Juniper JN0-231 JNCIA-SEC Exam Practice Test Instant Access

Question 1

You are asked to configure your SRX Series device to block all traffic from certain countries. The solution must be automatically updated as IP prefixes become allocated to those certain countries.

Which Juniper ATP solution will accomplish this task?

AGeo IP

Bunified security policies

CIDP

DC&C feed

Answer : A

Juniper ATP Geo IP can help to accomplish this task by using geolocation services to determine the geographical location of IP addresses. As IP prefixes get allocated to the countries that you have specified, the Geo IP solution will automatically update the configured firewall policies to block any traffic that is coming from those specific countries.

This is a great solution for blocking specific countries - as it will allow for a more personalized and targeted approach to firewall policies - and thus, to increase the effectiveness of the solution at blocking potential malicious traffic.

Question 2

Your ISP gives you an IP address of 203.0.113.0/27 and informs you that your default gateway is 203.0.113.1. You configure destination NAT to your internal server, but the requests sent to the webserver at 203.0.113.5 are not arriving at the server.

In this scenario, which two configuration features need to be added? (Choose two.)

Afirewall filter

Bsecurity policy

Cproxy-ARP

DUTM policy

Answer : B, C

Question 3

Which two components are configured for host inbound traffic? (Choose two.)

Azone

Blogical interface

Cphysical interface

Drouting instance

Answer : A, B

Question 4

What are two features of the Juniper ATP Cloud service? (Choose two.)

Asandbox

Bmalware detection

CEX Series device integration

Dhoneypot

Answer : A, B

Question 5

When configuring antispam, where do you apply any local lists that are configured?

Acustom objects

Badvanced security policy

Cantispam feature-profile

Dantispam UTM policy

Answer : A

user@host# set security utm custom-objects url-pattern url-pattern-name https://www.juniper.net/documentation/us/en/software/junos/utm/topics/topic-map/security-local-list-antispam-filtering.html

Question 6

Which statement is correct about unified security policies on an SRX Series device?

AA zone-based policy is always evaluated first.

BThe most restrictive policy is applied regardless of the policy level.

CA global policy is always evaluated first.

DThe first policy rule is applied regardless of the policy level.

Answer : A

Question 7

What must be enabled on an SRX Series device for the reporting engine to create reports?

ASystem logging

BSNMP

CPacket capture

DSecurity logging

Answer : D

Juniper JN0-231 Security, Associate JNCIA-SEC Exam Practice Test