Juniper JN0-334 Security, Specialist (JNCIS-SEC) Online Training
Juniper JN0-334 Online Training
The questions for JN0-334 were last updated at Dec 24,2024.
- Exam Code: JN0-334
- Exam Name: Security, Specialist (JNCIS-SEC)
- Certification Provider: Juniper
- Latest update: Dec 24,2024
Which statement describes the AppTrack module in AppSecure?
- A . The AppTrack module provides enforcement with the ability to block traffic, based on specific applications.
- B . The AppTrack module provides control by the routing of traffic, based on the application.
- C . The AppTrack module identifies the applications that are present in network traffic.
- D . The AppTrack module provides visibility and volumetric reporting of application usage on the network.
D
Explanation:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-tracking.html
Click the Exhibit button.
Referring to the exhibit, which two values in the JIMS SRX client configuration must match the values configured on the SRX client? (Choose two.)
- A . IPv6 Reporting
- B . Client ID
- C . Client Secret
- D . Token Lifetime
B,C
Explanation:
Reference: https://www.juniper.net/documentation/en_US/jims/topics/task/configuration/jims-srx-configuring.html
Click the Exhibit button.
Referring to the exhibit, which statement is true?
- A . IDP blocks root users.
- B . IDP closes the connection on matched sessions.
- C . IDP ignores the connection on matched sessions.
- D . IDP blocks all users.
What are two valid JIMS event log sources? (Choose two.)
- A . Microsoft Windows Server 2012 audit logs
- B . Microsoft Active Directory server event logs
- C . Microsoft Exchange Server event logs
- D . Microsoft Active Directory audit logs
Which three statements are true about the difference between cSRX-based virtual security deployments and vSRX-based virtual security deployments? (Choose three.)
- A . vSRX provides Layer 2 to Layer 7 secure services and cSRX provides Layer 4 to Layer 7 secure services.
- B . cSRX requires less storage and memory space for a given deployment than vSRX-based solutions.
- C . cSRX-based solutions are more scalable than vSRX-based solutions.
- D . vSRX and cSRX both provide Layer 2 to Layer 7 secure services.
- E . vSRX provides faster deployment time and faster reboots compared to cSRX.
A,B,C
Explanation:
Reference: https://www.juniper.net/documentation/en_US/day-one-books/topics/concept/juniper-vsrx-versus-csrx.html
Click the Exhibit button.
You have implemented SSL proxy client protection. After implementing this feature, your users are complaining about the warning message shown in the exhibit.
Which action must you perform to eliminate the warning message?
- A . Configure the SRX Series device as a trusted site in the client Web browsers.
- B . Regenerate the SRX self-signed CA certificate and include the correct organization name.
- C . Import the SRX self-signed CA certificate into the client Web browsers.
- D . Import the SRX self-signed CA certificate into the SRX certificate public store.
Which two statements are correct about server-protection SSP proxy? (Choose two.)
- A . The server-protection SSL proxy intercepts the server certificate.
- B . The server-protection SSL proxy is also known as SSL reverse proxy.
- C . The server-protection SSL proxy forwards the server certificate after modification.
- D . The server-protection SSL proxy acts as the server from the client’s perspective.
B,D
Explanation:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-ssl-proxy.html
Which two statements describe application-layer gateways (ALGs)? (Choose two.)
- A . ALGs are designed for specific protocols that require multiple sessions.
- B . ALGs are used with protocols that use multiple ports.
- C . ALGs can only be configured using Security Director.
- D . ALGs are designed for specific protocols that use a single TCP session.
When referencing a SSL proxy profile in a security policy, which two statements are correct? (Choose two.)
- A . A security policy can reference both a client-protection SSL proxy profile and a server-protection proxy profile.
- B . If you apply an SSL proxy profile to a security policy and forget to apply any Layer7 services to the security policy, any encrypted traffic that matches the security policy is not decrypted.
- C . A security policy can only reference a client-protection SSL proxy profile or a server-protection SSL proxy profile.
- D . If you apply an SSL proxy profile to a security policy and forget to apply any Layer7 services to the security policy, any encrypted traffic that matches the security policy is decrypted.
B,C
Explanation:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-ssl-proxy.html
You want to support reth LAG interfaces on a chassis cluster.
What must be enabled on the interconnecting switch to accomplish this task?
- A . RSTP
- B . 802.3ad
- C . LLDP
- D . swfab
B
Explanation:
Reference: https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-chassis-cluster-redundant-ethernet-lag-interfaces.html