Exam Code : JN0-1332
Exam Name : Security Design, Specialist (JNCDS-SEC)
Vendor Name :
"Juniper"
JN0-1332 Dumps
JN0-1332 Braindumps JN0-1332 Real Questions JN0-1332 Practice Test
JN0-1332 Actual Questions
Security Design, Specialist (JNCDS-SEC)
https://killexams.com/pass4sure/exam-detail/JN0-1332
Which two statements describe Juniper ATP Cloud? (Choose two)
Juniper ATP Cloud can use a sandbox to detect threats that use evasion techniques.
Juniper ATP Cloud runs mime with network traffic to Nock all traffic before reaching endpoint.
Juniper ATP Cloud provides protection against zero-day threats
Juniper ATP Cloud is an added app that must be instated with Security Director
Physical security devices are ''blind'' to which type of traffic?
bare metal server to VM
private VLAN
intra-server traffic
management
Which technology enables IPS inspection for users browsing websites that use Transport Layer Security (TLS)?
SSL reverse proxy
defense in-depth
SSL forward proxy
screens
You must implement a solution to deploy end-to-end security services on network elements. Which solution will accomplish this task?
Security Director
Network Director
JSA
SRX Series devices
You are asked to implement Jumper AppSecure to increase application security. You want to analyze specific application usage In this scenario.
Which AppSecure feature would accomplish this task?
AppQoS
AppTrack
AppFW
IDP/IP
Which two statements are true about WAN security considerations? (Choose two.)
MACsec increases protection on alt WAN types
Provider VPN circuit require iPsec
internal connections are susceptible to fragmentation
IPsec increases protection on all WAN types
You are designing a security solution that includes SRX Series firewalls in a chassis cluster. In this scenario. which two dements must be part of the design? (Choose two.)
The physical interface on each SRX Series device making up the reth interface must be in the same L2 domain
The physical interface on each SRX Series device making up the reth interface must be in separate L2 domains
The duster ID must be the same on both SRX Series devices
The node 10 must be the same on both SRX Series devices
When designing the security for a service provider core router, you are asked to add a firewall fitter on the to0 interface in this scenario, which two protocols would you want to allow through the filter? (Choose two.)
LLDP
SSH
BGP
STP
Which automation language would you use to create on-box and off-box scripts for SRX Series devices?
Python
Pert
Java
Ruby
Which three statements about Group VPNs #e true? (Choose three.)
The IP pay load is encrypted
Data can flow directly between sites without transiting a central hub
Group VPNs use a client/server architecture
All data transits through a central hub
The IP headers are encrypted
You want to reduce the possibility of your data center's server becoming an unwilling participant in a DDoS attack When tvA3 features should you use on your SRX Series devices to satisfy this requirement? (Choose two.)
dynamic IPsec tunnels
Juniper ATP Cloud GeolP
UTMWebtaering
Juniper ATP Cloud CC feeds
When using Contra! networking, security policies are distributed as access control list to which component?
vSwith
vSRX
vMX
vRouter
In the 3-tier VPN design shown in the exhibit, which function are the Campus A and Campus B SRX Series devices performing?
Internet security gateway
data center firewall
WAN aggregation
VPN bridging
Which statement about Junos firewall filters is correct?
Firewall filters can be applied as a security policy action
Firewall filters do not operate on stateful flows and they serve no purpose in a next-generation firewall
Firewall filters can be applied as the packet enters the security device, and they are stateless.
Firewall filters are applied to TCP packets only. and they do not block UDP pockets
According to Juniper Networks, what are two focus points when designing a secure network? (Choose two.)
performance
automation
distributed control
classification
You arc designing a high availability firewall solution You select an off-path design instead of an mime design. What arc two reasons for this decision? (Choose two.)
The off-path design is less complex
The off-path design is more flexible
The off-path design uses fewer interfaces at the adjacency layer
The off-path design requires a proper routing configuration for selecting traffic
You are designing a security solution for an existing data center. All traffic most be secured using SRX Series devices, however, you are unable to change the existing IP addressing scheme.
Which firewall deployment method satisfies this requirement?
transparent deployment
two-arm deployment
one-arm deployment
inline deployment
You are asked to enable denial of service protection for a webserver behind an SRX Series device In this scenario, which feature would you enable?
screens
App Secure
Web filtering
Juniper ATP
Which solution would you deploy to accomplish this task?
Junes Space Log Director
Juniper Networks Central insights
Junos Space Security Director
Juniper Networks Secure Analytics
In yew network design, you must include a method to block IP addresses from certain countries that will automatically update within the SRX Series devices' security policies.
Which technology would accomplish this goal?
UTM
GeolP
dynamic DNS
IPS