Before you write the Juniper JNCIA Security (JN0-231) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Juniper Networks Certified Associate Security (JNCIA-SEC) sample questions and demo exam help you in removing these doubts and prepare you to take the test.
The best approach to pass your Juniper JN0-231 exam is to challenge and improve your knowledge. To test your learning and identify improvement areas with actual exam format, we suggest you practice with Premium Juniper JN0-231 Certification Practice Exam. The practice test is one of the most important elements of your Juniper Security Associate (JNCIA-SEC) exam study strategy to discover your strengths and weaknesses, to improve your time management skills and to get an idea of the score you can expect.
Juniper JN0-231 (JNCIA-SEC) Sample Questions:
01. If you need to protect against malicious files that might be download through Web-based e-mail, which Sky ATP protection mechanism should you use?
a) SMTP file inspection
b) IMAP file inspection
c) POP3 file inspection
d) HTTP file inspection
02. Which of the following are supported Mini-Physical Interface Modules (Mini-PIMs) on an SRX Series Services Gateways?
(Choose three.)
a) DOCSIS
b) 8-Port Gigabit Ethernet SFP XPIM
c) 1-Port Gigabit Ethernet PoE
d) Serial
e) 1-Port Gigabit Ethernet Small Form-Factor Pluggable (SFP)
03. The vSRX is available for which two of the following hypervisors?
(Choose two.)
a) Hyper-V
b) Xen
c) OpenVZ
d) KVM
04. You are configuring an SRX Series device to inter-operate with a third-party IPsec VPN endpoint that uses policies to create the VPN.
In this scenario, what must be configured for the VPN to work?
a) perfect forward secrecy
b) VPN monitoring
c) re-keying
d) proxy IDs
05. What match criteria does an SRX Series device’s network processing unit (NPU) use to determine if a flow already exists for a packet?
(Choose three.)
a) MAC address
b) inbound interface
c) source port
d) unique session token number for a given zone and virtual router
e) protocol
06. After a packet is not able to be matched to an existing session, what is the next service to inspect the packet?
a) screens
b) zones
c) policy
d) static NAT
07. When traffic has met match criteria, what options are available to be performed on the traffic?
(Choose three.)
a) permit
b) reject
c) deny
d) discard
e) redirect
08. In the context of SRX Series devices, what services does fast-path processing skip?
(Choose two.)
a) zones
b) screens
c) services ALG
d) policy
09. When does a Junos security device implement NAT?
a) first path processing only
b) fast path processing only
c) both first path and fast path processing
d) neither first path nor fast path processing
10. Which order do Junos security devices examine policies for transit traffic?
a) default policy, zone policies, global policies
b) zone policies, global policies, default policy
c) global policies, zone policies, default policy
d) default policy, global policies, zone policies
Solutions:
|
Question: 01
Answer: d
|
Question: 02
Answer: a, d, e
|
Question: 03
Answer: a, d
|
Question: 04
Answer: d
|
Question: 05
Answer: c, d, e
|
|
Question: 06
Answer: a
|
Question: 07
Answer: a, b, c
|
Question: 08
Answer: a, d
|
Question: 09
Answer: c
|
Question: 10
Answer: b
|
Note: If you find any error in these Juniper Security Associate (JNCIA-SEC) sample questions, you can update us by write an email on feedback@nwexam.com.
