[Dec 23, 2021] Exam4Docs JN0-230 Exam Practice Test Questions (Updated 85 Questions)
Pass Juniper JN0-230 Exam Info and Free Practice Test
Day Three
On the third and last day of your certification exam training, get ready to validate your understanding of Network Address Translation, Monitoring and Reporting, and Site-to-Site VPNs. In this session, the instructors will want to be sure that you have mastered a wide variety of terms such as NAT Overview, Source NAT, Destination NAT, Static NAT, J-Web Reports, Network Utilities, and IPsec Site-to-Site VPN configuration among other skills. Similarly, here, you’ll also have to accomplish three hands-on lab sessions.
NEW QUESTION 36
Which two statements are correct about using global-based policies over zone-based policies? (Choose two.)
- A. With global-based policies, you do not need to specify a source zone in the match criteria.
- B. With global-based policies, you do not need to specify a source address in the match criteria.
- C. With global-based policies, you do not need to specify a destination address in the match criteria.
- D. With global-based policies, you do not need to specify a destination zone in the match criteria.
Answer: B,C
NEW QUESTION 37
Which two statements are correct about global security policies? (choose two)
- A. Global based policies must reference the source and destination zones
- B. Global based policies can reference the destination zone
- C. Global based policies can reference the source zone
- D. Global based policies must reference a dynamic application
Answer: B,C
NEW QUESTION 38
What are configuring the antispam UTM feature on an SRX Series device.
Which two actions would be performed by the SRX Series device for e-mail that is identified as spam?
(Choose two.)
- A. Quarantine e-mail
- B. Tag the e-mail
- C. Block the e-mail
- D. Queue the e-mail
Answer: B,C
NEW QUESTION 39
Which two statements are correct about security zones? (Choose two.)
- A. Security zones use security policies that enforce rules for the transit traffic.
- B. Security zones use packet filters to prevent communication between management ports.
- C. Security zones use a stateful firewall to provide secure network connections.
- D. Security zones use address books to link usernames to IP addresses.
Answer: B,D
NEW QUESTION 40
The Sky ATP premium or basic-Threat Feed license is needed fort which two features? (Choose two.)
- A. C&C feeds
- B. Executable inspection
- C. Custom feeds
- D. Outbound protection
Answer: A,C
NEW QUESTION 41
You are designing a new security policy on an SRX Series device. You must block an application and log all occurrence of the application access attempts.
In this scenario, which two actions must be enabled in the security policy? (Choose two.)
- A. Enable a deny action
- B. Log the session initiations
- C. Enable a reject action
- D. Log the session closures
Answer: B
NEW QUESTION 42
Which statements is correct about SKY ATP?
- A. Sky ATP is an open-source security solution.
- B. Sky ATP is used to automatically push out changes to the AppSecure suite.
- C. Sky ATP is a cloud-based security threat analyzer that performs multiple tasks
- D. Sky ATP only support sending threat feeds to vSRX Series devices
Answer: D
NEW QUESTION 43
Host-inbound-traffic is configured on the DMZ zone and the ge-0/0/9.0 interface attached to that zone.
Referring to the exhibit,
which to types of management traffic would be performed on the SRX Series device? (Choose two.)
- A. HTTPS
- B. SSH
- C. Finger
- D. HTTP
Answer: B,D
NEW QUESTION 44
Which two actions are performed on an incoming packet matching an existing session? (Choose two.)
- A. Security policy evolution
- B. Zone processing
- C. Service ALG processing
- D. Screens processing
Answer: C,D
NEW QUESTION 45
Which method do VPNs use to prevent outside parties from viewing packet in clear text?
- A. Integrity
- B. NAT_T
- C. Authentication
- D. Encryption
Answer: D
NEW QUESTION 46
Which type of security policy protect restricted services from running onnon-standard ports?
- A. Sky ATP
- B. antivirus
- C. Application firewall
- D. IDP
Answer: C
NEW QUESTION 47
Which two statements are true regarding zone-based security policies? (Choose two.)
- A. Zone-based policies must reference a dynamic application in the match criteria.
- B. Zone-based policies must reference a URL category in the match criteria.
- C. Zone-based policies must reference a destination address in the match criteria
- D. Zone-based policies must reference a source address in the match criteria.
Answer: C,D
NEW QUESTION 48
What is the correct order of processing when configuring NAT rules and security policies?
- A. Source NAT > static NAT > destination NAT > policy lookup
- B. Destination NAT> policy lookup > source NAT> static NAT
- C. Static NAT > destination NAT> policy lookup > source NAT
- D. Policy lookup > source NAT > static NAT > destination NAT
Answer: D
NEW QUESTION 49
What must you do first to use the Monitor/Alarms/Policy Log workspace in J-Web?
- A. You must enable logging that uses the SD-Syslog format.
- B. You must enable security logging that uses the TLS transport mode.
- C. You must enable stream mode security logging on the SRX Series device.
- D. You must enable event mode security logging on the SRX Series device.
Answer: D
NEW QUESTION 50
Exhibit.
Which statement is correct regarding the interface configuration shown in the exhibit?
- A. The interface MTU has been increased.
- B. The IP address has an invalid subnet mask.
- C. The IP address is assigned to unit 0.
- D. The interface is assigned to the trust zone by default.
Answer: C
NEW QUESTION 51
Which management software supports metadata-based security policies that are ideal for cloud deployments?
- A. Sky Enterprise
- B. Security Director
- C. Network Director
- D. J-Web
Answer: A
NEW QUESTION 52
Which two statements describe IPsec VPNs? (Choose two.)
- A. IPsec VPN traffic is always encrypted.
- B. IPsec VPNs use security measures to secure traffic over a public network between two remote sites.
- C. IPsec VPNs are dedicated physical connections between two private networks.
- D. IPsec VPN traffic is always authenticated.
Answer: B,D
NEW QUESTION 53
Which method do VPNs use to prevent outside parties from viewing packets in clear text?
- A. authentication
- B. integrity
- C. encryption
- D. NAT-T
Answer: C
NEW QUESTION 54
Which two statements are true about security policy actions? (Choose two.)
- A. The deny action silently drop the traffic.
- B. The reject action silently drops the traffic.
- C. The reject action drops the traffic and sends a message to the source device.
- D. The deny action drops the traffic and sends a message to the source device.
Answer: A,C
NEW QUESTION 55
You are concerned that unauthorized traffic is using non-standardized ports on your network.
In this scenario, which type of security feature should you implement?
- A. Sky ATP
- B. Firewall filters
- C. Application firewall
- D. Zone-based policies
Answer: C
NEW QUESTION 56
Which zone is considered a functional zone?
- A. junos host
- B. management
- C. trust
- D. null
Answer: D
NEW QUESTION 57
......
Juniper JN0-230 Exam Topics:
| Section | Objectives |
|---|---|
| Unified Threat Management | Identify the concepts, benefits, or operation of UTM
|
| IPsec | Identify the concepts, benefits, or operation of IPsec VPNs
|
| Monitoring/Reporting | Describe methods for monitoring, reporting, or logging for Juniper security solutions
|
| Sky Advanced Threat Prevention | Identify the concepts, benefits, or operation of Sky ATP
|
| Network Address Translation | Describe the concepts, benefits, or operation of NAT
|
| SRX Series Devices | Identify concepts or general features of SRX Series devices
|
| Security Policies | Describe the concepts, benefits, or operation of security policies
|
| Junos Security Objects | Identify concepts or general functionality of security zone, screen, address, or services objects
|
Pass Your Juniper Exam with JN0-230 Exam Dumps: https://www.exam4docs.com/JN0-230-study-questions.html
