used for out-of-band device management.

Click the Exhibit button. Which two statements are correct about the partial policies shown in the exhibit? (Choose two.)

UDP traffic matched by the deny-all policy will be silently dropped.

TCP traffic matched by the reject-all policy will have a TCP RST sent.

UDP traffic matched by the deny-all policy will be silently dropped.

TCP traffic matched by the reject-all policy will have a TCP RST sent.

TCP traffic matched from the zone trust is allowed by the permit-all policy.

UDP traffic matched by the reject-all policy will be silently dropped.

You are monitoring an SRX Series device that has the factory-default configuration applied.In this scenario, where are log messages sent by default?

to a local syslog server on the management network

to a local log file named messages

Which two services does Juniper Connected Security provide? (Choose two.)

protection against zero-day threats

You are creating Ipsec connections.In this scenario, which two statements are correct about proxy IDs? (Choose two.)

Proxy IDs are used to configure traffic selectors.

Proxy IDs are optional for Phase 2 session establishment.

Proxy IDs are used to configure traffic selectors.

Proxy IDs are optional for Phase 2 session establishment.

Proxy IDs must match for Phase 2 session establishment.

Proxy IDs default to 0.0.0.0/0 for policy-based VPNs.

Which two UTM features should be used for tracking productivity and corporate user behavior?(Choose two.)

the content filtering UTM feature

What is the order in which malware is detected and analyzed?

cache lookup –> antivirus scanning –> static analysis –> dynamic analysis

antivirus scanning –> cache lookup –> dynamic analysis –> static analysis

cache lookup –> antivirus scanning –> static analysis –> dynamic analysis

antivirus scanning –> cache lookup –> static analysis –> dynamic analysis

cache lookup –> static analysis –> dynamic analysis –> antivirus scanning

Juniper JN0-231 Practice Test 1 - Free Online Exam Prep & Questions

Question 1 / 40

Which two criteria should a zone-based security policy include? (Choose two.)

a source port

a destination port

zone context

an action

Comment (0)

Juniper JN0-231 Practice Test 1

Question

Juniper JN0-231 Practice Tests

Practice Tests