Juniper JN0-1331 JNCDS-SEC Exam Practice Test Instant Access

Question 1

You are concerned about users attacking the publicly accessible servers in your data center through encrypted channels. You want to block these attacks using your SRX Series devices.

In this scenario, which two features should you use? (Choose two.)

ASky ATP

BIPS

CSSL forward proxy

DSSL reverse proxy

Answer : B, C

Question 2

You are working on a network design that will use EX Series devices as Layer 2 access switches in a campus environment. You must include Junos Space in your design. You want to take advantage of security features supported on the devices.

Which two security features would satisfy this requirement? (Choose two.)

ASDSN

BStateful Firewall

CAccess Control

DALG

Answer : B, C

Question 3

What are two benefits of the vSRX in a virtualized private or public cloud multitenant environment? (Choose two.)

Afull logical systems capabilities

Bstateful firewall protection at the tenant edge

C100GbE interface support

DOSPFv3 capabilities

Answer : A, B

https: //www.juniper.net/documentation/en_US/junos/topics/topic-map/logical-systems-overview.html

Question 4

You are asked to deploy a security solution in your data center that ensures all traffic flows through the SRX Series devices.

Which firewall deployment method meets this requirement?

Aone-arm

Btwo-arm

Ctransparent

Dinline

Answer : D

Question 5

You want to deploy JATP in your network that uses SRX Series devices.

In this scenario, which feature must you enable on the SRX Series devices?

ASSL forward proxy

BAppSecure

CUTM antivirus

DIPS

Answer : A

Question 6

You are designing an Internet security gateway (ISG) for your company and are considering a centralized versus a distributed model for ISGs.

Which two statements are correct in this scenario? (Choose two.)

ADistributed ISGs typically have less latency compared to centralized ISGs

BDistributed ISGs reduce bandwidth for end users

CDistributed ISGs typically require extra bandwidth for management

DDistributed ISGs are harder to manage compared to centralized ISGs

Answer : A, D

Question 7

You are asked to design a security solution for your client's new two-tier data center. The client has a need for some flows to bypass firewall inspection entirely.

Where should the firewall be deployed in this data center?

Ainline, between the core switches and the access switches

Binline, between the core switches and the edge routers

Cone-arm configuration, connected to the core switches

Done-arm configuration, connected to each access switch

Answer : C

Juniper JN0-1331 Security Design, Specialist JNCDS-SEC Exam Practice Test