JNCIA-SEC: Juniper Networks Certified Associate – Security (2021) — Question 56

Your ISP gives you an IP address of 203.0.113.0/27 and informs you that your default gateway is 203.0.113.1. You configure destination NAT to your internal server, but the requests sent to the webserver at 203.0.113.5 are not arriving at the server.
In this scenario, which two configuration features need to be added? (Choose two.)

Answer options

• A. firewall filter
• B. security policy
• C. proxy-ARP
• D. UTM policy

Correct answer: B, C

Explanation

The correct answer includes 'security policy' and 'proxy-ARP'. A security policy is essential for allowing traffic to pass through the firewall to the internal server, while proxy-ARP allows the router to respond to ARP requests on behalf of the web server, ensuring that the traffic reaches it. The other options, 'firewall filter' and 'UTM policy', do not directly address the issues of routing and ARP resolution needed in this scenario.