Download Juniper.JN0-231.CertDumps.2023-11-10.129q.tqb
| Vendor: | Juniper |
| Exam Code: | JN0-231 |
| Exam Name: | Security, Associate |
| Date: | Nov 10, 2023 |
| File Size: | 1 MB |
Demo Questions
Question 1
Which of these about security zones is true?
- Logical interfaces can only be added to user-defined security zones
- A security zone must contain at least one interface
- An interface can belong to multiple security zones
- A security zone can only contain one interface
Correct answer: A
Explanation:
A security zone can contain multiple interfaces. A security zone may contain no interfaces. An interface can only belong to one security zone. Logical interfaces cannot be added to system-defined security zones, they must be added to userdefined security zones. Further reading - https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-zone-configuration.html A security zone can contain multiple interfaces.
A security zone may contain no interfaces.
An interface can only belong to one security zone.
Logical interfaces cannot be added to system-defined security zones, they must be added to userdefined security zones.
Further reading -
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-zone-configuration.html
Question 2
SSH service has been correctly configured on an SRX device. However, administrators are unable to connect using SSH on the revenue ports.
Which of these can be configured to solve this problem?
- Allow SSH traffic as host inbound traffic on the incoming security zone
- Configure an IDP policy to allow SSH traffic
- Configure a global policy to allow SSH traffic
- Configure a security policy to allow SSH traffic
Correct answer: A
Explanation:
Host inbound traffic controls traffic that is destined for the Junos device itself. SSH traffic terminates on the device itself and must be allowed as host inbound traffic. Further reading - https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/security-edit-host-inbound-traffic.html Host inbound traffic controls traffic that is destined for the Junos device itself. SSH traffic terminates on the device itself and must be allowed as host inbound traffic.
Further reading -
https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/security-edit-host-inbound-traffic.html
Question 3
Which of these is a common designation for management interfaces on the Junos platform?
- lo0
- mgmt-0/0/0
- ge-0/0/0
- fxp0
Correct answer: D
Explanation:
Management interfaces are the primary interfaces for accessing the device remotely. Typically, a management interface is not connected to the in-band network, but is connected instead to the device's internal network. Through a management interface you can access the device over the network using utilities such as ssh and telnet and configure the device from anywhere, regardless of its physical location. Most of SRX Series devices contain an fxp0 interface. Further reading - https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-chassis-cluster-management-interfaces.html Management interfaces are the primary interfaces for accessing the device remotely. Typically, a management interface is not connected to the in-band network, but is connected instead to the device's internal network. Through a management interface you can access the device over the network using utilities such as ssh and telnet and configure the device from anywhere, regardless of its physical location.
Most of SRX Series devices contain an fxp0 interface.
Further reading -
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-chassis-cluster-management-interfaces.html
