Juniper jn0-231 practice test

Which two services does Juniper Connected Security provide? (Choose two.)

• A. protection against zero-day threats
• B. IPsec VPNs
• C. Layer 2 VPN tunnels
• D. inline malware blocking

What are two characteristics of a null zone? (Choose two.)

• A. The null zone is configured by the super user.
• B. By default, all unassigned interfaces are placed in the null zone.
• C. All ingress and egress traffic on an interface in a null zone is permitted.
• D. When an interface is deleted from a zone, it is assigned back to the null zone.

Which two statements are correct about the default behavior on SRX Series devices? (Choose two.)

• A. The SRX Series device is in flow mode.
• B. The SRX Series device supports stateless firewalls filters.
• C. The SRX Series device is in packet mode.
• D. The SRX Series device does not support stateless firewall filters.

The UTM features are performed during which process of the SRX Series devices packet flow?

• A. security policies
• B. services
• C. zones
• D. screens

Which two statements are correct about IPsec security associations? (Choose two.)

• A. IPsec security associations are bidirectional.
• B. IPsec security associations are unidirectional.
• C. IPsec security associations are established during IKE Phase 1 negotiations.
• D. IPsec security associations are established during IKE Phase 2 negotiations.

Which two user authentication methods are supported when using a Juniper Secure Connect VPN? (Choose two.)

• A. certificate-based
• B. multi-factor authentication
• C. local authentication
• D. active directory

Which two statements are correct about IKE security associations? (Choose two.)

• A. IKE security associations are established during IKE Phase 1 negotiations.
• B. IKE security associations are unidirectional.
• C. IKE security associations are established during IKE Phase 2 negotiations.
• D. IKE security associations are bidirectional.

Which statement is correct about static NAT?

• A. Static NAT supports port translation.
• B. Static NAT rules are evaluated after source NAT rules.
• C. Static NAT implements unidirectional one-to-one mappings.
• D. Static NAT implements unidirectional one-to-many mappings.

Corporate security requests that you implement a policy to block all POP3 traffic from traversing the Internet firewall.
In this scenario, which security feature would you use to satisfy this request?

• A. antivirus
• B. Web filtering
• C. content filtering
• D. antispam

Click the Exhibit button.



You are configuring an SRX firewall to NAT user traffic to the Internet.

Referring to the exhibit, which configuration change will enable the NAT policy?

• A. delete security nat source rule-set NAT_USERS to zone
• B. set security nat source rule-set NAT_USERS from zone NAT
• C. set security zones security-zone untrust interfaces ge-0/0/2.0
• D. delete security zone security-zone untrust interfaces ge-0/0/1.0