Juniper JN0-334 - Security, Specialist Exam
Page: 2 / 19
Total 91 questions
Question #6 (Topic: Single Topic)
Which statement is true about high availability (HA) chassis clusters for the SRX Series device?
A. Cluster nodes require an upgrade to HA compliant Routing Engines.
B. Cluster nodes must be connected through a Layer 2 switch.
C. There can be active/passive or active/active clusters.
D. HA clusters must use NAT to prevent overlapping subnets between the nodes.
Answer: C
Question #7 (Topic: Single Topic)
What are two types of attack objects used by IPS on SRX Series devices? (Choose two.)
A. protocol anomaly-based attacks
B. spam-based attacks
C. signature-based attacks
D. DDoS-based attacks
Answer: AC
Question #8 (Topic: Single Topic)
When considering managed sessions, which configuration parameter determines how full the session table must be to implement the early age-out function?
A. session service timeout
B. high waremark
C. low watermark
D. policy rematch
Answer: B
Question #9 (Topic: Single Topic)
You are asked to improve resiliency for individual redundancy groups in an SRX4600 chassis cluster.
Which two features would accomplish this task? (Choose two.)
Which two features would accomplish this task? (Choose two.)
A. IP address monitoring
B. control link recovery
C. interface monitoring
D. dual fabric links
Answer: BD
Question #10 (Topic: Single Topic)
What are two elements of a custom IDP/IPS attack object? (Choose two.)
A. the attack signature
B. the severity of the attack
C. the destination zone
D. the exempt rulebase
Answer: AB
