Juniper JN0-335 Exam Practice Test Instant Access

Question 1

You are asked to implement IPS on your SRX Series device.

In this scenario, which two tasks must be completed before a configuration will work? (Choose two.)

ADownload the IPS signature database.

BEnroll the SRX Series device with Juniper ATP Cloud.

CInstall the IPS signature database.

DReboot the SRX Series device.

Answer : A, C

The two tasks that must be completed before a configuration for IPS on an SRX Series device will work are downloading the IPS signature database and installing the IPS signature database. The Security, Specialist (JNCIS-SEC) Study guide provides further information on how to download and install the IPS signature database. Enrolling the SRX Series device with Juniper ATP Cloud is not necessary to make a configuration work, and rebooting the SRX Series device is not required either.

Question 2

Exhibit

Referring to the exhibit, which two statements are true? (Choose two.)

ANancy logged in to the juniper.net Active Directory domain.

BThe IP address of Nancy's client PC is 172.25.11.

CThe IP address of the authenticating domain controller is 172.25.11.140.

DNancy is a member of the Active Directory sales group.

Answer : C

Question 3

You want to use IPS signatures to monitor traffic.

Which module in the AppSecure suite will help in this task?

AAppTrack

BAppQoS

CAppFW

DAPPID

Answer : C

The AppFW module in the AppSecure suite provides IPS signatures that can be used to monitor traffic and detect malicious activities. AppFW also provides other security controls such as Web application firewall, URL filtering, and application-level visibility.

Question 4

You have deployed an SRX300 Series device and determined that files have stopped being scanned.

In this scenario, what is a reason for this problem?

AThe software license is a free model and only scans executable type files.

BThe infected host communicated with a command-and-control server, but it did not download malware.

CThe file is too small to have a virus.

DYou have exceeded the maximum files submission for your SRX platform size.

Answer : D

You have exceeded the maximum files submission for your SRX platform size: This statement iscorrectbecause file scanning on SRX300 Series device has a limit on the number of files that can be submitted per minute based on the platform size3.For example, SRX320 has a limit of 10 files per minute3.

Question 5

Exhibit

Referring to the exhibit, what do you determine about the status of the cluster.

ABoth nodes determine that they are in a primary state.

BNode 1 is down

CNode 2 is down.

DThere are no issues with the cluster.

Answer : C

Question 6

You are asked to reduce the load that the JIMS server places on your Which action should you take in this situation?

AConnect JIMS to the RADIUS server

BConnect JIMS to the domain Exchange server

CConnect JIMS to the domain SQL server.

DConnect JIMS to another SRX Series device.

Answer : D

JIMS serveris aJuniper Identity Management Servicethat collects user identity information from different authentication sources for SRX Series devices12.It can connect to SRX Series devices and CSO platform in your network1.

JIMS server is a service that protects corporate resources by authenticating and restricting user access based on roles2.It connects to SRX Series devices and CSO platform to provide identity information for firewall policies1.To reduce the load that JIMS server places on your network, you should connect JIMS to another SRX Series device1. This way, you can distribute the identity information among multiple SRX Series devices and reduce network traffic.

Question 7

You enable chassis clustering on two devices and assign a cluster ID and a node ID to each device.

In this scenario, what is the correct order for rebooting the devices?

AReboot the secondary device, then the primary device.

BReboot only the secondary device since the primary will assign itself the correct cluster and node ID.

CReboot the primary device, then the secondary device.

DReboot only the primary device since the secondary will assign itself the correct cluster and node ID.

Answer : C

when enabling chassis clustering on two devices, the correct order for rebooting them is to reboot the primary device first, followed by the secondary device. It is not possible for either device to assign itself the correct cluster and node ID, so both devices must be rebooted to ensure the proper configuration is applied.

Juniper Security, Specialist JN0-335 Exam Practice Test