• Home
  • Articles
  • Passing Juniper JN0-335 Exam Using 2023 Practice Tests [Q48-Q72]

Passing Juniper JN0-335 Exam Using 2023 Practice Tests [Q48-Q72]

Share

Passing Juniper JN0-335 Exam Using 2023 Practice Tests

JN0-335 Study Guide Brilliant JN0-335 Exam Dumps PDF

NEW QUESTION 48
Click the Exhibit button.

Referring to the exhibit, which two devices are considered to be part of the secure fabric site with Policy Enforcer? (Choose two.)

  • A. Server-1
  • B. Server-2
  • C. SRX-1
  • D. QFX-1

Answer: C,D

 

NEW QUESTION 49
Which three statements are correct about fabric interfaces on the SRX5800? (Choose three.)

  • A. Fabric interfaces must be same interface type.
  • B. Fabric interfaces must be user-assigned interfaces.
  • C. Fabric interfaces must be system-assigned interfaces.
  • D. Fabric interfaces must have a user-assigned IP address.
  • E. Fabric interfaces must be on the same Layer 2 segment.

Answer: A,C,E

 

NEW QUESTION 50
Click the Exhibit button.

You have configured your SRX Series device to receive authentication information from a JIMS server. However, the SRX is not receiving any authentication information.
Referring to the exhibit, how would you solve the problem?

  • A. Change the SRX configuration to connect to the JIMS server using HTTP.
  • B. Use the JIMS Administrator user interface to add the SRX device as client.
  • C. Update the IP address of the JIMS server
  • D. Generate an access token on the SRX device that matches the access token on the JIMS server.

Answer: B

 

NEW QUESTION 51
Which security log message format reduces the consumption of CPU and storage?

  • A. binary
  • B. WELF
  • C. BSD syslog
  • D. structured syslog

Answer: A

 

NEW QUESTION 52
Click the Exhibit button.

You examine the log file shown in the exhibit after running the set security idp active-policy command.
Which two statements are true in this scenario? (Choose two.)

  • A. The entire configuration was committed.
  • B. The IDP policy loaded successfully.
  • C. The IDP policy compiled successfully.
  • D. The IDP hit cache is set to 16384.

Answer: B,C

 

NEW QUESTION 53
Which two statements describe application-layer gateways (ALGs)? (Choose two.)

  • A. ALGs are designed for specific protocols that require multiple sessions.
  • B. ALGs are used with protocols that use multiple ports.
  • C. ALGs are designed for specific protocols that use a single TCP session.
  • D. ALGs can only be configured using Security Director.

Answer: A,B

 

NEW QUESTION 54
What is the maximum number of supported interfaces on a vSRX hosted in a VMware environment?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D

 

NEW QUESTION 55
Click the Exhibit button.

Referring to the exhibit, which statement is true?

  • A. Malicious HTTP file downloads are always blocked.
  • B. Malicious HTTP file downloads are never blocked.
  • C. Hosts are unable to communicate through the SRX Series device after being placed on the infected host feed with a high enough threat score.
  • D. Hosts are always able to communicate through the SRX Series device no matter the threat score assigned to them on the infected host feed.

Answer: C

 

NEW QUESTION 56
What information does JIMS collect from domain event log sources? (Choose two.)

  • A. For device login events, JIMS collects the device IP address and machine name information.
  • B. For device login events. JIMS collects the devide IP address and operating system version.
  • C. For user login events, JIMS collects the login source IP address and username information.
  • D. For user login events, JIMS collects the username and group membership information.

Answer: A,C

 

NEW QUESTION 57
You are troubleshooting advanced policy-based routing (APBR).
Which two actions should you perform in this scenario? (Choose two.)

  • A. Inspect the application system cache for the application entry.
  • B. Review the APBR statistics for matching rules and route modifications.
  • C. Verity inet.0 for correct route leaking.
  • D. Verify that the APBR profiles are applied to the egress zone.

Answer: A,B

 

NEW QUESTION 58
Which two statements describe how rules are used with Juniper Secure Analytics? (Choose two.)

  • A. When a rule is triggered, JSA can respond by blocking all traffic from a specific source address.
  • B. A rule defines matching criteria and actions that should be taken when an events matches the rule.
  • C. When a rule is triggered, JSA can respond by sending an e-mail to JSA administrators.
  • D. Rules are defined on Junos Space Security Director, and then pushed to JSA log collectors.

Answer: B,C

 

NEW QUESTION 59
Your manager asks you to find employees that are watching YouTube during office hours.
Which AppSecure component would you configure to accomplish this task?

  • A. AppQoE
  • B. AppQoS
  • C. AppFW
  • D. AppTrack

Answer: D

 

NEW QUESTION 60
Your network uses a remote e-mail server that is used to send and receive e-mails for your users.
In this scenario, what should you do to protect users from receiving malicious files thorugh e-mail?

  • A. Deploy Sky ATP POP3 e-mail protection
  • B. Deploy Sky ATP IMAP e-mail protection
  • C. Deploy Sky ATP MAPI e-mail protection
  • D. Deploy Sky ATP SMTP e-mail protection

Answer: D

 

NEW QUESTION 61
Which statement describes the AppTrack module in AppSecure?

  • A. The AppTrack module provides visibility and volumetric reporting of application usage on the network.
  • B. The AppTrack module provides control by the routing of traffic, based on the application.
  • C. The AppTrack module provides enforcement with the ability to block traffic, based on specific applications.
  • D. The AppTrack module identifies the applications that are present in network traffic.

Answer: A

 

NEW QUESTION 62
Which of the following lists the correct order that the Sky ATP pipeline evaluates traffic?

  • A. Cache lookup. Antivirus Scanning, Static Analysis, Dynamic Analysis
  • B. Cache lookup. Static Analysis. Dynamic Analysis. Antivirus Scanning
  • C. Static Analysis. Cache lookup. Antivirus Scanning, Dynamic Analysis

Answer: A

 

NEW QUESTION 63
Click the Exhibit button.

Referring to the SRX Series flow module diagram shown in the exhibit, where is IDP/IPS processed?

  • A. Services ALGs
  • B. Forwarding Lookup
  • C. Security Policy
  • D. Screens

Answer: C

 

NEW QUESTION 64
Which statement about the control link in a chassis cluster is correct?

  • A. Recovering from a control link failure requires a reboot.
  • B. The control link heartbeats contain the configuration file of the nodes.
  • C. The control messages sent over the link are encrypted by default.
  • D. A cluster can have redundant control links.

Answer: D

 

NEW QUESTION 65
When referencing a SSL proxy profile in a security policy, which two statements are correct? (Choose two.)

  • A. A security policy can reference both a client-protection SSL proxy profile and a server-protection proxy profile.
  • B. If you apply an SSL proxy profile to a security policy and forget to apply any Layer7 services to the security policy, any encrypted traffic that matches the security policy is decrypted.
  • C. If you apply an SSL proxy profile to a security policy and forget to apply any Layer7 services to the security policy, any encrypted traffic that matches the security policy is not decrypted.
  • D. A security policy can only reference a client-protection SSL proxy profile or a server-protection SSL proxy profile.

Answer: C,D

 

NEW QUESTION 66
You want to use Sky ATP to protect your network; however, company policy does not allow you to send any files to the cloud.
Which Sky ATP feature should you use in this situation?

  • A. Only use on-box SRX anti-malware file scanning.
  • B. Only use cloud-based Sky ATP file blacklists.
  • C. Only use cloud-based Sky ATP file hash lookups.
  • D. Only use on-premises local Sky ATP server anti-malware file scanning.

Answer: C

 

NEW QUESTION 67
Which two statements about JIMS high availability are true? (Choose two.)

  • A. JIMS supports high availability through the installation of the primary and secondary JIMS servers.
  • B. SRX clients are configured with the shared virtual IP (VIP) address of the JIMS server.
  • C. SRX clients synchronize authentication tables with both the primary and secondary JIMS servers.
  • D. SRX clients are configured with the unique IP addresses of the primary and secondary JIMS servers.

Answer: A,D

 

NEW QUESTION 68
You want to collect events and flows from third-party vendors.
Which solution should you deploy to accomplish this task?

  • A. Contrail
  • B. JSA
  • C. Policy Enforcer
  • D. Log Director

Answer: B

 

NEW QUESTION 69
Which two settings must be enabled on the hypervisor in a vSRX deployment to ensure proper chassis cluster operation? (Choose two.)

  • A. Control links must have an MTU of 9000.
  • B. Control links must operate in promiscuous mode.
  • C. Fabric links must have an MTU of 9000.
  • D. Fabric links must operate in promiscuous mode.

Answer: B,C

 

NEW QUESTION 70
What are two examples of RTOs? (Choose two.)

  • A. session table entries
  • B. fabric link probes
  • C. control link heartbeats
  • D. IPsec SA entries

Answer: A,D

 

NEW QUESTION 71
Which feature is used when you want to permit traffic on an SRX Series device only at specific times?

  • A. counters
  • B. pass-through authentication
  • C. ALGs
  • D. scheduler

Answer: D

 

NEW QUESTION 72
......

Free JN0-335 Test Questions Real Practice Test Questions: https://www.passtestking.com/Juniper/JN0-335-practice-exam-dumps.html

View JN0-335 Exam Question Dumps With Latest Demo: https://drive.google.com/open?id=1A4mPhmnbTZbSyl4n_VGcVetDC76rV3vC

Related Articles

more
Go To JN0-335 Questions