[2022年11月] 検証済みJuniper JN0-231リアル豪華お試しセット試験問題集でPDF
JN0-231問題集PDF最新 [2022年最新] 究極の学習ガイド
Juniper JN0-231 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
質問 42
Which two statements are correct about global security policies? (choose two)
- A. Global based policies must reference a dynamic application
- B. Global based policies can reference the destination zone
- C. Global based policies can reference the source zone
- D. Global based policies must reference the source and destination zones
正解: B,C
質問 43
Which two statements are correct about functional zones? (Choose two.)
- A. Functional zones must have a user-defined name.
- B. Functional zone cannot be referenced in security policies or pass transit traffic.
- C. Multiple types of functional zones can be defined by the user.
- D. Functional zones are used for out-of-band device management.
正解: B,D
質問 44
Which security feature is applied to traffic on an SRX Series device when the device is running n packet mode?
- A. ALGs
- B. Sky ATP
- C. Unified policies
- D. Firewall filters
正解: D
質問 45
Which two security features inspect traffic at Layer 7? (Choose two.)
- A. application firewall
- B. integrated user firewall
- C. security zones
- D. IPS/IDP
正解: A,D
質問 46
You are assigned a project to configure SRX Series devices to allow connections to your webservers. The webservers have a private IP address, and the packets must use NAT to be accessible from the Internet. You do not want the webservers to initiate connections with external update servers on the Internet using the same IP address as customers use to access them.
Which two NAT types must be used to complete this project? (Choose two.)
- A. static NAT
- B. hairpin NAT
- C. destination NAT
- D. source NAT
正解: C,D
質問 47
When operating in packet mode, which two services are available on the SRX Series device? (Choose two.)
- A. UTM
- B. MPLS
- C. IDP
- D. CoS
正解: B,D
質問 48
The free licensing model for Sky ATP includes which features? (Choose two.)
- A. Infected host blocking
- B. Executable file inspection
- C. C & C feeds
- D. Compromised endpoint dashboard
正解: A,B
質問 49
Which two statements are true about the null zone? (Choose two.)
- A. All traffic to the null zone is allowed
- B. All traffic to the null zone is dropped.
- C. The null zone is a user-defined zone
- D. All interface belong to the bull zone by default.
正解: B,D
質問 50
Which two components are configured for host inbound traffic? (Choose two.)
- A. logical interface
- B. zone
- C. routing instance
- D. physical interface
正解: A,B
質問 51
Which two segments describes IPsec VPNs? (Choose two.)
- A. IPsec VPN traffic is always encrypted.
- B. IPsec VPNs are dedicated physical connections between two private networks.
- C. IPsec VPNs use security to secure traffic over a public network between two remote sites.
- D. IPsec VPN traffic is always authenticated.
正解: C,D
質問 52
Which two traffic types are considered exception traffic and require some form of special handling by the PFE? (Choose two.)
- A. HTTP sessions
- B. ICMP reply messages
- C. SSH sessions
- D. traceroute packets
正解: B,D
質問 53
What are the valid actions for a source NAT rule in J-Web? (choose three.)
- A. interface
- B. Off
- C. Source
- D. On
- E. Pool
正解: A,B,E
質問 54
Click the Exhibit button
You have configured source ... Being received By the SRX series Which features must be configured
- A. Reverse static NAT
- B. Proxy ARP
- C. Destination NAT
- D. Port Forwarding
正解: B
質問 55
Which flow module components handles processing for UTM?
- A. Services
- B. Screen options
- C. Policy
- D. Zones
正解: A
質問 56
Firewall filters define which type of security?
- A. Stateless
- B. NGFW
- C. Stateful
- D. Dynamic enforcement
正解: A
質問 57
Which statement about global NAT address persistence is correct?
- A. The same IP address from a source NAT pool is not guaranteed to be assigned for all sessions from a given host.
- B. The same IP address from a destination NAT pool will be assigned for all sessions for a given host.
- C. The same IP address from a source NAT pool will be assigned for all sessions from a given host.
- D. The same IP address from a destination NAT pool is not guaranteed to be assigned for all sessions for a given host.
正解: C
質問 58
Your company uses SRX Series devices to secure the edge of the network. You are asked protect the company from ransom ware attacks.
Which solution will satisfy this requirement?
- A. Unified security policies
- B. screens
- C. Sky ATP
- D. AppSecure
正解: C
質問 59
Click the Exhibit button.
Which two user roles shown in the exhibit are available be defaults? (choose two)
- A. Jtac
- B. Admin
- C. Operator
- D. Super-user
正解: C,D
質問 60
Which statements is correct about Junos security zones?
- A. Logical interface are added to user defined security zones
- B. User-defined security must contains the key word ''zone''
- C. Security policies are referenced within a user-defined security zone.
- D. User-defined security must contain at least one interface.
正解: A
質問 61
Which two actions are performed on an incoming packet matching an existing session? (Choose two.)
- A. Screens processing
- B. Service ALG processing
- C. Zone processing
- D. Security policy evolution
正解: A,B
質問 62
Screens on an SRX Series device protect against which two types of threats? (Choose two.)
- A. zero-day outbreaks
- B. ICMP flooding
- C. IP spoofing
- D. malicious e-mail attachments
正解: B,C
質問 63
You have created a zones-based security policy that permits traffic to a specific webserver for the marketing team. Other groups in the company are not permitted to access the webserver. When marketing users attempt to access the server they are unable to do so.
What are two reasons for this access failure? (Choose two.)
- A. You failed to position the policy before the policy that denies access the webserver
- B. You failed to commit the policy change.
- C. You failed to change the source zone to include any source zone.
- D. You failed to position the policy after the policy that denies access to the webserver.
正解: A,B
質問 64
Which actions would be applied for the pre-ID default policy unified policies?
- A. Redirect the session
- B. Log the session
- C. Reject the session
- D. Silently drop the session
正解: B
質問 65
......
あなたを合格させるJuniper試験でJN0-231試験問題集:https://jp.fast2test.com/JN0-231-premium-file.html
JN0-231試験問題集PDF更新された問題集:https://drive.google.com/open?id=1asCq9g4-9KHBBg3PtqnV--Y9gmUfEddk