Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Juniper JN0-232 - Security, Associate (JNCIA-SEC)

Page: 2 / 4
Total 110 questions

When does screening occur in the flow module?

A.

before session lookup

B.

during policy lookup

C.

during route lookup

D.

after session lookup

In which order does Junos OS process the various forms of NAT?

A.

static NAT, destination NAT, source NAT

B.

destination NAT, source NAT, static NAT

C.

source NAT, static NAT, destination NAT

D.

source NAT, destination NAT, static NAT

Which two statements are correct about screens? (Choose two.)

A.

A single screen can be associated with multiple security zones.

B.

Screens are only used on first path traffic.

C.

Screens only detect IP-based attacks.

D.

Screens are applied on the security zone of the ingress interface.

What is the purpose of a feature profile in a UTM configuration?

A.

It applies a UTM feature to a security policy.

B.

It applies a UTM feature to protocol traffic.

C.

It defines the operation of a specific UTM feature.

D.

It defines an object list.

The exhibit shows a table representing security policies from the trust zone to the untrust zone.

In this scenario, which two statements are correct? (Choose two.)

A.

FTP requests from the source IP address of 172.25.11.11 are denied to the destination IP address of 10.1.0.10.

B.

Ping command requests from the source IP address of 172.25.11.100 are denied to the destination IP address of 10.1.0.10.

C.

SSH requests from the source IP address of 172.25.11.10 are permitted to the destination IP address of 10.1.0.10.

D.

FTP requests from the source IP address of 10.1.0.10 are permitted to the destination IP address of 172.25.11.100.

Which two security features are applied in a security policy? (Choose two.)

A.

SSL proxy

B.

firewall authentication

C.

captive portal authentication

D.

MAC bypass

You want to enable NextGen Web Filtering (NGWF) on your SRX Series Firewall.

Which two actions must you perform in this scenario? (Choose two.)

A.

Install a NextGen Web Filtering feature license.

B.

Enable NextGen Web Filtering as the default Web Filtering type.

C.

Assign a public IP address to the loopback interface.

D.

Enable SSL host inbound traffic on the untrust security zone.

You are troubleshooting first path traffic not passing through an SRX Series Firewall. You have determined that the traffic is ingressing and egressing the correct interfaces using a route lookup.

In this scenario, what is the next step in troubleshooting why the device may be dropping the traffic?

A.

Verify that the interfaces are in the correct security zones.

B.

Verify the routing protocol being used.

C.

Verify that source NAT is occurring.

D.

Verify that the correct ALG is being used.

You want to verify the effectiveness of Web filtering on the SRX Series Firewall.

How would you accomplish this task?

A.

by installing a local NGWF server

B.

by checking the file extensions of blocked content

C.

by examining the content filtering policies

D.

by attempting to access permitted or blocked URLs

Click the Exhibit button.

The exhibit shows a table representing security policies from the trust zone to the untrust zone.

In this scenario, which two statements are correct? (Choose two.)

A.

SSH requests from the source IP address of 172.25.11.10 are permitted to the destination IP address of 10.1.0.10.

B.

Ping command requests from the source IP address of 172.25.11.100 are denied to the destination IP address of 10.1.0.10.

C.

FTP requests from the source IP address of 10.1.0.10 are permitted to the destination IP address of 172.25.11.100.

D.

FTP requests from the source IP address of 172.25.11.11 are denied to the destination IP address of 10.1.0.10.