Security, Specialist (JNCIS-SEC)

Here you have the best Juniper JN0-335 practice exam questions

  • You have 38 total questions to study from
  • Each page has 5 questions, making a total of 8 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on November 19, 2024
Question 1 of 38

Regarding static attack object groups, which two statements are true? (Choose two.)

    Correct Answer: C, D

    Static attack object groups are predefined and do not automatically update their membership when Juniper updates the IPS signature database. Membership in these groups remains static unless it is manually altered by administrators. Therefore, statements indicating that group membership does not change automatically when Juniper updates the database and that administrators must manually add matching attack objects to a custom group are correct.

Question 2 of 38

You are deploying a new SRX Series device and you need to log denied traffic.

In this scenario, which two policy parameters are required to accomplish this task? (Choose two.)

    Correct Answer: C, D

    To log denied traffic on an SRX Series device, you need to use the 'deny' and 'count' policy parameters. The 'deny' parameter specifies that the traffic should be denied, while the 'count' parameter ensures that such denied traffic is logged. These parameters collectively allow the device to record instances of denied traffic in the logs.

Question 3 of 38

You are asked to reduce the load that the JIMS server places on your corporate domain controller.

Which action should you take in this situation?

    Correct Answer: A

    To reduce the load on your corporate domain controller, you should connect JIMS to the RADIUS server. RADIUS (Remote Authentication Dial-In User Service) provides centralized Authentication, Authorization, and Accounting (AAA) management. By offloading authentication requests to the RADIUS server, which is designed to handle such requests efficiently, you can significantly reduce the load on the domain controller.

Question 4 of 38

Which two statements about unified security policies are correct? (Choose two.)

    Correct Answer: C, D

    Traffic can initially match multiple unified security policies because these policies apply to network traffic and various filters are used to analyze it. Additionally, APPID results are indeed a factor in determining the final security policy match. APPID (Application Identification) helps in identifying applications so that the correct security policies can be applied based on the recognized application traffic.

Question 5 of 38

Click the Exhibit button.

Referring to the exhibit, which two statements describe the type of proxy used? (Choose two.)

    Correct Answer: A, D

    Based on the exhibit, the proxy types in question are likely a forward proxy and a reverse proxy. A forward proxy is used to fetch data on behalf of the user from the internet, typically located between the user and the internet. A reverse proxy fetches data from the web app and responds to the user's request, typically located between the web app server and the internet. These proxies are essential in protecting client-side and server-side interactions, respectively.