Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

JN0-231 by Juniper - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

You are asked to verify that a license for AppSecure is installed on an SRX Series device.
In this scenario, which command will provide you with the required information?

A user@srx> show system license
B user@srx> show services accounting
C user@srx> show configuration system
D user@srx> show chassis firmware

Question 4

You are assigned a project to configure SRX Series devices to allow connections to your webservers. The webservers have a private IP address, and the packets must use NAT to be accessible from the Internet. You do not want the webservers to initiate connections with external update servers on the Internet using the same IP address as customers use to access them.
Which two NAT types must be used to complete this project? (Choose two.)

A static NAT
B hairpin NAT
C destination NAT
D source NAT

Question 5

Which two criteria should a zone-based security policy include? (Choose two.)

A a source port
B a destination port
C zone context
D an action

Question 6

You want to verify the peer before IPsec tunnel establishment.

What would be used as a final check in this scenario?

A traffic selector
B perfect forward secrecy
C st0 interfaces
D proxy ID

Question 7

You are creating Ipsec connections.
In this scenario, which two statements are correct about proxy IDs? (Choose two.)

A Proxy IDs are used to configure traffic selectors.
B Proxy IDs are optional for Phase 2 session establishment.
C Proxy IDs must match for Phase 2 session establishment.
D Proxy IDs default to 0.0.0.0/0 for policy-based VPNs.

Question 8

You want to enable the minimum Juniper ATP services on a branch SRX Series device.
In this scenario, what are two requirements to accomplish this task? (Choose two.)

A Install a basic Juniper ATP license on the branch device.
B Configure the juniper-atp user account on the branch device.
C Register for a Juniper ATP account on https://sky.junipersecurity.net.
D Execute the Juniper ATP script on the branch device.

Question 9

Which two statements are correct about the integrated user firewall feature? (Choose two.)

A It maps IP addresses to individual users.
B It supports IPv6 addresses.
C It allows tracking of non-Windows Active Directory users.
D It uses the LDAP protocol.

Question 10

The UTM features are performed during which process of the SRX Series device’s packet flow?

A security policies
B services
C zones
D screens

Question 11

You have an FTP server and a webserver on the inside of your network that you want to make available to users outside of the network. You are allocated a single public IP address.
In this scenario, which two NAT elements should you configure? (Choose two.)

A destination NAT
B NAT pool
C source NAT
D static NAT

Question 12

When are Unified Threat Management services performed in a packet flow?

A before security policies are evaluated
B as the packet enters an SRX Series device
C only during the first path process
D after network address translation

Question 13

What are the first two components processed as traffic enters an interface on an SRX Series device? (Choose two.)

A per-packet filter
B screens
C per-packet policer
D destination NAT

Question 14

An application firewall processes the first packet in a session for which the application has not yet been identified.

In this scenario, which action does the application firewall take on the packet?

A It allows the first packet.
B It denies the first packet and sends an error message to the user.
C It denies the first packet.
D It holds the first packet until the application is identified.

Question 15

Which Web filtering solution uses a direct Internet-based service for URL categorization?

A Juniper ATP Cloud
B Websense Redirect
C Juniper Enhanced Web Filtering
D local blocklist

Question 16

Which two statements are correct about IPsec security associations? (Choose two.)

A IPsec security associations are bidirectional.
B IPsec security associations are unidirectional.
C IPsec security associations are established during IKE Phase 1 negotiations.
D IPsec security associations are established during IKE Phase 2 negotiations.

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 4 • Questions 1-25 of 80

1 2 3 4

→

Know a question that should be here? Contribute to this exam

SRX Series devices have a maximum of how many rollback configurations?

A 40
B 60
C 50
D 10

Click the Exhibit button.

Referring to the exhibit, a user is placed in which hierarchy when the exit command is run?

Question Image

A [edit security policies from-zone trust to-zone dmz]user@vSRX-1#
B [edit]user@vSRX-1#
C [edit security policies]user@vSRX-1#
D user@vSRX-1>