[Sep-2022] Latest Juniper JN0-334 Certification Practice Test Questions [Q39-Q58]

[Sep-2022] Latest Juniper JN0-334 Certification Practice Test Questions

Verified JN0-334 Dumps Q&As - 1 Year Free & Quickly Updates

NEW QUESTION 39
Which two statements apply to policy scheduling? (Choose two.)

• A. A policy refers to many schedules.
• B. A policy stays active regardless of when the schedule is active.
• C. Multiple policies can refer to the same schedule.
• D. A policy refers to one schedule.

Answer: C,D

NEW QUESTION 40
Which two functions are performed by Juniper Identity Management Service (JIMS)? (Choose two.)

• A. JIMS replicates Active Directory authentication information to non-trusted Active Directory domain controllers.
  https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/services-user-identification-identity-management-connection-primary.html
• B. JIMS synchronizes Active Directory authentication information between a primary and secondary JIMS server.
• C. JIMS collects and maintains a database of authentication information from Active Directory domains.
• D. JIMS forwards Active Directory authentication information to SRX Series client devices.

Answer: B,C

NEW QUESTION 41
Which three features are part of Juniper Networks' AppSecure suite? (Choose three)

• A. AppOoS
• B. AppQoE OAPBR
• C. AppFormix
• D. Secure Application Manager

Answer: B,C,D

NEW QUESTION 42
Which two solutions provide a sandboxing feature for finding zero-day malware threats? (Choose two.)

• A. JATP
• B. Sky ATP
• C. IPS
• D. UTM

Answer: A,B

Explanation:
Explanation/Reference:

NEW QUESTION 43
Exhibit.

You are configuring an SRX chassis cluster with the node-specific hostname and management address.
Referring to the exhibit, which configuration completes this requirement?
A)

B)

C)

D)

• A. Option C
• B. Option A
• C. Option B
• D. Option D

Answer: A

NEW QUESTION 44
Click the Exhibit button.

The inside server must communicate with the external DNS server. The internal DNS server address is
10.100.75.75. The external DNS server address is 75.75.76.76. Traffic from the inside server to the DNS server fails.
Referring to the exhibit, what is causing the problem?

• A. The static NAT rule must use the global address book entry name for the DNS server.
• B. The security policy must match the translated source and translated destination address.
• C. The security policy must match the translated destination address.
• D. Source and static NAT cannot be configured at the same time.

Answer: C

NEW QUESTION 45
Which UDP port is used in Ipsec tunneling when NAT-T is in use?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: D

NEW QUESTION 46
Exhibit.

You need to have the JATP solution analyze jar, xls, and doc files
Referring to the exhibit, which two file types must be selected to accomplish this task? (Choose two.)

• A. document
• B. executable
• C. library
• D. Java

Answer: A,B

NEW QUESTION 47
Your network includes IPsec tunnels. One IPsec tunnel transits an SRX Series device with NAT configured. You must ensure that the IPsec tunnels function properly.
Which statement is correct in this scenario?

• A. A source address pool should be configured.
• B. Destination NAT should be configured.
• C. NAT-T should be enabled.
• D. Persistent NAT should be enabled.

Answer: C

NEW QUESTION 48
Which two statements are true when implementing source NAT on an SRX Series device? (Choose two.)

• A. Source NAT is applied after the security policy search.
• B. Source NAT is applied before the route table lookup.
• C. Source NAT is applied after the route table lookup.
• D. Source NAT is applied before the security policy search.

Answer: A,C

NEW QUESTION 49
You want to support reth LAG interfaces on a chassis cluster.
What must be enabled on the interconnecting switch to accomplish this task?

• A. swfab
• B. RSTP
• C. LLDP
• D. 802.3ad

Answer: D

NEW QUESTION 50
Which three elements does AH provide in an IPsec implementation? (Choose three.)

• A. authentication
• B. integrity
• C. replay attack protection
• D. confidentiality
• E. availability

Answer: A,B,C

NEW QUESTION 51
Which statement describes the AppTrack module in AppSecure?

• A. The AppTrack module identifies the applications that are present in network traffic.
• B. The AppTrack module provides control by the routing of traffic, based on the application.
• C. The AppTrack module provides visibility and volumetric reporting of application usage on the network.
• D. The AppTrack module provides enforcement with the ability to block traffic, based on specific applications.

Answer: C

Explanation:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-tracking.html

NEW QUESTION 52
Which statement describes the AppTrack module in AppSecure?

• A. The AppTrack module provides visibility and volumetric reporting of application usage on the network
• B. The AppTrack module provides enforcement with the ability to block traffic, based on specific applications
• C. The AppTrack module provides control by the routing of traffic, based on the application
• D. The AppTrack module identifies the applications that are present in network traffic

Answer: D

NEW QUESTION 53
What are two valid zones available on an SRX Series device? (Choose two.)

• A. policy zones
• B. functional zones
• C. security zones
• D. transit zones

Answer: B,C

NEW QUESTION 54
Click the Exhibit button.

Users at a remote office are unable to access an FTP server located at the remote corporate data center as expected. The remote FTP server is listening on the non-standard TCP port 2121.
Referring to the exhibit, what is causing the problem?

• A. The custom FTP application definition does not have the FTP ALG enabled.
• B. The FTP clients must be configured to listen on non-standard client ports for the FTP data channel negotiations to succeed.
• C. A new security policy must be defined between the untrust and trust zones.
• D. Two custom FTP applications must be defined to allow bidirectional FTP communication through the SRX Series device.

Answer: C

NEW QUESTION 55
You are asked to enable AppTrack to monitor application traffic from hosts in the User zone destined to hosts in the Internet zone In this scenario, which statement is true?

• A. You must enable the AppTrack feature within the interface configuration associated with the User zone
• B. You must enable the AppTrack feature within the Internet zone configuration
• C. You must enable the AppTrack feature within the User zone configuration
• D. You must enable the AppTrack feature within the ingress interface configuration associated with the Internet zone

Answer: D

NEW QUESTION 56
You are deploying the Junos application firewall feature in your network In this scenario, which two elements are mapped to applications in the application system cache? (Choose two.)

• A. source IP address
• B. destination IP address
• C. source port
• D. destination port

Answer: B,C

NEW QUESTION 57
What is the default timeout period for a TCP session in the session table of a Junos security device?

• A. 15 minutes
• B. minute '
• C. 30 minutes
• D. 60 minutes

Answer: C

NEW QUESTION 58
......

Recommended Online Course: Juniper Security

The Juniper Security (JSEC) course is a five-day training program that features the Junos Space, CLI, and Junos J-Web to validate the candidates’ ability to manage the concepts of Juniper Connected Security. Plus, it has extensive demonstrations and hands-on labs to give the students detailed experience in monitoring and configuring the basic device operations and the Juniper Junos OS. At the beginning of your training, Juniper expects that you must have already demonstrated your capability to work with the Juniper OS Release 19.1R1.6, JSA v7.3.2, JATP 5.0.6.0, Security Director 19.1R1, Junos Space 19.1R1, and JIMS 1.1.5R1, which form a critical component of the online course. All candidates looking to enroll in this course must also have fundamental networking knowledge in addition to proven experience working with the Open Systems Interconnection (OSI) and TCP/IP suite. Besides, they must have registered for and passed the mid-level Juniper Security course. In a nutshell, the Juniper Security (JSEC) course outline is divided into specific sections, according to what the candidates will be covering every day of the training. On the first day, the instructors will introduce the course. Then, in the next session, they will give a brief overview of the CLI and also cover advanced security policy, application security theory, application security implementation, and intrusion prevention alongside detection. On the second day, applicants will get into security director, Sky ATP implementation, and policy enforcer. Here, candidates will cover such topics as email scanning, Geo IP, the object for the security director, file scanning, and configuration options. On the third day, you should be required to demonstrate your knowledge of JATP implementation, JATP overview, and Juniper Secure Analytics under the subtopics of traffic inspection, data collection, log ingestion, JSA overview, reporting, and incident management to mention a few. On the fourth day, the experienced instructors will now switch their focus to JIMS, SSL Proxy, vSRX, and cSRX. Here, the training will then cover the concepts of SSL proxy configurations, JIMS integration, vSRX use cases, cSRX overview, and vSRX outline. On the last day, the topics of cluster concepts, chassis cluster implementation, and chassis cluster troubleshooting will be extensively covered. This means you must understand chassis cluster configuration and advanced options, chassis cluster case studies, troubleshooting examples, and chassis cluster operations.

Juniper JN0-334 Exam Syllabus Topics:

Latest 2022 Realistic Verified JN0-334 Dumps - 100% Free JN0-334 Exam Dumps: https://pass4sure.test4cram.com/JN0-334_real-exam-dumps.html