Question 7 - Juniper JN0-231 Real Exam Questions [Jan 2026 Update]

Q: 7

Screens on an SRX Series device protect against which two types of threats? (Choose two.)

Options

Correct Answer:

A, B

Explanation

Juniper SRX Series screen options provide stateless packet filtering to protect against network-level threats before they are processed by security policies. Screens are specifically designed to mitigate reconnaissance and Denial-of-Service (DoS) attacks. The ICMP flood screen protects against DoS attacks by monitoring the rate of ICMP packets and taking action when a threshold is exceeded. The IP spoofing screen prevents an attacker from using a false source IP address by validating that a packet's source address is logical for the interface on which it was received.

Why Incorrect

C. zero-day outbreaks: Protection against unknown or zero-day exploits is a function of advanced security services like Intrusion Prevention Systems (IPS) or Juniper Advanced Threat Prevention (ATP), not screens.

D. malicious e-mail attachments: Detecting malicious attachments requires deep content inspection at the application layer, which is handled by Unified Threat Management (UTM) anti-virus features, not network-level screens.

References

1. Juniper Networks TechLibrary

"Understanding Screen Options": This document explicitly lists and describes the available screen protections on SRX Series devices. It details protections against DoS attacks (including ICMP Flood) and IP-based attacks (including IP Spoofing).

URL: https://www.juniper.net/documentation/us/en/software/junos/security-policies/topics/concept/security-screen-ids-understanding.html

2. Juniper Networks TechLibrary

"Example: Configuring Screen Options to Prevent DoS Attacks": This guide provides a configuration example for mitigating DoS attacks

specifically mentioning the icmp flood screen option.

URL: https://www.juniper.net/documentation/us/en/software/junos/security-policies/topics/example/security-screen-dos-attack-configuring.html

3. Juniper Networks TechLibrary

"Security Policies with UTM": This documentation describes the UTM features

including the anti-virus feature which scans traffic for malware in protocols like SMTP

IMAP

and POP3

demonstrating this is separate from screen functions.

URL: https://www.juniper.net/documentation/us/en/software/junos/utm/topics/concept/utm-security-policy-overview.html

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE