JN0-231ブレーン問題集リアル試験最新問題2022年10月05日には147問題
最新JN0-231のPDF問題集リアル無料テスト本日更新です
Juniper JN0-231 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
質問 29
When transit traffic matches a security policy, which three actions are available? (Choose three.)
- A. Allow
- B. Deny
- C. Discard
- D. Permit
- E. Reject
正解: B,D,E
質問 30
Which three actions would be performed on traffic traversing an IPsec VPAN? (Choose three.)
- A. Payload verification
- B. Authentication
- C. Deep inspection
- D. Port forwarding
- E. Encryption
正解: A,B,E
質問 31
What is an IP addressing requirement for an IPsec VPN using main mode?
- A. Both peers must have static IP addressing.
- B. One peer must have dynamic IP addressing.
- C. Both peers must have dynamic IP addresses.
- D. One peer must have static IP addressing.
正解: A
質問 32
Which statements is correct about SKY ATP?
- A. Sky ATP only support sending threat feeds to vSRX Series devices
- B. Sky ATP is a cloud-based security threat analyzer that performs multiple tasks
- C. Sky ATP is an open-source security solution.
- D. Sky ATP is used to automatically push out changes to the AppSecure suite.
正解: B
質問 33
Referring to the exhibit.
Users should not have access to Facebook, however, a recent examination of the logs security show that users are accessing Facebook.
what should you do to solve this problem?
- A. Change the Internet-Access rule from a zone policy to a global policy
- B. Move the Block-Facebook-Access rule from a zone policy to a global policy
- C. Change the source address for the Block-Facebook-Access rule to the prefix of the users
- D. Move the Block-Facebook-Access rule before the Internet-Access rule
正解: D
質問 34
Your ISP gives you an IP address of 203.0.113.0/27 and informs you that your default gateway is 203.0.113.1.
You configure destination NAT to your internal server, but the requests sent to the webserver at 203.0.113.5 are not arriving at the server.
In this scenario, which two configuration features need to be added? (Choose two.)
- A. UTM policy
- B. firewall filter
- C. proxy-ARP
- D. security policy
正解: C,D
質問 35
You want to automatically generate the encryption and authentication keys during IPsec VPN establishment.
What would be used to accomplish this task?
- A. Main mode
- B. Diffie_Hellman
- C. Aggregate mode
- D. IPsec
正解: B
質問 36
When configuring IPsec VPNs, setting a hash algorithm solves which security concern?
- A. Integrity
- B. Redundancy
- C. Encryption
- D. Availability
正解: A
質問 37
Which two segments describes IPsec VPNs? (Choose two.)
- A. IPsec VPN traffic is always encrypted.
- B. IPsec VPNs are dedicated physical connections between two private networks.
- C. IPsec VPN traffic is always authenticated.
- D. IPsec VPNs use security to secure traffic over a public network between two remote sites.
正解: C,D
質問 38
What information does the show chassis routing-engine command provide?
- A. chassis serial number
- B. resource utilization
- C. system version
- D. routing tables
正解: B
質問 39
Firewall filters define which type of security?
- A. Dynamic enforcement
- B. NGFW
- C. Stateful
- D. Stateless
正解: D
質問 40
Which statement is correct about packet mode processing?
- A. Packet mode is the basis for stateful processing.
- B. Packet mode works with NAT, VPNs, UTM, IDP, and other advanced security services.
- C. Packet mode enables session-based processing of incoming packets.
- D. Packet mode bypasses the flow module.
正解: D
質問 41
Which order is correct for Junos security devices that examine policies for transit traffic?
- A. default policies
zone policies
global policies - B. zone policies
global policies
default policies - C. default policies
global policies
zone policies - D. global policies
zone policies
default policies
正解: B
質問 42
Referring to the exhibit.
You have configured antispam to allow e-mail from example.com, however the logs you see that [email protected] is blocked What are two ways to solve this problem?
- A. Delete [email protected] from the profile antispam address blacklist
- B. Add [email protected] to the profile antispam address whitelist.
- C. Verify connectivity with the SBL server.
- D. Delete [email protected] from the profile antispam address whitelist
正解: A,B
質問 43
What are the valid actions for a source NAT rule in J-Web? (choose three.)
- A. interface
- B. On
- C. Pool
- D. Off
- E. Source
正解: A,C,D
質問 44
Click the Exhibit button
You have configured source ... Being received By the SRX series Which features must be configured
- A. Reverse static NAT
- B. Port Forwarding
- C. Proxy ARP
- D. Destination NAT
正解: C
質問 45
What must be enabled on an SRX Series device for the reporting engine to create reports?
- A. packet capture
- B. SNMP
- C. security logging
- D. system logging
正解: C
質問 46
Which statement about IPsec is correct?
- A. IPsec is a standards-based protocol.
- B. IPsec is used to provide data replication
- C. IPsec can provide encapsulation but not encryption
- D. IPsec can be used to transport native Layer 2 packets.
正解: A
質問 47
You are configuring an IPsec VPN tunnel between two location on your network. Each packet must be encrypted and authenticated.
Which protocol would satisfy these requirements?
- A. AH
- B. ESP
- C. SHA
- D. MD5
正解: B
質問 48
......
JN0-231問題集には100%厳密検証された問題と解答で合格保証もしくは全額返金:https://jp.fast2test.com/JN0-231-premium-file.html
合格させるJuniper JN0-231試験には練習テスト問題集豪華お試しセット:https://drive.google.com/open?id=1asCq9g4-9KHBBg3PtqnV--Y9gmUfEddk