JN0-230 Security, Associate (JNCIA-SEC) Exam
1. Which of the following is the primary function of a firewall?
A) To encrypt data
B) To filter network traffic
C) To monitor user activity
D) To detect malware
Correct Answer: B
Explanation: The primary function of a firewall is to filter network traffic based on
predetermined security rules, establishing a barrier between trusted and untrusted networks.
2. What type of firewall keeps track of the state of active connections and determines which
packets to allow through?
A) Stateless firewall
B) Application layer firewall
C) Stateful firewall
D) Packet-filtering firewall
Correct Answer: C
Explanation: A stateful firewall monitors the state of active connections and makes decisions
based on the context of the traffic, rather than just individual packets.
, JN0-230 Security, Associate (JNCIA-SEC) Exam
3. Which of the following is NOT a type of firewall?
A) Stateful firewall
B) Stateless firewall
C) Network intrusion detection system (NIDS)
D) Next-gen firewall
Correct Answer: C
Explanation: NIDS is not a firewall; it is a system designed to monitor traffic for suspicious
activity, while firewalls are designed to control traffic flow.
4. What is a key feature of a next-generation firewall (NGFW)?
A) Packet filtering
B) Layer 2 switching
C) Deep packet inspection
D) Basic stateful filtering
Correct Answer: C
, JN0-230 Security, Associate (JNCIA-SEC) Exam
Explanation: A next-generation firewall (NGFW) features deep packet inspection capabilities
that allow it to analyze the payload of packets for advanced threats and application-level
controls.
5. What is the purpose of Network Address Translation (NAT)?
A) To shorten transmission times
B) To hide internal IP addresses
C) To enforce access control policies
D) To analyze traffic patterns
Correct Answer: B
Explanation: NAT is used to hide internal IP addresses from the public network by translating
them to a single external IP address, enhancing security and privacy.
6. What type of VPN uses SSL/TLS for establishing secure connections?
A) IPsec VPN
B) MPLS VPN
C) SSL VPN
D) PPTP VPN
, JN0-230 Security, Associate (JNCIA-SEC) Exam
Correct Answer: C
Explanation: SSL VPN uses Secure Sockets Layer (SSL) or its successor, Transport Layer Security
(TLS), to create secure tunnels over the internet for private communication.
7. Which VPN type is typically used for site-to-site connections?
A) SSL VPN
B) Remote access VPN
C) IPsec VPN
D) L2TP VPN
Correct Answer: C
Explanation: IPsec VPN is commonly used for site-to-site connections, providing secure
encrypted communication between two networks over the internet.
8. In an Intrusion Detection System (IDS), which method identifies intrusions by comparing
traffic against known signatures?
A) Anomaly-based detection
B) Signature-based detection
C) Behavior-based detection
D) Policy-based detection
1. Which of the following is the primary function of a firewall?
A) To encrypt data
B) To filter network traffic
C) To monitor user activity
D) To detect malware
Correct Answer: B
Explanation: The primary function of a firewall is to filter network traffic based on
predetermined security rules, establishing a barrier between trusted and untrusted networks.
2. What type of firewall keeps track of the state of active connections and determines which
packets to allow through?
A) Stateless firewall
B) Application layer firewall
C) Stateful firewall
D) Packet-filtering firewall
Correct Answer: C
Explanation: A stateful firewall monitors the state of active connections and makes decisions
based on the context of the traffic, rather than just individual packets.
, JN0-230 Security, Associate (JNCIA-SEC) Exam
3. Which of the following is NOT a type of firewall?
A) Stateful firewall
B) Stateless firewall
C) Network intrusion detection system (NIDS)
D) Next-gen firewall
Correct Answer: C
Explanation: NIDS is not a firewall; it is a system designed to monitor traffic for suspicious
activity, while firewalls are designed to control traffic flow.
4. What is a key feature of a next-generation firewall (NGFW)?
A) Packet filtering
B) Layer 2 switching
C) Deep packet inspection
D) Basic stateful filtering
Correct Answer: C
, JN0-230 Security, Associate (JNCIA-SEC) Exam
Explanation: A next-generation firewall (NGFW) features deep packet inspection capabilities
that allow it to analyze the payload of packets for advanced threats and application-level
controls.
5. What is the purpose of Network Address Translation (NAT)?
A) To shorten transmission times
B) To hide internal IP addresses
C) To enforce access control policies
D) To analyze traffic patterns
Correct Answer: B
Explanation: NAT is used to hide internal IP addresses from the public network by translating
them to a single external IP address, enhancing security and privacy.
6. What type of VPN uses SSL/TLS for establishing secure connections?
A) IPsec VPN
B) MPLS VPN
C) SSL VPN
D) PPTP VPN
, JN0-230 Security, Associate (JNCIA-SEC) Exam
Correct Answer: C
Explanation: SSL VPN uses Secure Sockets Layer (SSL) or its successor, Transport Layer Security
(TLS), to create secure tunnels over the internet for private communication.
7. Which VPN type is typically used for site-to-site connections?
A) SSL VPN
B) Remote access VPN
C) IPsec VPN
D) L2TP VPN
Correct Answer: C
Explanation: IPsec VPN is commonly used for site-to-site connections, providing secure
encrypted communication between two networks over the internet.
8. In an Intrusion Detection System (IDS), which method identifies intrusions by comparing
traffic against known signatures?
A) Anomaly-based detection
B) Signature-based detection
C) Behavior-based detection
D) Policy-based detection
