Juniper JN0-335 Exam Questions Instant Access

Question 1

You want to permit access to an application but block application sub-Which two security policy features provide this capability? (Choose two.)

AURL filtering

Bmicro application detection

Ccontent filtering

DAPPID

Answer : A, B

The two security policy features that provide the capability to permit access to an application but block its sub-applications are URL filtering and micro application detection. URL filtering allows you to create policies that permit or block access to certain websites or webpages based on URL patterns. Micro application detection is a more sophisticated approach that can identify and block specific applications, even if they are embedded within other applications or websites. According to the Juniper Networks Certified Internet Specialist (JNCIS-SEC) Study Guide[1], ''micro application detection is the most accurate way to detect and control applications.'' Content filtering and APPID are more general approaches and are not as effective in providing the level of granularity needed to block sub-applications.

Question 2

Exhibit

You are trying to create a security policy on your SRX Series device that permits HTTP traffic from your private 172 25.11.0/24 subnet to the Internet You create a policy named permit-http between the trust and untrust zones that permits HTTP traffic. When you issue a commit command to apply the configuration changes, the commit fails with the error shown in the exhibit.

Which two actions would correct the error? (Choose two.)

AIssue the rollback 1 command from the top of the configuration hierarchy and attempt the commit again.

BExecute the Junos commit full command to override the error and apply the configuration.

CCreate a custom application named http at the [edit applications] hierarchy.

DModify the security policy to use the built-in Junos-http applications.

Answer : C, D

The error message indicates that the Junos-http application is not defined, so you need to either create a custom application or modify the security policy to use the built-in Junos-http application. Doing either of these will allow you to successfully commit the configuration.

Question 3

You want to deploy a virtualized SRX in your environment.

In this scenario, why would you use a vSRX instead of a cSRX? (Choose two.)

AThe vSRX supports Layer 2 and Layer 3 configurations.

BOnly the vSRX provides clustering.

CThe vSRX has faster boot times.

DOnly the vSRX provides NAT, IPS, and UTM services

Answer : A, C

The vSRX supports both Layer 2 and Layer 3 configurations, while the cSRX is limited to Layer 3 configurations. Additionally, the vSRX has faster boot times, which is advantageous in certain scenarios. The vSRX and cSRX both provide NAT, IPS, and UTM services.

Question 4

Which method does the loT Security feature use to identify traffic sourced from IoT devices?

AThe SRX Series device streams metadata from the loT device transit traffic to Juniper ATP Cloud Juniper ATP Cloud.

BThe SRX Series device streams transit traffic received from the IoT device to Juniper ATP Cloud.

CThe SRX Series device identifies loT devices using their MAC address.

DThe SRX Series device identifies loT devices from metadata extracted from their transit traffic.

Answer : D

The metadata is used to identify the type of device, its associated activities and its threat profile. This information is used to determine the appropriate security policy for the device. For more information on loT Security, please refer to the Juniper Security, Specialist (JNCIS-SEC) study guide.

Question 5

Which statement regarding Juniper Identity Management Service (JIMS) domain PC probes is true?

AJIMS domain PC probes analyze domain controller security event logs at60-mmute intervals by default.

BJIMS domain PC probes are triggered if no username to IP address mapping is found in the domain security event log.

CJIMS domain PC probes are triggered to map usernames to group membership information.

DJIMS domain PC probes are initiated by an SRX Series device to verify authentication table information.

Answer : B

Juniper Identity Management Service (JIMS) domain PC probes are used to map usernames to IP addresses in the domain security event log. This allows for the SRX Series device to verify authentication table information, such as group membership. The probes are triggered whenever a username to IP address mapping is not found in the domain security event log. By default, the probes are executed at 60-minute intervals.

Question 6

Which two statements about SRX chassis clustering are correct? (Choose two.)

ASRX chassis clustering supports active/passive and active/active for the data plane.

BSRX chassis clustering only supports active/passive for the data plane.

CSRX chassis clustering supports active/passive for the control plane.

DSRX chassis clustering supports active/active for the control plane.

Answer : A, D

SRX chassis clustering supports active/passive and active/active for the data plane. In an active/active configuration, both cluster members process and forward traffic, which increases throughput and provides redundancy. For the control plane, SRX chassis clustering supports active/active, meaning that both cluster members can process and forward control traffic, providing redundancy and improved scalability

Question 7

Which two statements are correct about AppTrack? (Choose two.)

AAppTrack can be configured for any defined logical system on an SRX Series device.

BAppTrack identifies and blocks traffic flows that might be malicious regardless of the ports being used.

CAppTrack collects traffic flow information including byte, packet, and duration statistics.

DAppTrack can only be configured in the main logical system on an SRX Series device.

Answer : A, C

AppTrack is a feature that allows you to monitor and analyze the application traffic on your SRX Series device. It can be configured for any defined logical system, which is a virtual router or switch within a physical device. AppTrack collects statistics such as bytes, packets, and duration for each application flow and displays them in reports or logs. AppTrack does not identify or block malicious traffic, that is the function of AppSecure or IDP/IPS.Reference:=JNCIS-SEC Certification,Open Learning - Security, Specialist (JNCIS-SEC),Application Security Theory

Juniper Security, Specialist JN0-335 Exam Questions