JN0-231 Juniper Security Associate
(JNCIA-SEC) Exam Questions &
Answers12
Which of these about NAT is true? - ANSWERS-Source NAT translates the source IP address,
When multiple NAT rules have overlapping match conditions, the most specific rule is chosen
Which of these features are included with the free service level of Sky ATP? - ANSWERS-Inline
blocking, Scan executable file types
In the context of SRX Series devices, what services does fast-path processing skip? - ANSWERS-
services ALG, screens
Corporate security requests that you implement a policy to block all POP3 traffic from traversing
the Internet firewall. In this scenario, which security feature would you use to satisfy this
request? - ANSWERS-content filtering
What is the maximum number of address books that a security zone can use at a time? -
ANSWERS-Two
Which of these are service levels offered by Juniper Sky ATP? - ANSWERS-Free, Basic, Premium
You have downloaded the package "junos-srxme-19.1R1.6-domestic.tgz". Based on the naming
convention, which two things are true about this release? - ANSWERS-It is a standard release, It
supports strong encryption
What is the correct order for processing UTM traffic within the Junos flow module services? -
ANSWERS-interface I/O, security policy, TCP proxy, application proxy
, What is a type of security feed that Sky ATP provides to a vSRX Series device by default? -
ANSWERS-C&C feeds
Which Sky ATP security feed is provided to vSRX devices by default? - ANSWERS-Command and
Control feed
If you need to protect against malicious files that might be download through Web-based e-
mail, which Sky ATP protection mechanism should you use? - ANSWERS-HTTP file inspection
The vSRX is available for which two of the following hypervisors? - ANSWERS-KVM, Hyper-V
Which of these Sky ATP features require a premium or basic license? - ANSWERS-Threat Intel
feeds
Which order do Junos security devices examine policies for transit traffic? - ANSWERS-zone
policies, global policies, default policy
What match criteria does an SRX Series device's network processing unit (NPU) use to
determine if a flow already exists for a packet? - ANSWERS-source port, protocol, unique session
token number for a given zone and virtual router
Which of these can be used to protect against ransomware attacks? - ANSWERS-Sky ATP
Which of these actions is applied when the pre-id-default-policy options are applied to a
session? - ANSWERS-Session timeout value, along with the required mode of session logging is
applied
(JNCIA-SEC) Exam Questions &
Answers12
Which of these about NAT is true? - ANSWERS-Source NAT translates the source IP address,
When multiple NAT rules have overlapping match conditions, the most specific rule is chosen
Which of these features are included with the free service level of Sky ATP? - ANSWERS-Inline
blocking, Scan executable file types
In the context of SRX Series devices, what services does fast-path processing skip? - ANSWERS-
services ALG, screens
Corporate security requests that you implement a policy to block all POP3 traffic from traversing
the Internet firewall. In this scenario, which security feature would you use to satisfy this
request? - ANSWERS-content filtering
What is the maximum number of address books that a security zone can use at a time? -
ANSWERS-Two
Which of these are service levels offered by Juniper Sky ATP? - ANSWERS-Free, Basic, Premium
You have downloaded the package "junos-srxme-19.1R1.6-domestic.tgz". Based on the naming
convention, which two things are true about this release? - ANSWERS-It is a standard release, It
supports strong encryption
What is the correct order for processing UTM traffic within the Junos flow module services? -
ANSWERS-interface I/O, security policy, TCP proxy, application proxy
, What is a type of security feed that Sky ATP provides to a vSRX Series device by default? -
ANSWERS-C&C feeds
Which Sky ATP security feed is provided to vSRX devices by default? - ANSWERS-Command and
Control feed
If you need to protect against malicious files that might be download through Web-based e-
mail, which Sky ATP protection mechanism should you use? - ANSWERS-HTTP file inspection
The vSRX is available for which two of the following hypervisors? - ANSWERS-KVM, Hyper-V
Which of these Sky ATP features require a premium or basic license? - ANSWERS-Threat Intel
feeds
Which order do Junos security devices examine policies for transit traffic? - ANSWERS-zone
policies, global policies, default policy
What match criteria does an SRX Series device's network processing unit (NPU) use to
determine if a flow already exists for a packet? - ANSWERS-source port, protocol, unique session
token number for a given zone and virtual router
Which of these can be used to protect against ransomware attacks? - ANSWERS-Sky ATP
Which of these actions is applied when the pre-id-default-policy options are applied to a
session? - ANSWERS-Session timeout value, along with the required mode of session logging is
applied
