Security, Specialist (JNCIS-SEC) v1.0
Question 1
Click the Exhibit button.
Referring to the SRX Series flow module diagram shown in the exhibit, where is application security processed?
- A. Forwarding Lookup
- B. Services ALGs
- C. Security Policy
- D. Screens
Answer : B
Question 2
You want to deploy a virtualized SRX in your environment.
In this scenario, why would you use a vSRX instead of a cSRX? (Choose two.)
- A. The vSRX supports Layer 2 and Layer 3 configurations.
- B. Only the vSRX provides clustering.
- C. The vSRX has faster boot times.
- D. Only the vSRX provides NAT, IPS, and UTM services.
Answer : AB
Question 3
Click the Exhibit button.
Referring to the exhibit, which two statements are true? (Choose two.)
- A. Nancy logged in to the juniper.net Active Directory domain.
- B. The IP address of Nancy's client PC is 172.25.11.140.
- C. The IP address of the authenticating domain controller is 172.25.11.140.
- D. Nancy is a member of the Active Directory sales group.
Answer : AB
Question 4
Which method does the IoT Security feature use to identify traffic sourced from IoT devices?
- A. The SRX Series device streams metadata from the IoT device transit traffic to Juniper ATP Cloud.
- B. The SRX Series device streams transit traffic received from the IoT device to Juniper ATP Cloud.
- C. The SRX Series device identifies IoT devices using their MAC addresses.
- D. The SRX Series device identifies IoT devices from metadata extracted from their transit traffic.
Answer : D
Question 5
Which two statements are true about the fab interface in a chassis cluster? (Choose two.)
- A. The fab link does not support fragmentation.
- B. The physical interface for the fab link must be specified in the configuration.
- C. The fab link supports traditional interface features.
- D. The Junos OS supports only one fab link.
Answer : AB
Question 6
After JSA receives external events and flows, which two steps occurs? (Choose two.)
- A. After formatting the data, the data is stored in an asset database.
- B. Before formatting the data, the data is analyzed for relevant information.
- C. Before the information is filtered, the information is formatted.
- D. After the information is filtered, JSA responds with active measures.
Answer : BC
Question 7
Which two statements are correct about SSL proxy server protection? (Choose two.)
- A. You do not need to configure the servers to use the SSL proxy function on the SRX Series device.
- B. You must load the server certificates on the SRX Series device.
- C. The servers must be configured to use the SSL proxy function on the SRX Series device.
- D. You must import the root CA on the servers.
Answer : AB
Question 8
Which two statements are correct about chassis clustering? (Choose two.)
- A. The node ID value ranges from 1 to 255.
- B. The node ID is used to identify each device in the chassis cluster.
- C. A system reboot is required to activate changes to the cluster ID.
- D. The cluster ID is used to identify each device in the chassis cluster.
Answer : BC
Question 9
You want to use IPS signatures to monitor traffic.
Which module in the AppSecure suite will help in this task?
- A. AppTrack
- B. AppQoS
- C. AppFW
- D. APPID
Answer : C
Question 10
Which two statements are correct about JSA data collection? (Choose two.)
- A. The Event Collector collects information using BGP FlowSpec.
- B. The Flow Collector can use statistical sampling.
- C. The Flow Collector parses logs.
- D. The Event Collector parses logs.
Answer : BD
Question 11
You are asked to find systems running applications that increase the risks on your network. You must ensure these systems are processed through IPS and Juniper ATP Cloud for malware and virus protection.
Which Juniper Networks solution will accomplish this task?
- A. JIMS
- B. Encrypted Traffic Insights
- C. UTM
- D. Adaptive Threat Profiling
Answer : D
Question 12
Click the Exhibit button.
Which two statements are correct about the configuration shown in the exhibit? (Choose two.)
- A. The session-close parameter is only used when troubleshooting.
-
B.
The others 300 parameter means unidentified traffic flows will be dropped in 300 milliseconds.
B. Every session that enters the SRX Series device will generate an event. - C. Replacing the session-init parameter with session-close will log unidentified flows.
Answer : BC
Question 13
Your company is using the Juniper ATP Cloud free model. The current inspection profile is set at 10 MB. You are asked to configure ATP Cloud so that executable files up to 30 MB can be scanned while at the same time minimizing the change in scan time for other file types.
Which configuration should you use in this scenario?
- A. Use the CLI to create a custom profile and increase the scan limit for executable files to 30 MB.
- B. Use the ATP Cloud UI to change the default profile to increase the scan limit for all files to 30 MB.
- C. Use the CLI to change the default profile to increase the scan limit for all files to 30 MB.
- D. Use the ATP Cloud UI to update a custom profile and increase the scan limit for executable files to 30 MB.
Answer : D
Question 14
You are configuring logging for a security policy.
In this scenario, in which two situations would log entries be generated? (Choose two.)
- A. every 10 minutes
- B. at session initialization
- C. every 60 seconds
- D. at session close
Answer : BD
Question 15
Click the Exhibit button.
When trying to set up a server protection SSL proxy, you receive the error shown in the exhibit.
What are two reasons for this error? (Choose two.)
- A. The SSL proxy certificate ID is part of a blocklist.
- B. The SSL proxy certificate ID does not have the correct renegotiation option set.
- C. The SSL proxy certificate ID is for a forwarding proxy.
- D. The SSL proxy certificate ID does not exist.
Answer : CD