Juniper JN0-231 Exam Actual Questions

Name: Security, Associate
Brand: QA4Exam
SKU: JN0-231
Price: 30 USD
Availability: InStock
Rating: 4.8 (400 reviews)

The questions for JN0-231 were last updated on Oct 2, 2024.

Viewing page 1 out of 20 pages.
Viewing questions 1-5 out of 101 questions

Unlock Access to All 101 Questions & Answers

Question No. 1

Which two addresses are valid address book entries? (Choose two.)

A173.145.5.21/255.255.255.0

B153.146.0.145/255.255.0.255

C203.150.108.10/24

D191.168.203.0/24

Show Answer

Correct Answer: A, C

The correct address book entries are:

173.145.5.21/255.255.255.0

203.150.108.10/24

Both of these entries represent a valid IP address and subnet mask combination, which can be used as an address book entry in a Juniper device.

Question No. 2

An application firewall processes the first packet in a session for which the application has not yet been identified.

In this scenario, which action does the application firewall take on the packet?

AIt allows the first packet.

BIt denies the first packet and sends an error message to the user.

CIt denies the first packet.

DIt holds the first packet until the application is identified.

Show Answer

Correct Answer: D

This is necessary to ensure that the application firewall can properly identify the application and the correct security policies can be applied before allowing any traffic to pass through.

If the first packet was allowed to pass without first being identified, then the application firewall would not know which security policies to apply - and this could potentially lead to security vulnerabilities or breaches. So it's important that the first packet is held until the application is identified.

Question No. 3

Your company is adding IP cameras to your facility to increase physical security. You are asked to help protect these loT devices from becoming zombies in a DDoS attack.

Which Juniper ATP feature should you configure to accomplish this task?

AIPsec

Bstatic NAT

Callowlists

DC&C feeds

Show Answer

Correct Answer: D

Juniper ATP should be configured with C&C feeds that contain lists of malicious domains and IP addresses in order to prevent IP cameras from becoming zombies in a DDoS attack.

This is an important step to ensure that the IP cameras are protected from malicious requests - and thus, they will not be able to be used in any DDoS attacks against the facility.

Question No. 4

What are two logical properties of an interface? (Choose two.)

Alink mode

BIP address

CVLAN ID

Dlink speed

Show Answer

Correct Answer: B, C

https://www.juniper.net/documentation/us/en/software/junos/interfaces-security-devices/topics/topic-map/security-interface-logical.html

Question No. 5

What is the default timeout value for TCP sessions on an SRX Series device?

A30 seconds

B60 minutes

C60 seconds

D30 minutes

Show Answer

Correct Answer: D

By default, TCP has a 30-minute idle timeout, and UDP has a 60-second idle timeout. Additionally, known IP protocols have a 30-minute timeout, whereas unknown ones have a 60-second timeout. Setting the inactivity timeout is very useful, particularly if you are concerned about applications either timing out or remaining idle for too long and filling up the session table. According to the Juniper SRX Series Services Guide, this can be configured using the 'timeout inactive' statement for the security policy.

Unlock All Questions for Juniper JN0-231 Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 101 Questions & Answers