Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free Juniper JN0-232 Practice Exam with Questions & Answers | Set: 2

Questions 11

A new packet arrives on an interface on your SRX Series Firewall that is assigned to the trust security zone.

In this scenario, how does the SRX Series Firewall determine the egress security zone?

Options:
A.

by performing a session lookup

B.

by examining the destination port

C.

by performing a route lookup

D.

by examining the ingress security zone properties

Juniper JN0-232 Premium Access
Questions 12

Which two security features are applied in a security policy? (Choose two.)

Options:
A.

SSL proxy

B.

firewall authentication

C.

captive portal authentication

D.

MAC bypass

Questions 13

Referring to the exhibit, which two statements are correct about the traffic flow shown in the exhibit? (Choose two.)

JN0-232 Question 13

Options:
A.

There is no change to the original source IP address.

B.

The original destination IP address was translated to a new destination IP address.

C.

There is no change to the original destination IP address.

D.

The original source IP address was translated to a new source IP address.

Questions 14

What is the purpose of rate-limiting exception traffic in the Junos OS?

Options:
A.

to enhance the performance of the forwarding plane

B.

to simplify the configuration of network interfaces

C.

to prevent denial-of-service attacks on the Routing Engine

D.

to manage routing protocols and updates

Questions 15

Referring to the exhibit, the top table shows the source and destination IP addresses and also the source and destination ports of the incoming packet.

JN0-232 Question 15

The lower table represents the security policies from the trust zone to the untrust zone.

In this scenario, which two statements are correct? (Choose two.)

Options:
A.

The incoming packet is permitted by the HTTPS application.

B.

The incoming packet is permitted because it does not match any policy listed.

C.

The incoming packet is denied by the final security policy.

D.

The firewall processes security policies in a top-down manner.

Questions 16

Referring to the exhibit, which two statements are correct? (Choose two.)

JN0-232 Question 16

Options:
A.

This security policy is a zone-based security policy.

B.

This security policy uses a non-default inactivity timeout.

C.

This security policy permits HTTPS traffic.

D.

This security policy is the second security policy in the list.

Questions 17

You are asked to enable trace options to debug the packet flow.

In this scenario, which flag would you configure at the [edit security flow traceoptions] hierarchy?

Options:
A.

packet-dump

B.

general

C.

state

D.

basic-datapath

Questions 18

Which two statements are true about the NextGen Web Filtering (NGWF) feature on an SRX Series device? (Choose two.)

Options:
A.

The NGWF feature consults the Juniper cloud before consulting your local lists.

B.

The NGWF feature requires a license.

C.

The NGWF feature consults your local lists before consulting the Juniper cloud.

D.

The NGWF feature does not require a license.

Questions 19

Your company is acquiring a smaller company that uses the same private address range that your company currently uses in its North America division. You have a limited number of public IP addresses to use for the acquisition. You want to allow the new acquisition ' s users to connect to the existing services in North America.

Which two features would you enable on your SRX Series Firewall to accomplish this task? (Choose two.)

Options:
A.

IDP

B.

NAT

C.

BGP

D.

PAT

Questions 20

What is the purpose of a feature profile in a UTM configuration?

Options:
A.

It applies a UTM feature to a security policy.

B.

It applies a UTM feature to protocol traffic.

C.

It defines the operation of a specific UTM feature.

D.

It defines an object list.