Master 2021 Latest The Questions JNCIS-SEC and Pass JN0-334 Real Exam!
Penetration testers simulate JN0-334 exam PDF
NEW QUESTION 42
You want to collect events and flows from third-party vendors.
Which solution should you deploy to accomplish this task?
- A. JSA
- B. Contrail
- C. Policy Enforcer
- D. Log Director
Answer: A
Explanation:
Explanation/Reference:
NEW QUESTION 43
Click to the Exhibit button.
Referring to the exhibit, what does proxy ARP allow?
- A. the internal network to ARP for the internal address of the server
- B. the external network to ARP for the internal address of the server
- C. the internal network to ARP for the public address of the server
- D. the external network to ARP for the public address of the server
Answer: A
NEW QUESTION 44
Click the Exhibit button.
Referring to the exhibit, which statement is true?
- A. Malicious HTTP file downloads are always blocked.
- B. Hosts are always able to communicate through the SRX Series device no matter the threat score assigned to them on the infected host feed.
- C. Hosts are unable to communicate through the SRX Series device after being placed on the infected host feed with a high enough threat score.
- D. Malicious HTTP file downloads are never blocked.
Answer: C
NEW QUESTION 45
Which two solutions provide a sandboxing feature for finding zero-day malware threats? (Choose two)
- A. Sky
- B. UIPS
- C. JATP
- D. ATP
Answer: C,D
NEW QUESTION 46
You must configure JSA to accept events from an unsupported third-party log source.
In this scenario, what should you do?
- A. Separate event collection and flow collection on separate collectors.
- B. Configure a universal device service module.
- C. Configure an RPM for a third-party device service module.
- D. Configure JSA to silently discard unsupported log types.
Answer: B
NEW QUESTION 47
What are two elements of a custom IDP/IPS attack object? (Choose two.)
- A. the attack signature
- B. the severity of the attack
- C. the destination zone
- D. the exempt rulebase
Answer: A,B
NEW QUESTION 48
Click the Exhibit button.
The output shown in the exhibit is displayed in which format?
- A. sd-syslog
- B. binary
- C. WELF
- D. syslog
Answer: A
NEW QUESTION 49
When considering managed sessions, which configuration parameter determines, how full the session table must be to implement the early age-out function?
- A. session service timeout
- B. high watermark
- C. policy rematch
- D. low watermark
Answer: B
NEW QUESTION 50
Click the Exhibit button.
Referring to the exhibit, you want to deploy Sky ATP with Policy Enforcer to block infected hosts at the access layer.
To complete this task, where should you configure the default gateway for the User-1 device?
- A. the interface on SRX-1 that connects to QFX-2
- B. the irb interface on QFX-1
- C. the irb interface on QFX-2
- D. the interface of QFX-1 that connects to User-1
Answer: B
NEW QUESTION 51
Which two statements describe JSA? (Choose two.)
- A. Security Director must be used to view third-party events from JSA flow collectors
- B. JSA events must be manually imported into Security Director using an SSH connection
- C. JSA can be used as a log node with Security Director or as a standalone solution
- D. JSA supports events and flows from Junos devices, including third-party devices.
Answer: B,C
NEW QUESTION 52
Which security log message format reduces the consumption of CPU and storage?
- A. BSD syslog
- B. binary
- C. WELF
- D. structured syslog
https://www.juniper.net/documentation/en_US/junos/topics/concept/security-binary-logging-understanding.html Security log messages can also be maintained in text-based formats. Because security logging can produce large amounts of data, however, text-based log files can quickly consume storage and CPU resources. Depending on your implementation of security logging, a log file in a binary-based format can provide more efficient use of on-box or off-box storage and improved CPU utilization. Binary format for security log messages is available on all SRX Series devices.
Answer: B
NEW QUESTION 53
Which two solutions provide a sandboxing feature for finding zero-day malware threats? (Choose two.)
- A. Sky ATP
- B. IPS
- C. JATP
- D. UTM
Answer: A,C
Explanation:
Explanation/Reference:
NEW QUESTION 54
A routing change occurs on an SRX Series device that involves choosing a new egress interface.
In this scenario, which statement is true for all affected current sessions?
- A. The current sessions might change based on the corresponding security policy.
- B. The current sessions do not change.
- C. The current sessions are torn down and go through first path processing based on the new route.
- D. The current session are torn dowm only if the policy-rematch option has been enabled.
Answer: C
NEW QUESTION 55
Click to the Exhibit button.
Referring to the exhibit, which two statements are true? (Choose two.)
- A. Interfaces ge-0/0/0.0 and ge-0/0/1.0 will allow SSH connections.
- B. Interface ge-0/0/0 will not accept SSH connections.
- C. Interface ge-0/0/1.0 will respond to pings.
- D. Interface ge-0/0/0.0 will respond to pings.
Answer: A,C
NEW QUESTION 56
Click the Exhibit button.
You have implemented SSL proxy client protection. After implementing this feature, your users are complaining about the warning message shown in the exhibit.
Which action must you perform to eliminate the warning message?
- A. Configure the SRX Series device as a trusted site in the client Web browsers.
- B. Regenerate the SRX self-signed CA certificate and include the correct organization name.
- C. Import the SRX self-signed CA certificate into the client Web browsers.
- D. Import the SRX self-signed CA certificate into the SRX certificate public store.
Answer: C
NEW QUESTION 57
What are two examples of RTOs? (Choose two.)
- A. IPsec SA entries
- B. control link heartbeats
- C. session table entries
- D. fabric link probes
Answer: B,C
NEW QUESTION 58
Click the Exhibit button.
Referring to the SRX Series flow module diagram shown in the exhibit, where is IDP/IPS processed?
- A. Security Policy
- B. Screens
- C. Services ALGs
- D. Forwarding Lookup
Answer: A
NEW QUESTION 59
Which two statements describe JSA? (Choose two.)
- A. Security Director must be used to view third-party events rom JSA flow collectors.
- B. JSA events must be manually imported into Security Directory using an SSH connection.
- C. JSA supports events and flows from Junos devices, including third-party devices.
- D. JSA can be used as a log node with Security Director or as a standalone solution.
Answer: C,D
NEW QUESTION 60
After a software upgrade on an SRX5800 chassis cluster you notice that both node1 and node1 are in the primary state, when node1 should be secondary All control and fabric links are operating normally.
In this scenario which step must you perform to recover the duster?
- A. Execute the request system reboot command on node1
- B. Execute the request system reboot command on node1
- C. Execute the request system software add command on node1.
- D. Execute the request system software rollback command on node1
Answer: B
NEW QUESTION 61
Click the Exhibit button.
Referring to the exhibit, which statement is true?
- A. Malicious HTTP file downloads are always blocked.
- B. Hosts are always able to communicate through the SRX Series device no matter the threat score assigned to them on the infected host feed.
- C. Hosts are unable to communicate through the SRX Series device after being placed on the infected host feed with a high enough threat score.
- D. Malicious HTTP file downloads are never blocked.
Answer: C
NEW QUESTION 62
......
Penetration testers simulate JN0-334 exam: https://www.exams4sures.com/Juniper/JN0-334-practice-exam-dumps.html