Free JN0-335 Sample Questions — Security, Specialist (JNCIS-SEC)

Which two devices would you use for DDoS protection with Policy Enforcer? (Choose two.)

• A. vQFX
• B. MX
• C. vMX
• D. QFX

Which two statements are true about application identification? (Choose two.)

• A. Application identification can identify nested applications that are within Layer 7
• B. Application identification cannot identify nested applications that are within Layer 7
• C. Application signatures are the same as IDP signatures
• D. Application signatures are not the same as IDP signatures

Which two statements about unified security policies are correct? (Choose two.)

• A. Unified security policies require an advanced feature license
• B. Unified security policies are evaluated after global security policies
• C. Traffic can initially match multiple unified security policies
• D. APPID results are used to determine the final security policy match

You are currently using a third-party threat analyzer. You want your SRX Series device to send decrypted SSL traffic to this analyzer. In this scenario, which feature should you configure on the SRX device?

• A. Phase 2 proxy ID
• B. SSL decryption mirroring
• C. JSA vulnerability assessment
• D. IPS IP-notify action

Which two statements are correct about the fab interface in a chassis cluster? (Choose two.)

• A. Real-time objects (RTOs) are exchanged on the fab interface to maintain session synchronization
• B. In an active/active configuration, inter-chassis transit traffic is sent over the fab interface
• C. The fab interface enables configuration synchronization
• D. Heartbeat signals sent on the fab interface monitor the health of the control plane link

You are implementing an SRX Series device at a branch office that has low bandwidth and also uses a cloud-based VoIP solution with an outbound policy that permits all traffic. Which service would you implement at your edge device to prioritize VoIP traffic in this scenario?

• A. AppFW
• B. SIP ALG
• C. AppQoE
• D. AppQoS

Your manager asks you to provide firewall and NAT services in a private cloud. Which two solutions will fulfill the minimum requirements for this deployment? (Choose two.)

• A. a single vSRX
• B. a vSRX for firewall services and a separate vSRX for NAT services
• C. a cSRX for firewall services and a separate cSRX for NAT services
• D. a single cSRX

You need to deploy an SRX Series device in your virtual environment. In this scenario, what are two benefits of using a CSRX? (Choose two.)

• A. The cSRX supports Layer 2 and Layer 3 deployments
• B. The cSRX default configuration contains three default zones: trust, untrust, and management
• C. The cSRX supports firewall, NAT, IPS, and UTM services
• D. The cSRX has low memory requirements

You enable chassis clustering on two devices and assign a cluster ID and a node ID to each device. In this scenario, what is the correct order for rebooting the devices?

• A. Reboot the secondary device, then the primary device
• B. Reboot only the secondary device since the primary will assign itself the correct cluster and node ID
• C. Reboot the primary device, then the secondary device
• D. Reboot only the primary device since the secondary will assign itself the correct cluster and node ID

Which two statements about SRX Series device chassis clusters are correct? (Choose two.)

• A. The chassis cluster data plane is connected with revenue ports
• B. The chassis cluster can contain a maximum of three devices
• C. The chassis cluster data plane is connected with SPC ports
• D. The chassis cluster can contain a maximum of two devices

You want to be alerted if the wrong password is used more than three times on a single device within five minutes. Which Juniper Networks solution will accomplish this task?

• A. Adaptive Threat Profiling
• B. Juniper Secure Analytics
• C. Juniper Identity Management Service
• D. Intrusion Prevention System

You are asked to create an IPS-exempt rule base to eliminate false positives from happening. Which two configuration parameters are available to exclude traffic from being examined? (Choose two.)

• A. source port
• B. source IP address
• C. destination IP address
• D. destination port

Which two statements are correct about Juniper ATP Cloud? (Choose two.)

• A. Once the target threshold is met, Juniper ATP Cloud continues looking for threats from 0 to 5 minutes
• B. Once the target threshold is met, Juniper ATP Cloud continues looking for threats from 0 to 10 minutes
• C. The threat levels range from 0-10
• D. The threat levels range from 0-100

Which two statements are true about Juniper ATP Cloud? (Choose two.)

• A. Juniper ATP Cloud only uses one antivirus software package to analyze files
• B. Juniper ATP Cloud uses multiple antivirus software packages to analyze files
• C. Juniper ATP Cloud uses antivirus software packages to protect against zero-day threats
• D. Juniper ATP Cloud does not use antivirus software packages to protect against zero-day threats

You have deployed an SRX300 Series device and determined that files have stopped being scanned. In this scenario, what is a reason for this problem?

• A. The software license is a free model and only scans executable type files
• B. The infected host communicated with a command-and-control server, but it did not download malware
• C. The file is too small to have a virus
• D. You have exceeded the maximum files submission for your SRX platform size

How does the SSL proxy detect if encryption is being used?

• A. It uses application identity services
• B. It verifies the length of the packet
• C. It queries the client device
• D. It looks at the destination port number

You are asked to block malicious applications regardless of the port number being used. In this scenario, which two application security features should be used? (Choose two.)

• A. AppFW
• B. AppQoE
• C. APPID
• D. AppTrack

After JSA receives external events and flows, which two steps occurs? (Choose two.)

• A. After formatting the data, the data is stored in an asset database
• B. Before formatting the data, the data is analyzed for relevant information
• C. Before the information is filtered, the information is formatted
• D. After the information is filtered, JSA responds with active measures

Which two statements are true about the fab interface in a chassis cluster? (Choose two.)

• A. The fab link does not support fragmentation
• B. The physical interface for the fab link must be specified in the configuration
• C. The fab link supports traditional interface features
• D. The Junos OS supports only one fab link

You are asked to reduce the load that the JIMS server places on your corporate domain controller. Which action should you take in this situation?

• A. Connect JIMS to the RADIUS server
• B. Connect JIMS to the domain Exchange server
• C. Connect JIMS to the domain SQL server
• D. Connect JIMS to another SRX Series device