ExamGecko
Search Search Login
Home Home / Juniper / JN0-231

Juniper JN0-231 Practice Test - Questions Answers, Page 7

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When configuring antispam, where do you apply any local lists that are configured?
Which two IKE Phase 1 configuration options must match on both peers to successfully establish a tunnel? (Choose two.)
What is the default timeout value for TCP sessions on an SRX Series device?
Which three operating systems are supported for installing and running Juniper Secure Connect client software? (Choose three.)
You want to prevent other users from modifying or discarding your changes while you are also editing the configuration file. In this scenario, which command would accomplish this task?
Which two non-configurable zones exist by default on an SRX Series device? (Choose two.)
Which Juniper ATP feed provides a dynamic list of known botnet servers and known sources of malware downloads?
What does the number "2" indicate in interface ge-0/1/2?
Which statement is correct about unified security policies on an SRX Series device?
Corporate security requests that you implement a policy to block all POP3 traffic from traversing the Internet firewall. In this scenario, which security feature would you use to satisfy this request?

Question 61

Report
Export
Collapse

Which two IKE Phase 1 configuration options must match on both peers to successfully establish a tunnel? (Choose two.)

A.
VPN name
A.
VPN name
Answers
B.
gateway interfaces
B.
gateway interfaces
Answers
C.
IKE mode
C.
IKE mode
Answers
D.
Diffie-Hellman group
D.
Diffie-Hellman group
Answers
Suggested answer: C, D

Question 62

Report
Export
Collapse

What are three Junos UTM features? (Choose three.)

A.
screens
A.
screens
Answers
B.
antivirus
B.
antivirus
Answers
C.
Web filtering
C.
Web filtering
Answers
D.
IDP/IPS
D.
IDP/IPS
Answers
E.
content filtering
E.
content filtering
Answers
Suggested answer: B, C, E

Question 63

Report
Export
Collapse

You are investigating a communication problem between two hosts and have opened a session on the SRX Series device closest to one of the hosts and entered the show security flow session command.

What information will this command provide? (Choose two.)

A.
The total active time of the session.
A.
The total active time of the session.
Answers
B.
The end-to-end data path that the packets are taking.
B.
The end-to-end data path that the packets are taking.
Answers
C.
The IP address of the host that initiates the session.
C.
The IP address of the host that initiates the session.
Answers
D.
The security policy name that is controlling the session.
D.
The security policy name that is controlling the session.
Answers
Suggested answer: C, D

Question 64

Report
Export
Collapse

A security zone is configured with the source IP address 192.168.0.12/255.255.0.255 wildcard match.

In this scenario, which two IP packets will match the criteria? (Choose two.)

A.
192.168.1.21
A.
192.168.1.21
Answers
B.
192.168.0.1
B.
192.168.0.1
Answers
C.
192.168.1.12
C.
192.168.1.12
Answers
D.
192.168.22.12
D.
192.168.22.12
Answers
Suggested answer: C, D

Question 65

Report
Export
Collapse

When creating a site-to-site VPN using the J-Web shown in the exhibit, which statement is correct?

A.
The remote gateway is configured automatically based on the local gateway settings.
A.
The remote gateway is configured automatically based on the local gateway settings.
Answers
B.
RIP, OSPF, and BGP are supported under Routing mode.
B.
RIP, OSPF, and BGP are supported under Routing mode.
Answers
C.
The authentication method is pre-shared key or certificate based.
C.
The authentication method is pre-shared key or certificate based.
Answers
D.
Privately routable IP addresses are required.
D.
Privately routable IP addresses are required.
Answers
Suggested answer: D

Question 66

Report
Export
Collapse

What must be enabled on an SRX Series device for the reporting engine to create reports?

A.
System logging
A.
System logging
Answers
B.
SNMP
B.
SNMP
Answers
C.
Packet capture
C.
Packet capture
Answers
D.
Security logging
D.
Security logging
Answers
Suggested answer: D

Question 67

Report
Export
Collapse

Which two statements are correct about the integrated user firewall feature?(Choose two.)

A.
It maps IP addresses to individual users.
A.
It maps IP addresses to individual users.
Answers
B.
It supports IPv4 addresses.
B.
It supports IPv4 addresses.
Answers
C.
It allows tracking of non-Windows Active Directory users.
C.
It allows tracking of non-Windows Active Directory users.
Answers
D.
It uses the LDAP protocol.
D.
It uses the LDAP protocol.
Answers
Suggested answer: A, C

Question 68

Report
Export
Collapse

Which security policy type will be evaluated first?

A.
A zone policy with no dynamic application set
A.
A zone policy with no dynamic application set
Answers
B.
A global with no dynamic application set
B.
A global with no dynamic application set
Answers
C.
A zone policy with a dynamic application set
C.
A zone policy with a dynamic application set
Answers
D.
A global policy with a dynamic application set
D.
A global policy with a dynamic application set
Answers
Suggested answer: D

Question 69

Report
Export
Collapse

What does the number ''2'' indicate in interface ge—0/1/2?

A.
The interface logical number
A.
The interface logical number
Answers
B.
The physical interface card (PIC)
B.
The physical interface card (PIC)
Answers
C.
The port number
C.
The port number
Answers
D.
The flexible PIC concentrator (FPC)
D.
The flexible PIC concentrator (FPC)
Answers
Suggested answer: C

Question 70

Report
Export
Collapse

Which statement about service objects is correct?

A.
All applications are predefined by Junos.
A.
All applications are predefined by Junos.
Answers
B.
All applications are custom defined by the administrator.
B.
All applications are custom defined by the administrator.
Answers
C.
All applications are either custom or Junos defined.
C.
All applications are either custom or Junos defined.
Answers
D.
All applications in service objects are not available on the vSRX Series device.
D.
All applications in service objects are not available on the vSRX Series device.
Answers
Suggested answer: C

Explanation:

"Service objects represent applications and services that can be assigned to a security policy rule.

Applications and services can either be predefined by Junos software or custom defined by the administrator."

Reference:

Juniper Networks JNCIA-SEC Exam Guide:

https://www.juniper.net/training/certification/certification-exam-guides/jncia-sec-exam-guide/

Total 101 questions
Go to page: of 11
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms