New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

JN0-335 Security, Specialist (JNCIS-SEC) Questions and Answers

Questions 4

You want to control when cluster failovers occur.

In this scenario, which two specific parameters would you configure on an SRX Series device? (Choose two.)

Options:

A.

hearcbeac-interval

B.

heartbeac-address

C.

hearcbeat-cos

D.

hearcbeac-chreshold

Buy Now
Questions 5

Which two statements are true about the vSRX? (Choose two.)

Options:

A.

It does not have VMXNET3 vNIC support.

B.

It has VMXNET3 vNIC support.

C.

UNIX is the base OS.

D.

Linux is the base OS.

Buy Now
Questions 6

Which two statements are true about the fab interface in a chassis cluster? (Choose two.)

Options:

A.

The fab link does not support fragmentation.

B.

The physical interface for the fab link must be specified in the configuration.

C.

The fab link supports traditional interface features.

D.

The Junos OS supports only one fab link.

Buy Now
Questions 7

Which two statements are true about mixing traditional and unified security policies? (Choose two.)

Options:

A.

When a packet matches a unified security policy, the evaluation process terminates

B.

Traditional security policies must come before unified security policies

C.

Unified security policies must come before traditional security policies

D.

When a packet matches a traditional security policy, the evaluation process terminates

Buy Now
Questions 8

Exhibit

Using the information from the exhibit, which statement is correct?

Options:

A.

Redundancy group 1 is in an ineligible state.

B.

Node1 is the active node for the control plane

C.

There are no issues with the cluster.

D.

Redundancy group 0 is in an ineligible state.

Buy Now
Questions 9

Which solution enables you to create security policies that include user and group information?

Options:

A.

JIMS

B.

ATP Appliance

C.

Network Director

D.

NETCONF

Buy Now
Questions 10

Which two devices would you use for DDoS protection with Policy Enforcer? (Choose two.)

Options:

A.

vQFX

B.

MX

C.

vMX

D.

QFX

Buy Now
Questions 11

Which two types of SSL proxy are available on SRX Series devices? (Choose two.)

Options:

A.

Web proxy

B.

client-protection

C.

server-protection

D.

DNS proxy

Buy Now
Questions 12

You need to deploy an SRX Series device in your virtual environment.

In this scenario, what are two benefits of using a CSRX? (Choose two.)

Options:

A.

The cSRX supports Layer 2 and Layer 3 deployments.

B.

The cSRX default configuration contains three default zones: trust, untrust, and management.

C.

The cSRX supports firewall, NAT, IPS, and UTM services.

D.

The cSRX has low memory requirements.

Buy Now
Questions 13

Which statement defines the function of an Application Layer Gateway (ALG)?

Options:

A.

The ALG uses software processes for permitting or disallowing specific IP address ranges.

B.

The ALG uses software that is used by a single TCP session using the same port numbers as the application.

C.

The ALG contains protocols that use one application session for each TCP session.

D.

The ALG uses software processes for managing specific protocols.

Buy Now
Questions 14

You are asked to create an IPS-exempt rule base to eliminate false positives from happening.

Which two configuration parameters are available to exclude traffic from being examined? (Choose two.)

Options:

A.

source port

B.

source IP address

C.

destination IP address

D.

destination port

Buy Now
Questions 15

Exhibit

Referring to the exhibit, what do you determine about the status of the cluster.

Options:

A.

Both nodes determine that they are in a primary state.

B.

Node 1 is down

C.

Node 2 is down.

D.

There are no issues with the cluster.

Buy Now
Questions 16

You are configuring logging for a security policy.

In this scenario, in which two situations would log entries be generated? (Choose two.)

Options:

A.

every 10 minutes

B.

at session initialization

C.

every 60 seconds

D.

at session close

Buy Now
Questions 17

On which three Hypervisors is vSRX supported? (Choose three.)

Options:

A.

VMware ESXi

B.

Citrix Hypervisor

C.

Hyper-V

D.

KVM

E.

Oracle VM

Buy Now
Questions 18

Exhibit

When trying to set up a server protection SSL proxy, you receive the error shown. What are two reasons for this error? (Choose two.)

Options:

A.

The SSL proxy certificate ID is part of a blocklist.

B.

The SSL proxy certificate ID does not have the correct renegotiation option set.

C.

The SSL proxy certificate ID is for a forwarding proxy.

D.

The SSL proxy certificate ID does not exist.

Buy Now
Questions 19

While working on an SRX firewall, you execute the show security policies policy-name detail command.

Which function does this command accomplish?

Options:

A.

It displays details about the default security policy.

B.

It identifies the different custom policies enabled.

C.

It shows the system log files for the local SRX Series device.

D.

It shows policy counters for a configured policy.

Buy Now
Questions 20

You want to use IPS signatures to monitor traffic.

Which module in the AppSecure suite will help in this task?

Options:

A.

AppTrack

B.

AppQoS

C.

AppFW

D.

APPID

Buy Now
Questions 21

Exhibit

Referring to the SRX Series flow module diagram shown in the exhibit, where is application security processed?

Options:

A.

Forwarding Lookup

B.

Services ALGs

C.

Security Policy

D.

Screens

Buy Now
Questions 22

Which two statements about SRX Series device chassis clusters are true? (Choose two.)

Options:

A.

Redundancy group 0 is only active on the cluster backup node.

B.

Each chassis cluster member requires a unique cluster ID value.

C.

Each chassis cluster member device can host active redundancy groups

D.

Chassis cluster member devices must be the same model.

Buy Now
Questions 23

On an SRX Series firewall, what are two ways that Encrypted Traffic Insights assess the threat of the traffic? (Choose two.)

Options:

A.

It decrypts the file in a sandbox.

B.

It validates the certificates used.

C.

It decrypts the data to validate the hash.

D.

It reviews the timing and frequency of the connections.

Buy Now
Questions 24

Which statement about security policy schedulers is correct?

Options:

A.

Multiple policies can use the same scheduler.

B.

A policy can have multiple schedulers.

C.

When the scheduler is disabled, the policy will still be available.

D.

A policy without a defined scheduler will not become active

Buy Now
Questions 25

You want to permit access to an application but block application sub-Which two security policy features provide this capability? (Choose two.)

Options:

A.

URL filtering

B.

micro application detection

C.

content filtering

D.

APPID

Buy Now
Questions 26

Which two statements are correct about Juniper ATP Cloud? (Choose two.)

Options:

A.

Once the target threshold is met, Juniper ATP Cloud continues looking for threats from 0 to 5 minutes.

B.

Once the target threshold is met, Juniper ATP Cloud continues looking for threats levels range from 0 to 10 minutes.

C.

The threat levels range from 0-10.

D.

The threat levels range from 0-100.

Buy Now
Questions 27

You are asked to determine how much traffic a popular gaming application is generating on your network.

Which action will you perform to accomplish this task?

Options:

A.

Enable AppQoS on the proper security zones

B.

Enable APBR on the proper security zones

C.

Enable screen options on the proper security zones

D.

Enable AppTrack on the proper security zones.

Buy Now
Questions 28

Which two statements are true about Juniper ATP Cloud? (Choose two.)

Options:

A.

Juniper ATP Cloud only uses one antivirus software package to analyze files.

B.

Juniper ATP Cloud uses multiple antivirus software packages to analyze files.

C.

Juniper ATP Cloud uses antivirus software packages to protect against zero-day threats.

D.

Juniper ATP Cloud does not use antivirus software packages to protect against zero-day threats.

Buy Now
Questions 29

Your JIMS server is unable to view event logs.

Which two actions would you take to solve this issue? (Choose two.)

Options:

A.

Enable the correct host-inbound-traffic rules on the SRX Series devices.

B.

Enable remote event log management within Windows Firewall on the necessary Exchange servers.

C.

Enable remote event log management within Windows Firewall on the necessary domain controllers.

D.

Enable remote event log management within Windows Firewall on the JIMS server.

Buy Now
Exam Code: JN0-335
Exam Name: Security, Specialist (JNCIS-SEC)
Last Update: Dec 29, 2024
Questions: 98
JN0-335 pdf

JN0-335 PDF

$25.5  $84.99
JN0-335 Engine

JN0-335 Testing Engine

$30  $99.99
JN0-335 PDF + Engine

JN0-335 PDF + Testing Engine

$40.5  $134.99