Juniper JN0-335 Security, Specialist Exam Practice Test

Page: 1 / 14
Total 98 questions
Question 1

Which statement regarding Juniper Identity Management Service (JIMS) domain PC probes is true?



Answer : B

Juniper Identity Management Service (JIMS) domain PC probes are used to map usernames to IP addresses in the domain security event log. This allows for the SRX Series device to verify authentication table information, such as group membership. The probes are triggered whenever a username to IP address mapping is not found in the domain security event log. By default, the probes are executed at 60-minute intervals.


Question 2
Question 3

Which two statements about unified security policies are correct? (Choose two.)



Question 4

Your manager asks you to provide firewall and NAT services in a private cloud.

Which two solutions will fulfill the minimum requirements for this deployment? (Choose two.)



Answer : B, C

A single vSRX or cSRX cannot provide both firewall and NAT services simultaneously. To meet the minimum requirements for this deployment, you need to deploy a vSRX for firewall services and a separate vSRX for NAT services (option B), or a cSRX for firewall services and a separate cSRX for NAT services (option C). This is according to the Juniper Networks Certified Security Specialist (JNCIS-SEC) Study Guide.


Question 5

You have deployed an SRX300 Series device and determined that files have stopped being scanned.

In this scenario, what is a reason for this problem?



Question 6

When a security policy is deleted, which statement is correct about the default behavior of active sessions allowed by that policy?



Answer : A

When a security policy is deleted, the active sessions allowed by the policy will be dropped. The default behavior is that all active sessions allowed by the policy will be terminated and the traffic will no longer be forwarded. There is no way to mark the active sessions as a legacy flow or to reevaluate them by the cached rules.


According to Juniper Networks Security, Specialist (JNCIS-SEC) Study Guide, when a security policy is deleted, the active sessions allowed by that policy will be dropped. This behavior is the default behavior of the device. There is no way to mark the active sessions as a legacy flow or to re-evaluate them against cached rules. The device will terminate the active sessions and will no longer forward traffic for those sessions.

Question 7

Which two statements are true about the fab interface in a chassis cluster? (Choose two.)



Answer : B, C

The physical interface for the fab link must be specified in the configuration. Additionally, the fab link supports traditional interface features such as MAC learning, security policy enforcement, and dynamic routing protocols. The fab link does not support fragmentation and the Junos OS supports up to two fab links.


Page:    1 / 14   
Total 98 questions