• Home
  • Articles
  • Prepare JN0-231 Exam Questions [2022] Recently Updated Questions [Q66-Q86]

Prepare JN0-231 Exam Questions [2022] Recently Updated Questions [Q66-Q86]

Share

Prepare JN0-231 Exam Questions [2022] Recently Updated Questions

Give push to your success with JN0-231 exam questions

NEW QUESTION 66
You are asked to configure your SRX Series device to block all traffic from certain countries. The solution must be automatically updated as IP prefixes become allocated to those certain countries.
Which Juniper ATP solution will accomplish this task?

  • A. unified security policies
  • B. C&C feed
  • C. Geo IP
  • D. IDP

Answer: C

 

NEW QUESTION 67
You have created a zones-based security policy that permits traffic to a specific webserver for the marketing team. Other groups in the company are not permitted to access the webserver. When marketing users attempt to access the server they are unable to do so.
What are two reasons for this access failure? (Choose two.)

  • A. You failed to position the policy after the policy that denies access to the webserver.
  • B. You failed to change the source zone to include any source zone.
  • C. You failed to commit the policy change.
  • D. You failed to position the policy before the policy that denies access the webserver

Answer: C,D

 

NEW QUESTION 68
Which three actions would be performed on traffic traversing an IPsec VPAN? (Choose three.)

  • A. Encryption
  • B. Payload verification
  • C. Deep inspection
  • D. Port forwarding
  • E. Authentication

Answer: A,B,E

 

NEW QUESTION 69
Which two statements are true about security policy actions? (Choose two.)

  • A. The deny action drops the traffic and sends a message to the source device.
  • B. The deny action silently drop the traffic.
  • C. The reject action silently drops the traffic.
  • D. The reject action drops the traffic and sends a message to the source device.

Answer: B,D

 

NEW QUESTION 70
Which two statements are correct about screens? (Choose two.)

  • A. Screens are processed on the flow module.
  • B. Screens process inbound packets.
  • C. Screens are processed on the routing engine.
  • D. Screens process outbound packets.

Answer: A,B

 

NEW QUESTION 71
What are three Junos UTM features? (Choose three.)

  • A. screens
  • B. Web filtering
  • C. IDP/IPS
  • D. antivirus
  • E. content filtering

Answer: B,D,E

 

NEW QUESTION 72
Which two match conditions would be used in both static NAT and destination NAT rule sets? (Choose two.)

  • A. Source zone
  • B. Destination interface
  • C. Source interface
  • D. Destination zone

Answer: A,B

 

NEW QUESTION 73
Referring to the exhibit.

You have configured antispam to allow e-mail from example.com, however the logs you see that [email protected] is blocked What are two ways to solve this problem?

Answer: A,D

 

NEW QUESTION 74
Which type of security policy protect restricted services from running on non-standard ports?

  • A. Application firewall
  • B. Sky ATP
  • C. IDP
  • D. antivirus

Answer: C

 

NEW QUESTION 75
Which UTM feature should you use to protect users from visiting certain blacklisted websites?

  • A. Content filtering
  • B. Web filtering
  • C. Antivirus
  • D. antispam

Answer: B

 

NEW QUESTION 76
Which two private cloud solution support vSRX devices? (Choose two.)

  • A. VMware Web Services (AWS)
  • B. Amazon Web Services (AWS)
  • C. Microsoft Azure
  • D. Contrail Cloud
  • E. VMware NSX

Answer: B,C

 

NEW QUESTION 77
Which management software supports metadata-based security policies that are ideal for cloud deployments?

  • A. J-Web
  • B. Sky Enterprise
  • C. Network Director
  • D. Security Director

Answer: D

 

NEW QUESTION 78
You are assigned a project to configure SRX Series devices to allow connections to your webservers. The webservers have a private IP address, and the packets must use NAT to be accessible from the Internet. The webservers must use the same address for both connections from the Internet and communication with update servers.
Which NAT type must be used to complete this project?

  • A. destination NAT
  • B. static NAT
  • C. source NAT
  • D. hairpin NAT

Answer: A

 

NEW QUESTION 79
What is the correct order in which interface names should be identified?

  • A. interface media type -> system slot number -> line card slot number -> port number
  • B. system slot number -> interface media type -> port number -> line card slot number
  • C. system slot number -> port number -> interface media type -> line card slot number
  • D. interface media type -> port number -> system slot number -> line card slot number

Answer: A

 

NEW QUESTION 80
Which statements about NAT are correct? (Choose two.)

  • A. When multiple NAT rules have overlapping match conditions, the rule listed first is chosen.
  • B. Source NAT translates the source port and destination IP address.
  • C. Source NAT translates the source IP address of packet.
  • D. When multiple NAT rules have overlapping match conditions, the most specific rule is chosen.

Answer: A,C

 

NEW QUESTION 81
Which two statements are correct about global security policies? (choose two)

  • A. Global based policies can reference the source zone
  • B. Global based policies can reference the destination zone
  • C. Global based policies must reference a dynamic application
  • D. Global based policies must reference the source and destination zones

Answer: A,B

 

NEW QUESTION 82
Which two statements are correct about security zones? (choose two)

  • A. Security zones use packet filters to prevent communication between management ports
  • B. Security zones use a stateful firewall to provide secure network connections
  • C. Security zones use security policies that enforce rules for the transit traffic
  • D. Security zones use address books to link username to IP addresses.

Answer: B,C

 

NEW QUESTION 83
Which two statements are correct about using global-based policies over zone-based policies? (Choose two.)

  • A. With global-based policies, you do not need to specify a destination address in the match criteria.
  • B. With global-based policies, you do not need to specify a destination zone in the match criteria.
  • C. With global-based policies, you do not need to specify a source zone in the match criteria.
  • D. With global-based policies, you do not need to specify a source address in the match criteria.

Answer: B,C

 

NEW QUESTION 84
Which two criteria should a zone-based security policy include? (Choose two.)

  • A. an action
  • B. a source port
  • C. zone context
  • D. a destination port

Answer: A,D

 

NEW QUESTION 85
When are Unified Threat Management services performed in a packet flow?

  • A. after network address translation
  • B. only during the first path process
  • C. before security policies are evaluated
  • D. as the packet enters an SRX Series device

Answer: A

 

NEW QUESTION 86
......

Get JN0-231 Actual Free Exam Q&As to Prepare Certification: https://www.realvce.com/JN0-231_free-dumps.html

JN0-231 100% Guarantee Download JN0-231 Exam PDF Q&A: https://drive.google.com/open?id=1sv1tVB6uncl23K3TRRDXrYCO5oKNPtqK

Related Articles

more
Juniper JN0-231 Certification Practice Exam

Our premium VCE file helps you pass exam 100% for sure. We serve every customer heart and soul. We guarantee No Helpful Full Refund.

Latest Real Exam VCE

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 RealVCE NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy