Security, Specialist (JNCIS-SEC)

Here you have the best Juniper JN0-335 practice exam questions

  • You have 103 total questions across 21 pages (5 per page)
  • These questions were last updated on February 10, 2026
  • This site is not affiliated with or endorsed by Juniper.
Question 1 of 103
Regarding static attack object groups, which two statements are true? (Choose two.)
Suggested Answer: C, D

Static attack object groups are predefined and do not automatically update their membership when Juniper updates the IPS signature database. Membership in these groups remains static unless it is manually altered by administrators. Therefore, statements indicating that group membership does not change automatically when Juniper updates the database and that administrators must manually add matching attack objects to a custom group are correct.

Community votes

No votes yet

Question 2 of 103
You are deploying a new SRX Series device and you need to log denied traffic.
In this scenario, which two policy parameters are required to accomplish this task? (Choose two.)
Suggested Answer: C, D

To log denied traffic on an SRX Series device, you need to use the 'deny' and 'count' policy parameters. The 'deny' parameter specifies that the traffic should be denied, while the 'count' parameter ensures that such denied traffic is logged. These parameters collectively allow the device to record instances of denied traffic in the logs.

Community votes

No votes yet

Question 3 of 103
You are asked to reduce the load that the JIMS server places on your corporate domain controller.
Which action should you take in this situation?
Suggested Answer: A

To reduce the load on your corporate domain controller, you should connect JIMS to the RADIUS server. RADIUS (Remote Authentication Dial-In User Service) provides centralized Authentication, Authorization, and Accounting (AAA) management. By offloading authentication requests to the RADIUS server, which is designed to handle such requests efficiently, you can significantly reduce the load on the domain controller.

Community votes

No votes yet

Question 4 of 103
Which two statements about unified security policies are correct? (Choose two.)
Suggested Answer: C, D

Traffic can initially match multiple unified security policies because these policies apply to network traffic and various filters are used to analyze it. Additionally, APPID results are indeed a factor in determining the final security policy match. APPID (Application Identification) helps in identifying applications so that the correct security policies can be applied based on the recognized application traffic.

Community votes

No votes yet

Question 5 of 103
Click the Exhibit button.
Exam JN0-335: Question 5 - Image 1
Referring to the exhibit, which two statements describe the type of proxy used? (Choose two.)
Suggested Answer: A, D

Based on the exhibit, the proxy types in question are likely a forward proxy and a reverse proxy. A forward proxy is used to fetch data on behalf of the user from the internet, typically located between the user and the internet. A reverse proxy fetches data from the web app and responds to the user's request, typically located between the web app server and the internet. These proxies are essential in protecting client-side and server-side interactions, respectively.

Community votes

No votes yet

About the Juniper JN0-335 Certification Exam

About the Exam

The Juniper JN0-335 (Security, Specialist (JNCIS-SEC)) validates your knowledge and skills. Passing demonstrates proficiency and can boost your career prospects in the field.

How to Prepare

Work through all 103 practice questions across 21 pages. Focus on understanding the reasoning behind each answer rather than memorizing responses to be ready for any variation on the real exam.

Why Practice Exams?

Practice exams help you familiarize yourself with the question format, manage your time, and reduce anxiety on the test day. Our JN0-335 questions are regularly updated to reflect the latest exam objectives.