Rebirth Security - Associate (JNCIA-SEC) JN0-230 Test Engine

NEW QUESTION 1
Which statements about NAT are correct? (Choose two.)

• A. When multiple NAT rules have overlapping match conditions, the rule listed first is chosen.
• B. Source NAT translates the source port and destination IP address.
• C. Source NAT translates the source IP address of packet.
• D. When multiple NAT rules have overlapping match conditions, the most specific rule is chosen.

Answer: AC

NEW QUESTION 2
Which two feature on the SRX Series device are common across all Junos devices? (Choose two.)

• A. Stateless firewall filters
• B. UTM services
• C. The separation of control and forwarding planes
• D. screens

Answer: AC

NEW QUESTION 3
Which management software supports metadata-based security policies that are ideal for cloud deployments?

• A. Security Director
• B. J-Web
• C. Network Director
• D. Sky Enterprise

Answer: A

NEW QUESTION 4
Firewall filters define which type of security?

• A. Stateful
• B. Stateless
• C. NGFW
• D. Dynamic enforcement

Answer: B

NEW QUESTION 5
On an SRX Series device, how should you configure your IKE gateway if the remote endpoint is a branch office-using a dynamic IP address?

• A. Configure the IPsec policy to use MDS authentication.
• B. Configure the IKE policy to use aggressive mode.
• C. Configure the IPsec policy to use aggressive mode.
• D. Configure the IKE policy to use a static IP address

Answer: B

NEW QUESTION 6
Which two statements are true regarding zone-based security policies? (Choose two.)

• A. Zone-based policies must reference a source address in the match criteria.
• B. Zone-based policies must reference a URL category in the match criteria.
• C. Zone-based policies must reference a destination address in the match criteria
• D. Zone-based policies must reference a dynamic application in the match criteria.

Answer: AC

NEW QUESTION 7
You are configuring an IPsec VPN tunnel between two location on your network. Each packet must be encrypted and authenticated.
Which protocol would satisfy these requirements?

• A. MD5
• B. ESP
• C. AH
• D. SHA

Answer: B

NEW QUESTION 8
What are two characteristic of static NAT SRX Series devices? (Choose two.)

• A. Source and destination NAT rules take precedence over static NAT rules.
• B. A reverse mapping rule is automatically created for the source translation.
• C. Static NAT rule take precedence over source and destination NAT rules.
• D. Static rules cannot coexist with destination NAT rules on the same SRX Series device configuration.

Answer: BC

NEW QUESTION 9
You configure and applied several global policies and some of the policies have overlapping match criteria.

• A. In this scenario, how are these global policies applies?
• B. The first matched policy is the only policy applied.
• C. The most restrictive that matches is applied.
• D. The least restrictive policy that matches is applied.

Answer: A

NEW QUESTION 10
What should you configure if you want to translate private source IP address to a single public IP address?

• A. Source NAT
• B. Destination NAT
• C. Content filtering
• D. Security Director

Answer: A

NEW QUESTION 11
Which two actions are performed on an incoming packet matching an existing session? (Choose two.)

• A. Zone processing
• B. Security policy evolution
• C. Service ALG processing
• D. Screens processing

Answer: CD

NEW QUESTION 12
Which security object defines a source or destination IP address that is used for an employee Workstation?

• A. Zone
• B. Screen
• C. Address book entry
• D. scheduler

Answer: C

NEW QUESTION 13
You are designing a new security policy on an SRX Series device. You must block an application and log all occurrence of the application access attempts.
In this scenario, which two actions must be enabled in the security policy? (Choose two.)

• A. Log the session initiations
• B. Enable a reject action
• C. Log the session closures
• D. Enable a deny action

Answer: AD

NEW QUESTION 14
Which statements is correct about Junos security zones?

• A. User-defined security must contain at least one interface.
• B. Security policies are referenced within a user-defined security zone.
• C. Logical interface are added to user defined security zones
• D. User-defined security must contains the key word ‘’zone’’

Answer: C

NEW QUESTION 15
Which statement about IPsec is correct?

• A. IPsec can provide encryption but not data integrity.
• B. IPsec support packet fragmentation by intermediary devices.
• C. IPsec support both tunnel and transport modes.
• D. IPsec must use certificates to provide data encryption

Answer: C

NEW QUESTION 16
What is the purpose of the Shadow Policies workspace in J-Web?

• A. The Shadow Policies workspace shows unused security policies due to policy overlap.
• B. The Shadow Policies workspace shows unused IPS policies due to policy overlap.
• C. The Shadow Policies workspace shows used security policies due to policy overlap
• D. The Shadow Policies workspace shows used IPS policies due to policy overlap

Answer: A

NEW QUESTION 17
Which security feature is applied to traffic on an SRX Series device when the device is running n packet mode?

• A. Sky ATP
• B. ALGs
• C. Firewall filters
• D. Unified policies

Answer: C

NEW QUESTION 18
You want to generate reports from the l-Web on an SRX Series device. Which logging mode would you use in this scenario?

• A. Syslog
• B. Stream
• C. Event
• D. local

Answer: B

NEW QUESTION 19
The free licensing model for Sky ATP includes which features? (Choose two.)

• A. C& C feeds
• B. Infected host blocking
• C. Executable file inspection
• D. Compromised endpoint dashboard

Answer: BC

NEW QUESTION 20
Which UTM feature should you use to protect users from visiting certain blacklisted websites?

• A. Content filtering
• B. Web filtering
• C. Antivirus
• D. antispam

Answer: B

NEW QUESTION 21
......