New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Juniper > JNCIS-SEC > JN0-335

JN0-335 Security, Specialist (JNCIS-SEC) Question and Answers

Question # 4

Exhibit

Referring to the exhibit, what do you determine about the status of the cluster.

A.

Both nodes determine that they are in a primary state.

B.

Node 1 is down

C.

Node 2 is down.

D.

There are no issues with the cluster.

Full Access
Question # 5

Which two statements about SRX Series device chassis clusters are correct? (Choose two.)

A.

The chassis cluster data plane is connected with revenue ports.

B.

The chassis cluster can contain a maximum of three devices.

C.

The chassis cluster data plane is connected with SPC ports.

D.

The chassis cluster can contain a maximum of two devices.

Full Access
Question # 6

Which solution enables you to create security policies that include user and group information?

A.

JIMS

B.

ATP Appliance

C.

Network Director

D.

NETCONF

Full Access
Question # 7

You are implementing an SRX Series device at a branch office that has low bandwidth and also uses a cloud-based VoIP solution with an outbound policy that permits all traffic.

Which service would you implement at your edge device to prioritize VoIP traffic in this scenario?

A.

AppFW

B.

SIP ALG

C.

AppQoE

D.

AppQoS

Full Access
Question # 8

Which two statements are true about Juniper ATP Cloud? (Choose two.)

A.

Juniper ATP Cloud only uses one antivirus software package to analyze files.

B.

Juniper ATP Cloud uses multiple antivirus software packages to analyze files.

C.

Juniper ATP Cloud uses antivirus software packages to protect against zero-day threats.

D.

Juniper ATP Cloud does not use antivirus software packages to protect against zero-day threats.

Full Access
Question # 9

You are asked to find systems running applications that increase the risks on your network. You must ensure these systems are processed through IPS and Juniper ATP Cloud for malware and virus protection.

Which Juniper Networks solution will accomplish this task?

A.

JIMS

B.

Encrypted Traffic Insights

C.

UTM

D.

Adaptive Threat Profiling

Full Access
Question # 10

You are preparing a proposal for a new customer who has submitted the following requirements for a vSRX deployment:

-- globally distributed,

-- rapid provisioning,

-- scale based on demand,

-- and low CapEx.

Which solution satisfies these requirements?

A.

AWS

B.

Network Director

C.

Juniper ATP Cloud

D.

VMWare ESXi

Full Access
Question # 11

Exhibit

You are asked to ensure that servers running the Ubuntu OS will not be able to update automatically by blocking their access at the SRX firewall. You have configured a unified security policy named Blockuburrtu, but it is not blocking the updates to the OS.

Referring to the exhibit which statement will block the Ubuntu OS updates?

A.

Move the Blockubuntu policy after the Allowweb policy.

B.

Configure the Blockubuntu policy with the junos-https application parameter.

C.

Change the default policy to permit-all.

D.

Configure the Allowweb policy to have a dynamic application of any.

Full Access
Question # 12

How does the SSL proxy detect if encryption is being used?

A.

It uses application identity services.

B.

It verifies the length of the packet

C.

It queries the client device.

D.

It looks at the destination port number.

Full Access
Question # 13

After JSA receives external events and flows, which two steps occur? (Choose two.)

A.

After formatting the data, the data is stored in an asset database.

B.

Before formatting the data, the data is analyzed for relevant information.

C.

Before the information is filtered, the information is formatted

D.

After the information is filtered, JSA responds with active measures

Full Access
Question # 14

You are asked to implement IPS on your SRX Series device.

In this scenario, which two tasks must be completed before a configuration will work? (Choose two.)

A.

Download the IPS signature database.

B.

Enroll the SRX Series device with Juniper ATP Cloud.

C.

Install the IPS signature database.

D.

Reboot the SRX Series device.

Full Access
Question # 15

Your company is using the Juniper ATP Cloud free model. The current inspection profile is set at 10 MB You are asked to configure ATP Cloud so that executable files up to 30 MB can be scanned while at the same time minimizing the change in scan time for other file types.

Which configuration should you use in this scenario?

A.

Use the CLI to create a custom profile and increase the scan limit.

B.

Use the ATP Cloud Ul to change the default profile to increase the scan limit for all files to 30 MB.

C.

Use the CLI to change the default profile to increase the scan limit for all files to 30 MB.

D.

Use the ATP Cloud Ul to update a custom profile and increase the scan limit for executable files to 30 MB.

Full Access
Question # 16

Which two statements are correct about the cSRX? (Choose two.)

A.

The cSRX supports firewall, NAT, IPS, and UTM services.

B.

The cSRX only supports Layer 2 "bump-in-the-wire" deployments.

C.

The cSRX supports BGP, OSPF. and IS-IS routing services.

D.

The cSRX has three default zones: trust, untrust, and management

Full Access
Question # 17

Exhibit

Referring to the exhibit which statement is true?

A.

SSL proxy functions will ignore the session.

B.

SSL proxy leverages post-match results.

C.

SSL proxy must wait for return traffic for the final match to occur.

D.

SSL proxy leverages pre-match result

Full Access
Question # 18

You enable chassis clustering on two devices and assign a cluster ID and a node ID to each device.

In this scenario, what is the correct order for rebooting the devices?

A.

Reboot the secondary device, then the primary device.

B.

Reboot only the secondary device since the primary will assign itself the correct cluster and node ID.

C.

Reboot the primary device, then the secondary device.

D.

Reboot only the primary device since the secondary will assign itself the correct cluster and node ID.

Full Access
Question # 19

Which two statements are correct about JSA data collection? (Choose two.)

A.

The Event Collector collects information using BGP FlowSpec.

B.

The Flow Collector can use statistical sampling

C.

The Flow Collector parses logs.

D.

The Event Collector parses logs

Full Access
Question # 20

Which two statements about SRX chassis clustering are correct? (Choose two.)

A.

SRX chassis clustering supports active/passive and active/active for the data plane.

B.

SRX chassis clustering only supports active/passive for the data plane.

C.

SRX chassis clustering supports active/passive for the control plane.

D.

SRX chassis clustering supports active/active for the control plane.

Full Access
Question # 21

Which two statements are correct about the fab interface in a chassis cluster? (Choose two.)

A.

Real-time objects (RTOs) are exchanged on the fab interface to maintain session synchronization.

B.

In an active/active configuration, inter-chassis transit traffic is sent over the fab interface.

C.

The fab interface enables configuration synchronization.

D.

Heartbeat signals sent on the fab interface monitor the health of the control plane link.

Full Access
Question # 22

Exhibit

You just finished setting up your command-and-control (C&C) category with Juniper ATP Cloud. You notice that all of the feeds have zero objects in them.

Which statement is correct in this scenario?

A.

The security intelligence policy must be configured; on a unified security policy

B.

Use the commit full command to start the download.

C.

No action is required, the feeds take a few minutes to download.

D.

Set the maximum C&C entries within the Juniper ATP Cloud GUI.

Full Access
Question # 23

You are configuring logging for a security policy.

In this scenario, in which two situations would log entries be generated? (Choose two.)

A.

every 10 minutes

B.

at session initialization

C.

every 60 seconds

D.

at session close

Full Access
Question # 24

Which two statements about SRX Series device chassis clusters are true? (Choose two.)

A.

Redundancy group 0 is only active on the cluster backup node.

B.

Each chassis cluster member requires a unique cluster ID value.

C.

Each chassis cluster member device can host active redundancy groups

D.

Chassis cluster member devices must be the same model.

Full Access
Question # 25

Which statement regarding Juniper Identity Management Service (JIMS) domain PC probes is true?

A.

JIMS domain PC probes analyze domain controller security event logs at60-mmute intervals by default.

B.

JIMS domain PC probes are triggered if no username to IP address mapping is found in the domain security event log.

C.

JIMS domain PC probes are triggered to map usernames to group membership information.

D.

JIMS domain PC probes are initiated by an SRX Series device to verify authentication table information.

Full Access
Question # 26

Which two sources are used by Juniper Identity Management Service (JIMS) for collecting username and device IP addresses? (Choose two.)

A.

Microsoft Exchange Server event logs

B.

DNS

C.

Active Directory domain controller event logs

D.

OpenLDAP service ports

Full Access
Question # 27

You are asked to ensure that if the session table on your SRX Series device gets close to exhausting its resources, that you enforce a more aggress.ve age-out of existing flows.

In this scenario, which two statements are correct? (Choose two.)

A.

The early-ageout configuration specifies the timeout value, in seconds, that will be applied once the low-watermark value is met.

B.

The early-ageout configuration specifies the timeout value, in seconds, that will be applied once the high-watermark value is met.

C.

The high-watermark configuration specifies the percentage of how much of the session table is left before disabling a more aggressive age- out timer.

D.

The high-watermark configuration specifies the percentage of how much of the session table can be allocated before applying a more aggressive age-out timer

Full Access
Question # 28

Which statement defines the function of an Application Layer Gateway (ALG)?

A.

The ALG uses software processes for permitting or disallowing specific IP address ranges.

B.

The ALG uses software that is used by a single TCP session using the same port numbers as the application.

C.

The ALG contains protocols that use one application session for each TCP session.

D.

The ALG uses software processes for managing specific protocols.

Full Access
Question # 29

Which sequence does an SRX Series device use when implementing stateful session security policies using Layer 3 routes?

A.

An SRX Series device will perform a security policy search before conducting a longest-match Layer 3 route table lookup.

B.

An SRX Series device performs a security policy search before implementing an ALG security check on the longest-match Layer 3 route.

C.

An SRX Series device will conduct a longest-match Layer 3 route table lookup before performing a security policy search.

D.

An SRX Series device conducts an ALG security check on the longest-match route before performing a security policy search.

Full Access