Free JN0-232 Practice Test Questions | Know You're Ready for Security, Associate (JNCIA-SEC)

What are two system-defined zones created on the SRX Series Firewalls? (Choose two.)

A. null

B. junos-host

C. management

D. DMZ

Which two statements about management functional zones are correct? (Choose two.)

A. The management functional zone is used to control the management-related traffic that is allowed to access your device.

B. The management functional zone contains all available revenue ports until they are assigned to a user-defined security zone.

C. The management functional zone is automatically created on the SRX Series Firewalls.

D. The management functional zone cannot be referenced in any security policies.

You need to capture control plane traffic on a high-end SRX Series device. How would you accomplish this task?

A. Configure a packet capture under the edit security datapath-debug capture hierarchy.

B. Apply a firewall filter matching the desired traffic using the sample action.

C. Start a shell then use the tcpdump tool.

D. Apply a port mirroring configuration under the edit forwarding options hierarchy.

What are two ways that an SRX Series device identifies content? (Choose two.)

A. It identifies and inspects the file extension of each file.

B. It uses AppID.

C. It identifies file types in HTTP, FTP, and e-mail protocols.

D. It uses ALGs.

Click the Exhibit button.

Which two statements are correct about the content filter shown in the exhibit? (Choose two.)

A. exe files will not be allowed to be uploaded over HTTP.

B. .exe files will not be allowed to be downloaded over HTTP.

C. There will be a notice added to the SRX log file about the file being blocked.

D. There will be an e-mail sent to the user about why the SRX is blocking the file.

Which two statements about destination NAT are correct? (Choose two.)

A. Destination NAT enables hosts on a private network to access resources on the Internet.

B. SRX Series Firewalls support interface-based destination NAT.

C. Destination NAT enables hosts on the Internet to access resources on a private network.

D. SRX Series Firewalls support pool-based destination NAT.

Click the Exhibit button.

Which type of policy is shown in the exhibit?

A. global policy

B. inter-zone policy

C. intra-zone policy

D. default policy

Which two statements are correct about the processing of NAT rules within a rule set? (Choose two.)

A. NAT rule processing processes all rules.

B. NAT rule processing stops at the first match.

C. NAT rules are processed from top to bottom.

D. NAT rules are processed from bottom to top.