JN0-333 Online Practice Questions and Answers

Which two statements about security policy actions are true? (Choose two.)

A. The log action implies an accept action.

B. The log action requires an additional terminating action.

C. The count action implies an accept action.

D. The count action requires an additional terminating action.

Which statement is true about functional zones?

A. Functional zones are a collection of regulated transit network segments.

B. Functional zones provide a means of distinguishing groups of hosts and their resources from one another.

C. Functional zones are used for management.

D. Functional zones are the building blocks for security policies.

Which feature is used when you want to permit traffic on an SRX Series device only at specific times?

A. scheduler

B. pass-through authentication

C. ALGs

D. counters

Click the Exhibit button.

You are monitoring traffic, on your SRX300 that was configured using the factory default security parameters. You notice that the SRX300 is not blocking traffic between Host A and Host B as expected.

Referring to the exhibit, what is causing this issue?

A. Host B was not assigned to the Untrust zone.

B. You have not created address book entries for Host A and Host B.

C. The default policy has not been committed.

D. The default policy permits intrazone traffic within the Trust zone.

Which statement describes the function of screen options?

A. Screen options encrypt transit traffic in a tunnel.

B. Screen options protect against various attacks on traffic entering a security device.

C. Screen options translate a private address to a public address.

D. Screen options restrict or permit users individually or in a group.

What are two valid zones available on an SRX Series device? (Choose two.)

A. security zones

B. policy zones

C. transit zones

D. functional zones

Screens help prevent which three attack types? (Choose three.)

A. SYN flood

B. port scan

C. NTP amplification

D. ICMP fragmentation

E. SQL injection

Click the Exhibit button.

Referring to the exhibit, which statement is true?

A. TCP packets entering the interface are failing the TCP sequence check.

B. Packets entering the interface are being dropped due to a stateless filter.

C. Packets entering the interface are getting dropped because there is no route to the destination.

D. Packets entering the interface matching an ALG are getting dropped.

Which action will restrict SSH access to an SRX Series device from a specific IP address which is connected to a security zone named trust?

A. Implement a firewall filter on the security zone trust.

B. Implement a security policy from security zone junos-host to security zone trust.

C. Implement host-inbound-traffic system-services to allow SSH.

D. Implement a security policy from security zone trust to security zone junos-host.

What are the maximum number of supported interfaces on a vSRX hosted in a VMware environment?

A. 12

B. 3

C. 10

D. 4