ExamGecko
Search Search Login
Home Home / Juniper / JN0-231

Juniper JN0-231 Practice Test - Questions Answers, Page 3

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When configuring antispam, where do you apply any local lists that are configured?
Which two IKE Phase 1 configuration options must match on both peers to successfully establish a tunnel? (Choose two.)
What is the default timeout value for TCP sessions on an SRX Series device?
Which three operating systems are supported for installing and running Juniper Secure Connect client software? (Choose three.)
Which two non-configurable zones exist by default on an SRX Series device? (Choose two.)
Which Juniper ATP feed provides a dynamic list of known botnet servers and known sources of malware downloads?
You want to prevent other users from modifying or discarding your changes while you are also editing the configuration file. In this scenario, which command would accomplish this task?
Which statement is correct about unified security policies on an SRX Series device?
Corporate security requests that you implement a policy to block all POP3 traffic from traversing the Internet firewall. In this scenario, which security feature would you use to satisfy this request?
When are Unified Threat Management services performed in a packet flow?

Question 21

Report
Export
Collapse

Which IPsec protocol is used to encrypt the data payload?

A.
ESP
A.
ESP
Answers
B.
IKE
B.
IKE
Answers
C.
AH
C.
AH
Answers
D.
TCP
D.
TCP
Answers
Suggested answer: A

Question 22

Report
Export
Collapse

What are three primary match criteria used in a Junos security policy? (Choose three.)

A.
application
A.
application
Answers
B.
source address
B.
source address
Answers
C.
source port
C.
source port
Answers
D.
class
D.
class
Answers
E.
destination address
E.
destination address
Answers
Suggested answer: A, B, E

Question 23

Report
Export
Collapse

You have an FTP server and a webserver on the inside of your network that you want to make available to users outside of the network. You are allocated a single public IP address.

In this scenario, which two NAT elements should you configure? (Choose two.)

A.
destination NAT
A.
destination NAT
Answers
B.
NAT pool
B.
NAT pool
Answers
C.
source NAT
C.
source NAT
Answers
D.
static NAT
D.
static NAT
Answers
Suggested answer: A, B

Explanation:

With single Ip address it is port forwarding. So, destination NAT and a pool address point to the single public IP of the internet facing interface.

Question 24

Report
Export
Collapse

Which three Web filtering deployment actions are supported by Junos? (Choose three.)

A.
Use IPS.
A.
Use IPS.
Answers
B.
Use local lists.
B.
Use local lists.
Answers
C.
Use remote lists.
C.
Use remote lists.
Answers
D.
Use Websense Redirect.
D.
Use Websense Redirect.
Answers
E.
Use Juniper Enhanced Web Filtering.
E.
Use Juniper Enhanced Web Filtering.
Answers
Suggested answer: B, D, E

Explanation:

https://www.juniper.net/documentation/us/en/software/junos/utm/topics/concept/utm-webfiltering-overview.html

Question 25

Report
Export
Collapse

Which two IPsec hashing algorithms are supported on an SRX Series device? (Choose two.)

A.
SHA-1
A.
SHA-1
Answers
B.
SHAKE128
B.
SHAKE128
Answers
C.
MD5
C.
MD5
Answers
D.
RIPEMD-256
D.
RIPEMD-256
Answers
Suggested answer: A, C

Question 26

Report
Export
Collapse

Click the Exhibit button.

What is the purpose of the host-inbound-traffic configuration shown in the exhibit?

A.
to permit host inbound HTTP traffic and deny all other traffic on the internal security zone
A.
to permit host inbound HTTP traffic and deny all other traffic on the internal security zone
Answers
B.
to deny and log all host inbound traffic on the internal security zone, except for HTTP traffic
B.
to deny and log all host inbound traffic on the internal security zone, except for HTTP traffic
Answers
C.
to permit all host inbound traffic on the internal security zone, but deny HTTP traffic
C.
to permit all host inbound traffic on the internal security zone, but deny HTTP traffic
Answers
D.
to permit host inbound HTTP traffic on the internal security zone
D.
to permit host inbound HTTP traffic on the internal security zone
Answers
Suggested answer: C

Question 27

Report
Export
Collapse

When operating in packet mode, which two services are available on the SRX Series device? (Choose two.)

A.
MPLS
A.
MPLS
Answers
B.
UTM
B.
UTM
Answers
C.
CoS
C.
CoS
Answers
D.
IDP
D.
IDP
Answers
Suggested answer: A, C

Question 28

Report
Export
Collapse

Which two statements are correct about the default behavior on SRX Series devices? (Choose two.)

A.
The SRX Series device is in flow mode.
A.
The SRX Series device is in flow mode.
Answers
B.
The SRX Series device supports stateless firewalls filters.
B.
The SRX Series device supports stateless firewalls filters.
Answers
C.
The SRX Series device is in packet mode.
C.
The SRX Series device is in packet mode.
Answers
D.
The SRX Series device does not support stateless firewall filters.
D.
The SRX Series device does not support stateless firewall filters.
Answers
Suggested answer: A, B

Question 29

Report
Export
Collapse

Which two statements are correct about functional zones? (Choose two.)

A.
Functional zones must have a user-defined name.
A.
Functional zones must have a user-defined name.
Answers
B.
Functional zone cannot be referenced in security policies or pass transit traffic.
B.
Functional zone cannot be referenced in security policies or pass transit traffic.
Answers
C.
Multiple types of functional zones can be defined by the user.
C.
Multiple types of functional zones can be defined by the user.
Answers
D.
Functional zones are used for out-of-band device management.
D.
Functional zones are used for out-of-band device management.
Answers
Suggested answer: B, D

Question 30

Report
Export
Collapse

You are assigned a project to configure SRX Series devices to allow connections to your webservers.

The webservers have a private IP address, and the packets must use NAT to be accessible from the Internet. The webservers must use the same address for both connections from the Internet and communication with update servers.

Which NAT type must be used to complete this project?

A.
source NAT
A.
source NAT
Answers
B.
destination NAT
B.
destination NAT
Answers
C.
static NAT
C.
static NAT
Answers
D.
hairpin NAT
D.
hairpin NAT
Answers
Suggested answer: C

Explanation:

Only static NAT with pool ensures both traffic initiated from inside and outside networks use the same IP address.

Total 101 questions
Go to page: of 11
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms