Security, Specialist v1.0 (JN0-334)

Page:    1 / 6   
Total 96 questions

What are two management methods for cSRX? (Choose two.)

  • A. Network Director
  • B. J-Web
  • C. CLI
  • D. Contrail


Answer : BC

You are deploying the Junos application firewall feature in your network.
In this scenario, which two elements are mapped to applications in the application system cache? (Choose two.)

  • A. destination port
  • B. source port
  • C. destination IP address
  • D. source IP address


Answer : AC

Which two protocols are supported for Sky ATP advanced anti-malware scanning? (Choose two.)

  • A. POP3
  • B. MAPI
  • C. IMAP
  • D. SMTP


Answer : CD

Click the Exhibit button.


Referring to the exhibit, which two devices are considered to be part of the secure fabric site with Policy Enforcer? (Choose two.)

  • A. Server-2
  • B. SRX-1
  • C. Server-1
  • D. QFX-1


Answer : BD

You are asked to convert two standalone SRX Series devices to a chassis cluster deployment. You must ensure that your IPsec tunnels will be compatible with the new deployment.
In this scenario, which two interfaces should be used when binding your tunnel endpoints? (Choose two.)

  • A. pp0
  • B. reth
  • C. lo0
  • D. ge


Answer : BD

Which two session parameters would be used to manage space on the session table? (Choose two.)

  • A. low watermark
  • B. high watermark
  • C. TCP MSS
  • D. TCP RST


Answer : AB

Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-flow-based-session-for-srx-series-devices.html

Click the Exhibit button.


You examine the log file shown in the exhibit after running the set security idp active-policy command.
Which two statements are true in this scenario? (Choose two.)

  • A. The IDP policy compiled successfully.
  • B. The IDP policy loaded successfully.
  • C. The IDP hit cache is set to 16384.
  • D. The entire configuration was committed.


Answer : AB

Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-idp-policies-overview.html

Click the Exhibit button.


You have configured the scheduler shown in the exhibit to prevent users from accessing certain websites from 1:00 PM to 3:00 PM Monday through Friday. This policy will remain in place until further notice. When testing the policy, you determine that the websites are still accessible during the restricted times.
In this scenario, which two actions should you perform to solve the problem? (Choose two.)

  • A. Add the saturday exclude parameter and the sunday exclude parameter to ensure weekends are excluded from the schedule.
  • B. Use the 13:00 parameter and the 15:00 parameter when specifying the time.
  • C. Use the start-date parameter to specify the date for each Monday and use the stop-date parameter to specify the date for each Friday.
  • D. Use the PM parameter when specifying the time in the schedule.


Answer : AB

Reference:
https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/schedulers-edit-scheduler.html

After performing a software upgrade on an SRX5800 chassis cluster, you notice that node1 is in the primary state and node0 is in the backup state. Your network standards dictate that node0 should be in the primary state.
In this scenario, which command should be used to comply with the network standards?

  • A. request chassis cluster failover redundancy-group 254 node 1
  • B. request chassis cluster failover redundancy-group 0 node 0
  • C. request chassis cluster failover redundancy-group 254 mode 0
  • D. request chassis cluster failover redundancy-group 0 node 1


Answer : B

Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-chassis-cluster-redundancy-group-failover.html

Click the Exhibit button.


Which two statements are true about the session shown in the exhibit? (Choose two.)

  • A. Two security policies are required for bidirectional traffic flow.
  • B. The ALG was enabled by manual configuration.
  • C. The ALG was enabled by default.
  • D. One security policy is required for bidirectional traffic flow.


Answer : AB

Which two statements describe superflows in Juniper Secure Analytics? (Choose two.)

  • A. JSA only supports Type A and Type C superflows.
  • B. Superflows can negatively impact licensing limitations.
  • C. Disk space usage is reduced on the JSA device.
  • D. Superflows combine many flows into a single flow.


Answer : CD

Which three statements are true about the difference between cSRX-based virtual security deployments and vSRX-based virtual security deployments? (Choose three.)

  • A. vSRX provides Layer 2 to Layer 7 secure services and cSRX provides Layer 4 to Layer 7 secure services.
  • B. cSRX requires less storage and memory space for a given deployment than vSRX-based solutions.
  • C. cSRX-based solutions are more scalable than vSRX-based solutions.
  • D. vSRX and cSRX both provide Layer 2 to Layer 7 secure services.
  • E. vSRX provides faster deployment time and faster reboots compared to cSRX.


Answer : ABC

Reference:
https://www.juniper.net/documentation/en_US/day-one-books/topics/concept/juniper-vsrx-versus-csrx.html

You are deploying a vSRX into a vSphere environment which applies the configuration from a bootable ISO file containing the juniper.conf file. After the vSRX boots and has the configuration applied, you make additional device specific configuration changes, commit, and reboot the device. Once the device finishes rebooting, you notice the specific changes you made are missing but the original configuration is applied.
In this scenario, what is the problem?

  • A. Configuration changes do not persist after reboots on vSRX.
  • B. The juniper.conf file was not applied to the vSRX.
  • C. The configuration file is corrupt.
  • D. The ISO file is still mounted on the vSRX.


Answer : D

Reference:
https://www.juniper.net/documentation/us/en/software/vsrx/vsrx-kvm/topics/task/security-vsrx-kvm-bootstrap-config.html

When working with network events on a Juniper Secure Analytics device, flow records come from which source?

  • A. tap port
  • B. SPAN
  • C. switch
  • D. mirror


Answer : B

Reference:
https://www.juniper.net/documentation/en_US/jsa7.3.1/jsa-arch-deployment-guide/topics/concept/jsa-ad-jsa-events-and-flows.html

You are troubleshooting advanced policy-based routing (APBR).
Which two actions should you perform in this scenario? (Choose two.)

  • A. Verify that the APBR profiles are applied to the egress zone.
  • B. Verity inet.0 for correct route leaking.
  • C. Review the APBR statistics for matching rules and route modifications.
  • D. Inspect the application system cache for the application entry.


Answer : CD

Page:    1 / 6   
Total 96 questions