Juniper JN0-231 Security, Associate JNCIA-SEC Exam Practice Test

Page: 1 / 14
Total 101 questions
Question 1

What is the default timeout value for TCP sessions on an SRX Series device?



Answer : D

By default, TCP has a 30-minute idle timeout, and UDP has a 60-second idle timeout. Additionally, known IP protocols have a 30-minute timeout, whereas unknown ones have a 60-second timeout. Setting the inactivity timeout is very useful, particularly if you are concerned about applications either timing out or remaining idle for too long and filling up the session table. According to the Juniper SRX Series Services Guide, this can be configured using the 'timeout inactive' statement for the security policy.


Question 2

Which Web filtering solution uses a direct Internet-based service for URL categorization?



Answer : C

Juniper Enhanced Web Filtering is a web filtering solution that uses a direct Internet-based service for URL categorization. This service allows Enhanced Web Filtering to quickly and accurately categorize URLs and other web content, providing real-time protection against malicious content. Additionally, Enhanced Web Filtering is able to provide detailed reporting on web usage, as well as the ability to define and enforce acceptable use policies.


Question 3

Which two statements about user-defined security zones are correct? (Choose two.)



Answer : B, C

User-defined security zones allow users to configure multiple security zones and share them between routing instances. This allows users to easily manage multiple security zones and their associated policies. For example, a user can create a security zone for corporate traffic, a security zone for guest traffic, and a security zone for public traffic, and then configure policies to control the flow of traffic between each of these security zones. Transit traffic can also be managed using user-defined security zones, as the policies applied to these zones will be applied to the transit traffic as well.


Question 4

Which two statements about the Junos OS CLI are correct? (Choose two.)



Answer : A, D

The two correct statements about the Junos OS CLI are that the default configuration requires you to log in as the admin user, and that most Juniper devices identify the root login prompt using the > character. The factory-default login assigns the hostname 'juniper' to the device and the root login prompt is usually identified with the % character. More information about the Junos OS CLI can be found in the Juniper Networks technical documentation here:https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summary/cli-overview.html.


Question 5

What is the default value of the dead peer detection (DPD) interval for an IPsec VPN tunnel?



Answer : B

The default value of the dead peer detection (DPD) interval for an IPsec VPN tunnel is 5 seconds. DPD is a mechanism that enables the IPsec device to detect if the peer is still reachable or if the IPsec VPN tunnel is still active. The DPD interval determines how often the IPsec device sends DPD packets to the peer to check the status of the VPN tunnel. A value of 5 seconds is a common default, but the specific value can vary depending on the IPsec device and its configuration.


Juniper Networks Technical Documentation: Configuring IPsec VPNs: https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ipsec-vpn-overview-srx-series.html

Question 6

Which two statements are correct about the integrated user firewall feature?(Choose two.)



Answer : A, C


Question 7

What must be enabled on an SRX Series device for the reporting engine to create reports?



Answer : D


Page:    1 / 14   
Total 101 questions