Practice Free JN0-232 Exam Online Questions
Which statement about NAT is correct?
- A . Destination NAT takes precedence over static NAT.
- B . Source NAT is processed before security policy lookup.
- C . Static NAT is processed after forwarding lookup.
- D . Static NAT takes precedence over destination NAT.
Which statement about global NAT address persistence is correct?
- A . The same IP address from a source NAT pool will be assigned for all sessions from a given host.
- B . The same IP address from a source NAT pool is not guaranteed to be assigned for all sessions from a given host.
- C . The same IP address from a destination NAT pool will be assigned for all sessions for a given host.
- D . The same IP address from a destination NAT pool is not guaranteed to be assigned for all sessions for a given host.
A
Explanation:
Use the persistent-nat feature to ensure that all requests from the same internal transport address are mapped to the same reflexive transport address (the public IP address and port created by the NAT device closest to the STUN server). The source NAT rule action can use a source NAT pool (with or without port translation) or an egress interface.
Which two IKE Phase 1 configuration options must match on both peers to successfully establish a tunnel? (Choose two.)
- A . VPN name
- B . gateway interfaces
- C . IKE mode
- D . Diffie-Hellman group
Which Juniper ATP feed provides a dynamic list of known botnet servers and known sources of malware downloads?
- A . infected host cloud feed
- B . Geo IP feed
- C . C&C cloud feed
- D . blocklist feed
When configuring antispam, where do you apply any local lists that are configured?
- A . custom objects
- B . advanced security policy
- C . antispam feature-profile
- D . antispam UTM policy
A
Explanation:
user@host# set security utm custom-objects url-pattern url-pattern-name https://www.juniper.net/documentation/us/en/software/junos/utm/topics/topic-map/security-local-list-antispam-filtering.html
What are three Junos UTM features? (Choose three.)
- A . screens
- B . antivirus
- C . Web filtering
- D . IDP/IPS
- E . content filtering
You are asked to verify that a license for AppSecure is installed on an SRX Series device.
In this scenario, which command will provide you with the required information?
- A . user@srx> show system license
- B . user@srx> show services accounting
- C . user@srx> show configuration system
- D . user@srx> show chassis firmware
You want to provide remote access to an internal development environment for 10 remote developers.
Which two components are required to implement Juniper Secure Connect to satisfy this requirement? (Choose two.)
- A . an additional license for an SRX Series device
- B . Juniper Secure Connect client software
- C . an SRX Series device with an SPC3 services card
- D . Marvis virtual network assistant
Which two traffic types are considered exception traffic and require some form of special handling by the PFE? (Choose two.)
- A . SSH sessions
- B . ICMP reply messages
- C . HTTP sessions
- D . traceroute packets
What is an IP addressing requirement for an IPsec VPN using main mode?
- A . One peer must have dynamic IP addressing.
- B . One peer must have static IP addressing.
- C . Both peers must have dynamic IP addresses.
- D . Both peers must have static IP addressing.