JN0-231 Security-Associate (JNCIA-SEC) Questions and Answers

interface-based source NAT

pool-based NAT with address shifting

pool-based NAT with PAT

pool-based NAT without PAT

The remote gateway is configured automatically based on the local gateway settings.

RIP, OSPF, and BGP are supported under Routing mode.

The authentication method is pre-shared key or certificate based.

Privately routable IP addresses are required.

Screens process inbound packets.

Screens are processed on the routing engine.

Screens process outbound packets.

Screens are processed on the flow module.

40

60

50

10

Proxy IDs are used to configure traffic selectors.

Proxy IDs are optional for Phase 2 session establishment.

Proxy IDs must match for Phase 2 session establishment.

Proxy IDs default to 0.0.0.0/0 for policy-based VPNs.

Functional zones must have a user-defined name.

Functional zone cannot be referenced in security policies or pass transit traffic.

Multiple types of functional zones can be defined by the user.

Functional zones are used for out-of-band device management.

The total active time of the session.

The end-to-end data path that the packets are taking.

The IP address of the host that initiates the session.

The security policy name that is controlling the session.

ESP

IKE

AH

TCP

source NAT

destination NAT

static NAT

hairpin NAT

link mode

IP address

VLAN ID

link speed

Install a basic Juniper ATP license on the branch device.

Configure the juniper-atp user account on the branch device.

Register for a Juniper ATP account on https://sky.junipersecurity.net.

Execute the Juniper ATP script on the branch device.

Users cannot share security zones between routing instances.

Users can configure multiple security zones.

Users can share security zones between routing instances.

User-defined security zones do not apply to transit traffic.