Juniper JN0-335 Security, Specialist Exam Practice Test

Answer : D

AppTrack is a feature of Juniper Networks firewall solutions that allows administrators to track applications, users, and the amount of traffic generated by those applications on the network. AppTrack can be enabled on specific security zones of the network to monitor traffic on those zones. This feature can be used to determine how much traffic a popular gaming application is generating on the network. For more information, please refer to the Juniper Networks JNCIS-SEC Study Guide.

AppTrack is a feature of the Junos OS that provides visibility into the applications and users on your network. It tracks the usage of applications and provides detailed reports on the amount of traffic generated by each application. By enabling AppTrack on the proper security zones, you can determine how much traffic a popular gaming application is generating on your network.

Answer : B, C, E

B) Chassis cluster member devices synchronize configuration using the control link: This statement iscorrectbecause the control link is used for configuration synchronization among other functions.

C) A control link failure causes the secondary cluster node to be disabled: This statement iscorrectbecause a control link failure causes the secondary node to become ineligible for primary role and remain in secondary role until the control link is restored.

E) Heartbeat messages verify that the chassis cluster control link is working: This statement iscorrectbecause heartbeat messages are sent periodically over the control link to monitor its status.

Answer : B

To exclude traffic from being examined by IPS, you can use the source IP address and/or destination port as criteria for the exemption. This is achieved by configuring an IPS-exempt rule base that includes specific exemption rules based on these criteria.

Answer : A, B

The node ID value ranges from 1 to 255 and is used to identify each device in the chassis cluster. The cluster ID is also used to identify each device, but it is not part of the node ID configuration. A system reboot is not required to activate changes to the cluster, but it is recommended to ensure that all changes are applied properly.

Answer : B, C

Before formatting the data, the data is analyzed for relevant information. This is done to filter out any irrelevant data and to extract any useful information from the data. After the information is filtered, it is then formatted so that it can be stored in an asset database. After the data has been formatted, JSA will then respond with active measures.

Answer : A, D

Two possible reasons for this error are that the SSL proxy certificate ID does not exist, or the SSL proxy certificate ID is part of a blocklist. If the SSL proxy certificate ID does not exist, you will need to generate a new certificate. If the SSL proxy certificate ID is part of a blocklist, you will need to contact the source of the blocklist to remove it. Additionally, you may need to check that the SSL proxy certificate ID has the correct renegotiation option set, as this is necessary for proper server protection. For more information, you can refer to the Juniper Security documentation athttps://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/security-ssl-proxy-configuration.html.

Answer : A, C

you can block applications and users based on network access policies, users and their job roles, time, and application signatures2.You can also use Juniper Advanced Threat Prevention (ATP) to find and block commodity and zero-day cyberthreats within files, IP traffic, and DNS requests1