CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Juniper
  5. JN0-231

Free JN0-231 Exam Braindumps (page: 9)

Page 8 of 26
PDF with 105 Questions

Which two statements are correct about functional zones? (Choose two.)

  1. Functional zones must have a user-defined name.
  2. Functional zone cannot be referenced in security policies or pass transit traffic.
  3. Multiple types of functional zones can be defined by the user.
  4. Functional zones are used for out-of-band device management.

Answer(s): B,D



You are assigned a project to configure SRX Series devices to allow connections to your webservers. The webservers have a private IP address, and the packets must use NAT to be accessible from the Internet. The webservers must use the same address for both connections from the Internet and communication with update servers.
Which NAT type must be used to complete this project?

  1. source NAT
  2. destination NAT
  3. static NAT
  4. hairpin NAT

Answer(s): C

Explanation:

Only static NAT with pool ensures both traffic initiated from inside and outside networks use the same IP address.



Which two user authentication methods are supported when using a Juniper Secure Connect VPN? (Choose two.)

  1. certificate-based
  2. multi-factor authentication
  3. local authentication
  4. active directory

Answer(s): C,D

Explanation:

"Local Authentication--In local authentication, the SRX Series device validates the user credentials by checking them in the local database. In this method, the administrator handles change of password or resetting of forgotten password. Here, it requires that an user must remember a new password. This option is not much preferred from a security standpoint. · External Authentication--In external authentication, you can allow the users to use the same user credentials they use when accessing other resources on the network. In many cases, user credentials are domain logon used for Active Directory or any other LDAP authorization system. This method simplifies user experience and improves the organization's security posture; because you can maintain the authorization system with the regular security policy used by your organization."

https://www.juniper.net/documentation/us/en/software/secure-connect/secure-connect- administrator-guide/topics/topic-map/secure-connect-getting-started.html



Click the Exhibit button.



Which two statements are correct about the partial policies shown in the exhibit? (Choose two.)

  1. UDP traffic matched by the deny-all policy will be silently dropped.
  2. TCP traffic matched by the reject-all policy will have a TCP RST sent.
  3. TCP traffic matched from the zone trust is allowed by the permit-all policy.
  4. UDP traffic matched by the reject-all policy will be silently dropped.

Answer(s): A,B






Post your Comments and Discuss Juniper JN0-231 exam with other Community members:

JN0-231 Discussions & Posts