ExamGecko
Search Search Login
Home Home / Juniper / JN0-231

Juniper JN0-231 Practice Test - Questions Answers, Page 5

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When configuring antispam, where do you apply any local lists that are configured?
Which two IKE Phase 1 configuration options must match on both peers to successfully establish a tunnel? (Choose two.)
What is the default timeout value for TCP sessions on an SRX Series device?
Which three operating systems are supported for installing and running Juniper Secure Connect client software? (Choose three.)
You want to prevent other users from modifying or discarding your changes while you are also editing the configuration file. In this scenario, which command would accomplish this task?
Which two non-configurable zones exist by default on an SRX Series device? (Choose two.)
Which Juniper ATP feed provides a dynamic list of known botnet servers and known sources of malware downloads?
Which statement is correct about unified security policies on an SRX Series device?
Corporate security requests that you implement a policy to block all POP3 traffic from traversing the Internet firewall. In this scenario, which security feature would you use to satisfy this request?
When are Unified Threat Management services performed in a packet flow?

Question 41

Report
Export
Collapse

What are two valid address books? (Choose two.)

A.
66.129.239.128/25
A.
66.129.239.128/25
Answers
B.
66.129.239.154/24
B.
66.129.239.154/24
Answers
C.
66.129.239.0/24
C.
66.129.239.0/24
Answers
D.
66.129.239.50/25
D.
66.129.239.50/25
Answers
Suggested answer: A, C

Explanation:

Network Prefixes in Address Books You can specify addresses as network prefixes in the prefix/length format. For example, 203.0.113.0/24 is an acceptable address book address because it translates to a network prefix.

However, 203.0.113.4/24 is not acceptable for an address book because it exceeds the subnet length of 24 bits. Everything beyond the subnet length must be entered as 0 (zero). In special scenarios, you can enter a hostname because it can use the full 32-bit address length.

https://www.juniper.net/documentation/us/en/software/junos/security-policies/topics/topicmap/security-address-books-sets.html

Question 42

Report
Export
Collapse

What is the order of the first path packet processing when a packet enters a device?

A.
security policies –> screens –> zones
A.
security policies –> screens –> zones
Answers
B.
screens –> security policies –> zones
B.
screens –> security policies –> zones
Answers
C.
screens –> zones –> security policies
C.
screens –> zones –> security policies
Answers
D.
security policies –> zones –> screens
D.
security policies –> zones –> screens
Answers
Suggested answer: C

Question 43

Report
Export
Collapse

Which two components are part of a security zone? (Choose two.)

A.
inet.0
A.
inet.0
Answers
B.
fxp0
B.
fxp0
Answers
C.
address book
C.
address book
Answers
D.
ge-0/0/0.0
D.
ge-0/0/0.0
Answers
Suggested answer: B, D

Question 44

Report
Export
Collapse

Which statement is correct about packet mode processing?

A.
Packet mode enables session-based processing of incoming packets.
A.
Packet mode enables session-based processing of incoming packets.
Answers
B.
Packet mode works with NAT, VPNs, UTM, IDP, and other advanced security services.
B.
Packet mode works with NAT, VPNs, UTM, IDP, and other advanced security services.
Answers
C.
Packet mode bypasses the flow module.
C.
Packet mode bypasses the flow module.
Answers
D.
Packet mode is the basis for stateful processing.
D.
Packet mode is the basis for stateful processing.
Answers
Suggested answer: C

Question 45

Report
Export
Collapse

Which two traffic types are considered exception traffic and require some form of special handling by the PFE? (Choose two.)

A.
SSH sessions
A.
SSH sessions
Answers
B.
ICMP reply messages
B.
ICMP reply messages
Answers
C.
HTTP sessions
C.
HTTP sessions
Answers
D.
traceroute packets
D.
traceroute packets
Answers
Suggested answer: B, D

Question 46

Report
Export
Collapse

What is the correct order in which interface names should be identified?

A.
system slot number –> interface media type –> port number –> line card slot number
A.
system slot number –> interface media type –> port number –> line card slot number
Answers
B.
system slot number –> port number –> interface media type –> line card slot number
B.
system slot number –> port number –> interface media type –> line card slot number
Answers
C.
interface media type –> system slot number –> line card slot number –> port number
C.
interface media type –> system slot number –> line card slot number –> port number
Answers
D.
interface media type –> port number –> system slot number –> line card slot number
D.
interface media type –> port number –> system slot number –> line card slot number
Answers
Suggested answer: C

Question 47

Report
Export
Collapse

What are two characteristics of a null zone? (Choose two.)

A.
The null zone is configured by the super user.
A.
The null zone is configured by the super user.
Answers
B.
By default, all unassigned interfaces are placed in the null zone.
B.
By default, all unassigned interfaces are placed in the null zone.
Answers
C.
All ingress and egress traffic on an interface in a null zone is permitted.
C.
All ingress and egress traffic on an interface in a null zone is permitted.
Answers
D.
When an interface is deleted from a zone, it is assigned back to the null zone.
D.
When an interface is deleted from a zone, it is assigned back to the null zone.
Answers
Suggested answer: B, D

Question 48

Report
Export
Collapse

Which two statements are correct about screens? (Choose two.)

A.
Screens process inbound packets.
A.
Screens process inbound packets.
Answers
B.
Screens are processed on the routing engine.
B.
Screens are processed on the routing engine.
Answers
C.
Screens process outbound packets.
C.
Screens process outbound packets.
Answers
D.
Screens are processed on the flow module.
D.
Screens are processed on the flow module.
Answers
Suggested answer: A, D

Question 49

Report
Export
Collapse

Which statement about NAT is correct?

A.
Destination NAT takes precedence over static NAT.
A.
Destination NAT takes precedence over static NAT.
Answers
B.
Source NAT is processed before security policy lookup.
B.
Source NAT is processed before security policy lookup.
Answers
C.
Static NAT is processed after forwarding lookup.
C.
Static NAT is processed after forwarding lookup.
Answers
D.
Static NAT takes precedence over destination NAT.
D.
Static NAT takes precedence over destination NAT.
Answers
Suggested answer: D

Question 50

Report
Export
Collapse

Which statement is correct about global security policies on SRX Series devices?

A.
The to-zone any command configures a global policy.
A.
The to-zone any command configures a global policy.
Answers
B.
The from-zone any command configures a global policy.
B.
The from-zone any command configures a global policy.
Answers
C.
Global policies are always evaluated first.
C.
Global policies are always evaluated first.
Answers
D.
Global policies can include zone context.
D.
Global policies can include zone context.
Answers
Suggested answer: D
Total 101 questions
Go to page: of 11
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms