Latest JN0-335 Practice Tests with Actual Questions

Get Complete pool of questions with Premium PDF and Test Engine

Exam Code : JN0-335
Exam Name : Security, Specialist (JNCIS-SEC)
Vendor Name : "Juniper"







JN0-335 Dumps

JN0-335 Braindumps JN0-335 Real Questions JN0-335 Practice Test

JN0-335 Actual Questions


Juniper


JN0-335


Security, Specialist (JNCIS-SEC)


https://killexams.com/pass4sure/exam-detail/JN0-335



Question: 23


What are three capabilities of AppQoS? (Choose three.)


  1. re-write DSCP values

  2. assign a forwarding class

  3. re-write the TTL

  4. rate-limit traffic

  5. reserve bandwidth




Answer: A,B,E



Explanation:


AppQoS (Application Quality of Service) is a Junos OS feature that provides advanced control and prioritization of application traffic. With AppQoS, you can classify application traffic, assign a forwarding class to the traffic, and apply quality of service (QoS) policies to the traffic. You can also re-write DSCP values and reserve bandwidthfor important applications. However, AppQoS does not re-write the TTL or rate-limit traffic.


Source: Juniper Networks, Security, Specialist (JNCIS-SEC) Study Guide. Chapter 3: AppSecure. Page 66-67.



Question: 24


You are asked to find systems running applications that increase the risks on your network. You must ensure these systems are processed through IPS and Juniper ATP Cloud for malware and virus protection.


Which Juniper Networks solution will accomplish this task?


  1. JIMS

  2. Encrypted Traffic Insights

  3. UTM

  4. Adaptive Threat Profiling




Answer: D



Explanation:


Adaptive Threat Profiling (ATP) is a Juniper Networks solution that enables organizations to detect malicious activity on their networks and process it through IPS and Juniper ATP Cloud for malware and virus protection. ATP is powered by Juniperâs advanced Machine Learning and Artificial Intelligence (AI) capabilities, allowing it to detect and block malicious activity in real-time. ATP is integrated with Juniperâs Unified Threat Management (UTM) and Encrypted Traffic Insights (ETI) solutions, providing an end-to-end network protection solution.



Question: 25


Which statement about security policy schedulers is correct?


  1. Multiple policies can use the same scheduler.

  2. A policy can have multiple schedulers.

  3. When the scheduler is disabled, the policy will still be available.

  4. A policy without a defined scheduler will not become active




Answer: A



Explanation:


Schedulers can be defined and reused by multiple policies, allowing for more efficient management of policy activation and deactivation. This can be particularly useful for policies that need to be activated during specific time periods, such as business hours or maintenance windows.



Question: 26


Exhibit


Referring to the SRX Series flow module diagram shown in the exhibit, where is application security processed?


  1. Forwarding Lookup

  2. Services ALGs

  3. Security Policy

  4. Screens




Answer: B
Question: 27

What information does encrypted traffic insights (ETI) use to notify SRX Series devices about known malware sites?


  1. certificates

  2. dynamic address groups

  3. MAC addresses

  4. domain names




Answer: D



Explanation:


Encrypted traffic insights (ETI) uses domain names to notify SRX Series devices about known malware sites. ETI is a feature of the SRX Series firewall that can detect and block malware that is hidden in encrypted traffic. It works by analyzing the domain names of the websites that the encrypted traffic is attempting to access. If the domain name matches a known malware site, ETIwill send an alert to the SRX Series device, which can then take appropriate action to block the traffic. ETI is a useful tool for protecting against threats that attempt to evade detection by hiding in encrypted traffic.


Question: 28


Your manager asks you to provide firewall and NAT services in a private cloud.


Which two solutions will fulfill the minimum requirements for this deployment? (Choose two.)


  1. a single vSRX

  2. a vSRX for firewall services and a separate vSRX for NAT services

  3. a cSRX for firewall services and a separate cSRX for NAT services

  4. a single cSRX




Answer: B,C



Explanation:


A single vSRX or cSRX cannot provide both firewall and NAT services simultaneously. To meet the minimum requirements for this deployment, you need to deploy a vSRX for firewall services and a separate vSRX for NAT services (option B), or a cSRX for firewall services and a separate cSRX for NAT services (option C). This is according to the Juniper Networks Certified Security Specialist (JNCIS-SEC) Study Guide.



Question: 29


You want to deploy a virtualized SRX in your environment.


In this scenario, why would you use a vSRX instead of a cSRX? (Choose two.)


  1. The vSRX supports Layer 2 and Layer 3 configurations.

  2. Only the vSRX provides clustering.

  3. The vSRX has faster boot times.

  4. Only the vSRX provides NAT, IPS, and UTM services




Answer: A,C



Explanation:


The vSRX supports both Layer 2 and Layer 3 configurations, while the cSRX is limited to Layer 3 configurations. Additionally, the vSRX has faster boot times, which is advantageous in certain scenarios. The vSRX and cSRX both provide NAT, IPS, and UTM services.



Question: 30


Regarding static attack object groups, which two statements are true? (Choose two.)


  1. Matching attack objects are automatically added to a custom group.

  2. Group membership automatically changes when Juniper updates the IPS signature database.

  3. Group membership does not automatically change when Juniper updates the IPS signature database.

  4. You must manually add matching attack objects to a custom group.



Answer: B,D
Question: 31

Which statement regarding Juniper Identity Management Service (JIMS) domain PC probes is true?


  1. JIMS domain PC probes analyze domain controller security event logs at60-mmute intervals by default.

  2. JIMS domain PC probes are triggered if no username to IP address mapping is found in the domain security event log.

  3. JIMS domain PC probes are triggered to map usernames to group membership information.

  4. JIMS domain PC probes are initiated by an SRX Series device to verify authentication table information.




Answer: B



Explanation:


Juniper Identity Management Service (JIMS) domain PC probes are used to map usernames to IP addresses in the domain security event log. This allows for the SRX Series device to verify authentication table information, such as group membership. The probes are triggered whenever a username to IP address mapping is not found in the domain security event log. By default, the probes are executed at 60-minute intervals.



Question: 32


Exhibit



Which two statements are correct about the configuration shown in the exhibit? (Choose two.)

  1. The session-class parameter in only used when troubleshooting.

  2. The others 300 parameter means unidentified traffic flows will be dropped in 300 milliseconds.

  3. Every session that enters the SRX Series device will generate an event

  4. Replacing the session-init parameter with session-lose will log unidentified flows.




Answer: B,C



Explanation:


The configuration shown in the exhibit is for a Juniper SRX Series firewall. The session-init parameter is used to control how the firewall processes unknown traffic flows. With the session-init parameter set to 300, any traffic flows that the firewall does not recognize will be dropped after 300 milliseconds. Additionally, every session that enters the device, whether it is known or unknown, will generate an event, which can be used for logging and troubleshooting purposes. The session-lose parameter is used to control how the firewall handles established sessions that are terminated.



Question: 33


Which two statements are true about the vSRX? (Choose two.)


  1. It does not have VMXNET3 vNIC support.

  2. It has VMXNET3 vNIC support.

  3. UNIX is the base O

  4. Linux is the base O




Answer: B
Question: 34

Which two statements about SRX Series device chassis clusters are true? (Choose two.)


  1. Redundancy group 0 is only active on the cluster backup node.

  2. Each chassis cluster member requires a unique cluster ID value.

  3. Each chassis cluster member device can host active redundancy groups

  4. Chassis cluster member devices must be the same model.




Answer: B,C



Explanation:


  1. Each chassis cluster member requires a unique cluster ID value: This statement is true. Each chassis cluster member must have a unique cluster ID assigned, which is used to identify each device in the cluster.


  2. Each chassis cluster member device can host active redundancy groups: This statement is true. Both devices in a chassis cluster can host active redundancy groups, allowing for load balancing and failover capabilities.


The two statements about SRX Series device chassis clusters that are true are that each chassis cluster member requires a unique cluster ID value, and that each chassis cluster member device can host active redundancy groups. A unique cluster ID value is necessary so that all members of the cluster can be identified, and each chassis cluster member device can host active redundancy groups to ensure that the cluster is able to maintain high availability and redundancy. Additionally, it is not necessary for all chassis cluster member devices to be the same model, as long as all

devices are running the same version of Junos software.



Question: 35


Which two statements are correct about SSL proxy server protection? (Choose two.)


  1. You do not need to configure the servers to use the SSL proxy the function on the SRX Series device.

  2. You must load the server certificates on the SRX Series device.

  3. The servers must be configured to use the SSL proxy function on the SRX Series device.

  4. You must import the root CA on the servers.




Answer: B,C



Explanation:


You must load the server certificates on the SRX Series device and configure the servers to use the SSL proxy function on the SRX Series device. This is done to ensure that the SSL proxy is able to decrypt the traffic between the client and server. Additionally, you must import the root CA on the servers in order for the SSL proxy to properly validate the server certificate.