Practice Exams:

Free JN0-231 Exam Braindumps

Pass your Security - Associate (JNCIA-SEC) exam with these free Questions and Answers

Page 4 of 21
PDF with 101 Questions
QUESTION 11

You want to verify the peer before IPsec tunnel establishment. What would be used as a final check in this scenario?

  1. A. traffic selector
  2. B. perfect forward secrecy
  3. C. st0 interfaces
  4. D. proxy ID

Correct Answer: D
The proxy ID is used as a final check to verify the peer before IPsec tunnel establishment. The proxy ID is a combination of local and remote subnet and protocol, and it is used to match the traffic that is to be encrypted. If the proxy IDs match between the two IPsec peers, the IPsec tunnel is established, and the traffic is encrypted.

QUESTION 12

Which statement about NAT is correct?

  1. A. Destination NAT takes precedence over static NAT.
  2. B. Source NAT is processed before security policy lookup.
  3. C. Static NAT is processed after forwarding lookup.
  4. D. Static NAT takes precedence over destination NAT.

Correct Answer: D

QUESTION 13

When are Unified Threat Management services performed in a packet flow?

  1. A. before security policies are evaluated
  2. B. as the packet enters an SRX Series device
  3. C. only during the first path process
  4. D. after network address translation

Correct Answer: D
https://iosonounrouter.wordpress.com/2018/07/07/how-does-a-flow-based-srx-work/

QUESTION 14

You are installing a new SRX Series device and you are only provided one IP address from your ISP. In this scenario, which NAT solution would you implement?

  1. A. pool-based NAT with PAT
  2. B. pool-based NAT with address shifting
  3. C. interface-based source NAT
  4. D. pool-based NAT without PAT

Correct Answer: C

QUESTION 15

What are two functions of Juniper ATP Cloud? (Choose two.)

  1. A. malware inspection
  2. B. Web content filtering
  3. C. DDoS protection
  4. D. Geo IP feeds

Correct Answer: AD
Juniper Advanced Threat Prevention (ATP) Cloud is a security service that helps organizations protect against advanced threats by providing real-time threat intelligence and automated response capabilities. It combines a cloud-based threat intelligence platform with the security capabilities of Juniper Networks security devices to provide comprehensive protection against advanced threats. The two functions of Juniper ATP Cloud include malware inspection and Geo IP feeds. The malware inspection component provides real-time protection against known and unknown threats by analyzing suspicious files and determining if they are malicious. The Geo IP feeds provide a global view of IP addresses and their associated countries, allowing organizations to identify and block traffic from known malicious countries.

Page 4 of 21
PDF with 101 Questions

Post your Comments and Discuss Juniper JN0-231 exam with other Community members: