ExamGecko
Search Search Login
Home Home / Juniper / JN0-231

Juniper JN0-231 Practice Test - Questions Answers

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When configuring antispam, where do you apply any local lists that are configured?
Which two IKE Phase 1 configuration options must match on both peers to successfully establish a tunnel? (Choose two.)
What is the default timeout value for TCP sessions on an SRX Series device?
Which three operating systems are supported for installing and running Juniper Secure Connect client software? (Choose three.)
You want to prevent other users from modifying or discarding your changes while you are also editing the configuration file. In this scenario, which command would accomplish this task?
Which two non-configurable zones exist by default on an SRX Series device? (Choose two.)
Which Juniper ATP feed provides a dynamic list of known botnet servers and known sources of malware downloads?
Which statement is correct about unified security policies on an SRX Series device?
Corporate security requests that you implement a policy to block all POP3 traffic from traversing the Internet firewall. In this scenario, which security feature would you use to satisfy this request?
When are Unified Threat Management services performed in a packet flow?

Question 1

Report
Export
Collapse

Which two criteria should a zone-based security policy include? (Choose two.)

A.
a source port
A.
a source port
Answers
B.
a destination port
B.
a destination port
Answers
C.
zone context
C.
zone context
Answers
D.
an action
D.
an action
Answers
Suggested answer: A, B

Explanation:

A security policy is a set of statements that controls traffic from a specified source to a specified destination using a specified service. A policy permits, denies, or tunnels specified types of traffic unidirectionally between two points.

Each policy consists of:

A unique name for the policy.

A from-zone and a to-zone, for example: user@host# set security policies from-zone untrust to-zone untrust A set of match criteria defining the conditions that must be satisfied to apply the policy rule. The match criteria are based on a source IP address, destination IP address, and applications. The user identity firewall provides greater granularity by including an additional tuple, source-identity, as part of the policy statement.

A set of actions to be performed in case of a match—permit, deny, or reject.

Accounting and auditing elements—counting, logging, or structured system logging.

https://www.juniper.net/documentation/us/en/software/junos/security-policies/topics/topicmap/security-policy-configuration.html

Question 2

Report
Export
Collapse

You are assigned a project to configure SRX Series devices to allow connections to your webservers.

The webservers have a private IP address, and the packets must use NAT to be accessible from the Internet. You do not want the webservers to initiate connections with external update servers on the Internet using the same IP address as customers use to access them.

Which two NAT types must be used to complete this project? (Choose two.)

A.
static NAT
A.
static NAT
Answers
B.
hairpin NAT
B.
hairpin NAT
Answers
C.
destination NAT
C.
destination NAT
Answers
D.
source NAT
D.
source NAT
Answers
Suggested answer: C, D

Question 3

Report
Export
Collapse

You are asked to verify that a license for AppSecure is installed on an SRX Series device.

In this scenario, which command will provide you with the required information?

A.
user@srx> show system license
A.
user@srx> show system license
Answers
B.
user@srx> show services accounting
B.
user@srx> show services accounting
Answers
C.
user@srx> show configuration system
C.
user@srx> show configuration system
Answers
D.
user@srx> show chassis firmware
D.
user@srx> show chassis firmware
Answers
Suggested answer: A

Question 4

Report
Export
Collapse

Click the Exhibit button.

Referring to the exhibit, a user is placed in which hierarchy when the exit command is run?

A.
[edit security policies from-zone trust to-zone dmz] user@vSRX-1#
A.
[edit security policies from-zone trust to-zone dmz] user@vSRX-1#
Answers
B.
[edit]user@vSRX-1#
B.
[edit]user@vSRX-1#
Answers
C.
[edit security policies]user@vSRX-1#
C.
[edit security policies]user@vSRX-1#
Answers
D.
user@vSRX-1>
D.
user@vSRX-1>
Answers
Suggested answer: A

Question 5

Report
Export
Collapse

You want to enable the minimum Juniper ATP services on a branch SRX Series device.

In this scenario, what are two requirements to accomplish this task? (Choose two.)

A.
Install a basic Juniper ATP license on the branch device.
A.
Install a basic Juniper ATP license on the branch device.
Answers
B.
Configure the juniper-atp user account on the branch device.
B.
Configure the juniper-atp user account on the branch device.
Answers
C.
Register for a Juniper ATP account on https://sky.junipersecurity.net.
C.
Register for a Juniper ATP account on https://sky.junipersecurity.net.
Answers
D.
Execute the Juniper ATP script on the branch device.
D.
Execute the Juniper ATP script on the branch device.
Answers
Suggested answer: C, D

Explanation:

https://manuals.plus/m/95fded847e67e8f456453182a54526ba3224a61a337c47177244d345d1f3b19e.pdf

Question 6

Report
Export
Collapse

SRX Series devices have a maximum of how many rollback configurations?

A.
40
A.
40
Answers
B.
60
B.
60
Answers
C.
50
C.
50
Answers
D.
10
D.
10
Answers
Suggested answer: C

Question 7

Report
Export
Collapse

Unified threat management (UTM) inspects traffic from which three protocols? (Choose three.)

A.
FTP
A.
FTP
Answers
B.
SMTP
B.
SMTP
Answers
C.
SNMP
C.
SNMP
Answers
D.
HTTP
D.
HTTP
Answers
E.
SSH
E.
SSH
Answers
Suggested answer: A, B, D

Explanation:

https://www.inetzero.com/blog/unified-threat-management-deeper-dive-traffic-inspection/

Question 8

Report
Export
Collapse

When are Unified Threat Management services performed in a packet flow?

A.
before security policies are evaluated
A.
before security policies are evaluated
Answers
B.
as the packet enters an SRX Series device
B.
as the packet enters an SRX Series device
Answers
C.
only during the first path process
C.
only during the first path process
Answers
D.
after network address translation
D.
after network address translation
Answers
Suggested answer: D

Explanation:

https://iosonounrouter.wordpress.com/2018/07/07/how-does-a-flow-based-srx-work/

Question 9

Report
Export
Collapse

When configuring antispam, where do you apply any local lists that are configured?

A.
custom objects
A.
custom objects
Answers
B.
advanced security policy
B.
advanced security policy
Answers
C.
antispam feature-profile
C.
antispam feature-profile
Answers
D.
antispam UTM policy
D.
antispam UTM policy
Answers
Suggested answer: A

Explanation:

https://www.juniper.net/documentation/us/en/software/junos/utm/topics/topic-map/securitylocal-list-antispam-filtering.html

Question 10

Report
Export
Collapse

Screens on an SRX Series device protect against which two types of threats? (Choose two.)

A.
IP spoofing
A.
IP spoofing
Answers
B.
ICMP flooding
B.
ICMP flooding
Answers
C.
zero-day outbreaks
C.
zero-day outbreaks
Answers
D.
malicious e-mail attachments
D.
malicious e-mail attachments
Answers
Suggested answer: A, B

Explanation:

ICMP flood

Use the ICMP flood IDS option to protect against ICMP flood attacks. An ICMP flood attack typically occurs when ICMP echo requests use all resources in responding, such that valid network traffic can no longer be processed.

The threshold value defines the number of ICMP packets per second (pps) allowed to be send to the same destination address before the device rejects further ICMP packets.

IP spoofing

Use the IP address spoofing IDS option to prevent spoofing attacks. IP spoofing occurs when an invalid source address is inserted in the packet header to make the packet appear to come from a trusted source.

https://www.juniper.net/documentation/us/en/software/junos/denial-of-service/topics/topicmap/security-introduction-to-adp.html

Total 101 questions
Go to page: of 11
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms