ExamGecko
Login
Home / Juniper / JN0-231 / List of questions
Ask Question

Juniper JN0-231 Practice Test - Questions Answers

List of questions

Question 1

Report Export Collapse

Which two criteria should a zone-based security policy include? (Choose two.)

a source port
a source port
a destination port
a destination port
zone context
zone context
an action
an action
Suggested answer: A, B
Explanation:

A security policy is a set of statements that controls traffic from a specified source to a specified destination using a specified service. A policy permits, denies, or tunnels specified types of traffic unidirectionally between two points.

Each policy consists of:

A unique name for the policy.

A from-zone and a to-zone, for example: user@host# set security policies from-zone untrust to-zone untrust A set of match criteria defining the conditions that must be satisfied to apply the policy rule. The match criteria are based on a source IP address, destination IP address, and applications. The user identity firewall provides greater granularity by including an additional tuple, source-identity, as part of the policy statement.

A set of actions to be performed in case of a match—permit, deny, or reject.

Accounting and auditing elements—counting, logging, or structured system logging.

https://www.juniper.net/documentation/us/en/software/junos/security-policies/topics/topicmap/security-policy-configuration.html

asked 18/09/2024
Vaibhav Damle
44 questions

Question 2

Report Export Collapse

You are assigned a project to configure SRX Series devices to allow connections to your webservers.

The webservers have a private IP address, and the packets must use NAT to be accessible from the Internet. You do not want the webservers to initiate connections with external update servers on the Internet using the same IP address as customers use to access them.

Which two NAT types must be used to complete this project? (Choose two.)

static NAT
static NAT
hairpin NAT
hairpin NAT
destination NAT
destination NAT
source NAT
source NAT
Suggested answer: C, D
asked 18/09/2024
Stian Godoe
42 questions

Question 3

Report Export Collapse

You are asked to verify that a license for AppSecure is installed on an SRX Series device.

In this scenario, which command will provide you with the required information?

user@srx> show system license
user@srx> show system license
user@srx> show services accounting
user@srx> show services accounting
user@srx> show configuration system
user@srx> show configuration system
user@srx> show chassis firmware
user@srx> show chassis firmware
Suggested answer: A
asked 18/09/2024
Elefánti Gábor
33 questions

Question 4

Report Export Collapse

Click the Exhibit button.

Juniper JN0-231 image Question 4 50259 09182024211116000000

Referring to the exhibit, a user is placed in which hierarchy when the exit command is run?

[edit security policies from-zone trust to-zone dmz] user@vSRX-1#
[edit security policies from-zone trust to-zone dmz] user@vSRX-1#
[edit]user@vSRX-1#
[edit]user@vSRX-1#
[edit security policies]user@vSRX-1#
[edit security policies]user@vSRX-1#
user@vSRX-1>
user@vSRX-1>
Suggested answer: A
asked 18/09/2024
Nicolas Del Borrello
41 questions

Question 5

Report Export Collapse

You want to enable the minimum Juniper ATP services on a branch SRX Series device.

In this scenario, what are two requirements to accomplish this task? (Choose two.)

Install a basic Juniper ATP license on the branch device.
Install a basic Juniper ATP license on the branch device.
Configure the juniper-atp user account on the branch device.
Configure the juniper-atp user account on the branch device.
Register for a Juniper ATP account on https://sky.junipersecurity.net.
Register for a Juniper ATP account on https://sky.junipersecurity.net.
Execute the Juniper ATP script on the branch device.
Execute the Juniper ATP script on the branch device.
Suggested answer: C, D
Explanation:

https://manuals.plus/m/95fded847e67e8f456453182a54526ba3224a61a337c47177244d345d1f3b19e.pdf

asked 18/09/2024
wendy brouwer
38 questions

Question 6

Report Export Collapse

SRX Series devices have a maximum of how many rollback configurations?

40
40
60
60
50
50
10
10
Suggested answer: C
asked 18/09/2024
inigo abeledo
39 questions

Question 7

Report Export Collapse

Unified threat management (UTM) inspects traffic from which three protocols? (Choose three.)

FTP
FTP
SMTP
SMTP
SNMP
SNMP
HTTP
HTTP
SSH
SSH
Suggested answer: A, B, D
Explanation:

https://www.inetzero.com/blog/unified-threat-management-deeper-dive-traffic-inspection/

asked 18/09/2024
xun wang
41 questions

Question 8

Report Export Collapse

When are Unified Threat Management services performed in a packet flow?

before security policies are evaluated
before security policies are evaluated
as the packet enters an SRX Series device
as the packet enters an SRX Series device
only during the first path process
only during the first path process
after network address translation
after network address translation
Suggested answer: D
Explanation:

https://iosonounrouter.wordpress.com/2018/07/07/how-does-a-flow-based-srx-work/

asked 18/09/2024
Edward Morgan
38 questions

Question 9

Report Export Collapse

When configuring antispam, where do you apply any local lists that are configured?

custom objects
custom objects
advanced security policy
advanced security policy
antispam feature-profile
antispam feature-profile
antispam UTM policy
antispam UTM policy
Suggested answer: A
Explanation:

https://www.juniper.net/documentation/us/en/software/junos/utm/topics/topic-map/securitylocal-list-antispam-filtering.html

asked 18/09/2024
Andrew Li
33 questions

Question 10

Report Export Collapse

Screens on an SRX Series device protect against which two types of threats? (Choose two.)

IP spoofing
IP spoofing
ICMP flooding
ICMP flooding
zero-day outbreaks
zero-day outbreaks
malicious e-mail attachments
malicious e-mail attachments
Suggested answer: A, B
Explanation:

ICMP flood

Use the ICMP flood IDS option to protect against ICMP flood attacks. An ICMP flood attack typically occurs when ICMP echo requests use all resources in responding, such that valid network traffic can no longer be processed.

The threshold value defines the number of ICMP packets per second (pps) allowed to be send to the same destination address before the device rejects further ICMP packets.

IP spoofing

Use the IP address spoofing IDS option to prevent spoofing attacks. IP spoofing occurs when an invalid source address is inserted in the packet header to make the packet appear to come from a trusted source.

https://www.juniper.net/documentation/us/en/software/junos/denial-of-service/topics/topicmap/security-introduction-to-adp.html

asked 18/09/2024
Jose Leonardo
26 questions
Total 105 questions
Go to page: of 11
Open VPLUS File
Convert VPLUS to PDF

Related questions

When configuring antispam, where do you apply any local lists that are configured?
Which two IKE Phase 1 configuration options must match on both peers to successfully establish a tunnel? (Choose two.)
When are Unified Threat Management services performed in a packet flow?
What does the number "2" indicate in interface ge-0/1/2?
What is the default timeout value for TCP sessions on an SRX Series device?
Which two statements are correct about screens? (Choose two.)
What is the number of concurrent Secure Connect user licenses that an SRX Series device has by default?
Which three operating systems are supported for installing and running Juniper Secure Connect client software? (Choose three.)
Which statement about service objects is correct?
You are monitoring an SRX Series device that has the factory-default configuration applied. In this scenario, where are log messages sent by default?