Security, Associate (JNCIA-SEC) v1.0

Page:    1 / 7   
Exam contains 102 questions
Expand All

You are assigned a project to configure SRX Series devices to allow connections to your webservers. The webservers have a private IP address, and the packets must use NAT to be accessible from the Internet. The webservers must use the same address for both connections from the Internet and communication with update servers.
Which NAT type must be used to complete this project?

  • A. source NAT
  • B. destination NAT
  • C. static NAT
  • D. hairpin NAT


Answer : B

Which two user authentication methods are supported when using a Juniper Secure Connect VPN? (Choose two.)

  • A. certificate-based
  • B. multi-factor authentication
  • C. local authentication
  • D. active directory


Answer : AC

Click the Exhibit button.

Which two statements are correct about the partial policies shown in the exhibit? (Choose two.)

  • A. UDP traffic matched by the deny-all policy will be silently dropped.
  • B. TCP traffic matched by the reject-all policy will have a TCP RST sent.
  • C. TCP traffic matched from the zone trust is allowed by the permit-all policy.
  • D. UDP traffic matched by the reject-all policy will be silently dropped.


Answer : AB

You are monitoring an SRX Series device that has the factory-default configuration applied.
In this scenario, where are log messages sent by default?

  • A. Junos Space Log Director
  • B. Junos Space Security Director
  • C. to a local syslog server on the management network
  • D. to a local log file named messages


Answer : C

When transit traffic matches a security policy, which three actions are available? (Choose three.)

  • A. Allow
  • B. Discard
  • C. Deny
  • D. Reject
  • E. Permit


Answer : CDE

Which two services does Juniper Connected Security provide? (Choose two.)

  • A. protection against zero-day threats
  • B. IPsec VPNs
  • C. Layer 2 VPN tunnels
  • D. inline malware blocking


Answer : AD

You are creating Ipsec connections.
In this scenario, which two statements are correct about proxy IDs? (Choose two.)

  • A. Proxy IDs are used to configure traffic selectors.
  • B. Proxy IDs are optional for Phase 2 session establishment.
  • C. Proxy IDs must match for Phase 2 session establishment.
  • D. Proxy IDs default to 0.0.0.0/0 for policy-based VPNs.


Answer : AB

Which two components are configured for host inbound traffic? (Choose two.)

  • A. zone
  • B. logical interface
  • C. physical interface
  • D. routing instance


Answer : AB

Which two security features inspect traffic at Layer 7? (Choose two.)

  • A. IPS/IDP
  • B. security zones
  • C. application firewall
  • D. integrated user firewall


Answer : AC

Which two UTM features should be used for tracking productivity and corporate user behavior? (Choose two.)

  • A. the content filtering UTM feature
  • B. the antivirus UTM feature
  • C. the Web filtering UTM feature
  • D. the antispam UTM feature


Answer : AC

What is the order in which malware is detected and analyzed?

  • A. antivirus scanning –> cache lookup –> dynamic analysis –> static analysis
  • B. cache lookup –> antivirus scanning –> static analysis –> dynamic analysis
  • C. antivirus scanning –> cache lookup –> static analysis –> dynamic analysis
  • D. cache lookup –> static analysis –> dynamic analysis –> antivirus scanning


Answer : B

What are two valid address books? (Choose two.)

  • A. 66.129.239.128/25
  • B. 66.129.239.154/24
  • C. 66.129.239.0/24
  • D. 66.129.239.50/25


Answer : BD

What is the order of the first path packet processing when a packet enters a device?

  • A. security policies –> screens –> zones
  • B. screens –> security policies –> zones
  • C. screens –> zones –> security policies
  • D. security policies –> zones –> screens


Answer : C

Which two components are part of a security zone? (Choose two.)

  • A. inet.0
  • B. fxp0
  • C. address book
  • D. ge-0/0/0.0


Answer : BD

Which statement is correct about packet mode processing?

  • A. Packet mode enables session-based processing of incoming packets.
  • B. Packet mode works with NAT, VPNs, UTM, IDP, and other advanced security services.
  • C. Packet mode bypasses the flow module.
  • D. Packet mode is the basis for stateful processing.


Answer : C

Page:    1 / 7   
Exam contains 102 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy