JN0-322 Dumps
JN0-322 Braindumps JN0-322 Real Questions JN0-322 Practice Test
JN0-322 Actual Questions
Security Specialist (JNCIS-SEC)
https://killexams.com/pass4sure/exam-detail/JN0-322
For IKE phase Question 1 negotiations, when is aggressive mode typically used?
when one of the tunnel peers has a dynamic IP address
when one of the tunnel peers wants to force main mode to be used
when fragmentation of the IKE packet is required between the two peers
when one of the tunnels peers wants to specify a different phase Question 1 proposal
For a route-based VPN, which statement is true?
host-inbound-traffic system services ike must be enabled on the st0.x interface
host-inbound-traffic system services ike must be enabled on both the st0.x interface and the logical interface on which ike terminates
host-inbound-traffic system services ike must be enabled on the logical interface on which ike terminates.
host-inbound-traffic system services ike is not mandatory for route based VPNs.
What are three benefits of using chassis clustering? (Choose three.)
Provides stateful session failover for sessions
Increases security capabilities for IPsec sessions.
Provides active-passive control and data plane redundancy
Enables automated fast-reroute capabilities
Synchronizes configuration files and session state.
You have been tasked with installing two SRX5600 platforms in a high- availability cluster. Which requirement must be met for a successful installation?
You must enable SPC detect within the configuration
You must enable active-active failover for redundancy
You must ensure all SPCs use the same slot placement.
You must configure auto-negotiation on the control ports of both devices
Which three components can be downloaded and installed directly from Juniper Networks update server to an SRX Series device? (Choose three.)
signature package
PCRE package
detector engine
policy templates
dynamic attack detection package
Which two statements are true regarding firewall user authentication? (Choose two.)
Firewall user authentication is performed only for traffic that is accepted by a security policy.
Firewall user authentication is performed only for traffic that is denied by a security policy.
Firewall user authentication provides an additional method of controlling user access to the Junos security device itself.
Firewall user authentication provides an additional method of controlling user access to remote networks.
Which type of logging is supported for UTM logging to an external syslog server on branch SRX Series devices?
Binary syslog
CHARGEN
WELF (structured) syslog
standard (unstructured) syslog
To which depth of compressed (Zip) files can the Junos full antivirus feature scan?
1 layer of compression
2 layer of compression
3 layer of compression
4 layer of compression
Which two statements describe full file-based antivirus protection? (Choose two.)
By default, the signature database is updated every 60 minutes.
By default, the signature database is updated once daily.
The signature database targets only critical viruses and malware.
The signature database can detect polymorphic virus types.
If the policy server becomes unreachable, which two actions are available for connections that should be inspected by Web filtering when using integrated or redirect Web filtering? (Choose two.)
Permit connections with logging.
Drop connections
Redirect connections to a different policy server
Use the existing Web cache.