ExamGecko
Home / Juniper / JN0-335
Ask Question

JN0-335: Security, Specialist

Vendor:
Exam Questions:
98
 Learners
  2.370
Last Updated
February - 2025
Language
English
3 Quizzes
PDF | VPLUS

Exam Number: JN0-335

Exam Name: Security, Specialist

Length of test: 90 mins

Exam Format: Multiple-choice, Drag and Drop, and HOTSPOT questions.

Exam Language: English

Number of questions in the actual exam: 65 questions

Passing Score: 70%

Topics Covered:

  • Application Security: Concepts, operation, or functionality of application security, including application firewall, application quality of service (QoS), application ID, and advanced policy-based routing (APBR).

  • Intrusion Detection and Prevention (IDP/IPS): Concepts, operation, or functionality of IDP/IPS, including IPS database management, IPS policy, and application intrusion detection and prevention.

  • Security Policies: Concepts, operation, or functionality of security policies, including application layer gateways (ALGs), logging, session management, scheduling, and unified security policies.

  • Advanced Threat Prevention (ATP): Concepts, operation, or functionality of Juniper Advanced Threat Prevention Cloud or on-premise appliances, including supported files, components, security feeds, traffic remediation, workflow, encrypted traffic insights (ETIs), DNS and IoT security, and adaptive threat profiling.

  • High Availability (HA) Clustering: Concepts, operation, or functionality of HA clustering, including HA features and characteristics, deployment requirements and considerations, chassis cluster characteristics and operation, and real-time objects and state synchronization.

  • Virtualized Security: Concepts, general features, or functionality of virtualized security using vSRX or cSRX, including installation, deployment scenarios, and troubleshooting.

This study guide should help you understand what to expect on the JN0-335 exam and includes a summary of the topics the exam might cover and links to additional resources. The information and materials in this document should help you focus your studies as you prepare for the exam.

Related questions

Which two statements are correct about the Junos IPS feature? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Which two statements are true about mixing traditional and unified security policies? (Choose two.)

When a packet matches a unified security policy, the evaluation process terminates
When a packet matches a unified security policy, the evaluation process terminates
Traditional security policies must come before unified security policies
Traditional security policies must come before unified security policies
Unified security policies must come before traditional security policies
Unified security policies must come before traditional security policies
When a packet matches a traditional security policy, the evaluation process terminates
When a packet matches a traditional security policy, the evaluation process terminates
Suggested answer: A, D
asked 18/09/2024
Sushil Karki
38 questions

Which statement defines the function of an Application Layer Gateway (ALG)?

Become a Premium Member for full access
  Unlock Premium Member

What are three capabilities of AppQoS? (Choose three.)

re-write DSCP values
re-write DSCP values
assign a forwarding class
assign a forwarding class
re-write the TTL
re-write the TTL
rate-limit traffic
rate-limit traffic
reserve bandwidth
reserve bandwidth
Suggested answer: A, B, E
Explanation:

AppQoS (Application Quality of Service) is a Junos OS feature that provides advanced control and prioritization of application traffic. With AppQoS, you can classify application traffic, assign a forwarding class to the traffic, and apply quality of service (QoS) policies to the traffic. You can also re-write DSCP values and reserve bandwidth for important applications. However, AppQoS does not re-write the TTL or rate-limit traffic.

Source: Juniper Networks, Security, Specialist (JNCIS-SEC) Study Guide. Chapter 3: AppSecure. Page 66-67.

asked 18/09/2024
AshokBabu Kumili
43 questions

Which two sources are used by Juniper Identity Management Service (JIMS) for collecting username and device IP addresses? (Choose two.)

Microsoft Exchange Server event logs
Microsoft Exchange Server event logs
DNS
DNS
Active Directory domain controller event logs
Active Directory domain controller event logs
OpenLDAP service ports
OpenLDAP service ports
Suggested answer: B, C
Explanation:

Juniper Identity Management Service (JIMS) collects username and device IP addresses from both DNS and Active Directory domain controller event logs. DNS is used to resolve hostnames to IP addresses, while Active Directory domain controller event logs are used to get information about user accounts, such as when they last logged in.

asked 18/09/2024
Joe Mon
29 questions

What are two requirements for enabling AppQoE? (Choose two.)

You need two SRX Series device endpoints.
You need two SRX Series device endpoints.
You need two SRX Series or MX Series device endpoints.
You need two SRX Series or MX Series device endpoints.
You need an APPID feature license.
You need an APPID feature license.
You need to configure AppQoE for reverse traffic.
You need to configure AppQoE for reverse traffic.
Suggested answer: B, C
Explanation:

AppQoE is a feature that enables you to monitor and optimize the quality of experience for applications on your network. It uses application-aware routing and dynamic path selection to choose the best path for each application based on predefined or custom SLA profiles. AppQoE also provides visibility and reporting on application performance and network conditions. Two requirements for enabling AppQoE are:

You need two SRX Series or MX Series device endpoints: AppQoE can be configured between two SRX Series device endpoints or between an SRX Series device and an MX Series device in a hub-and-spoke or full mesh topology. The devices must run the same version of Junos OS and have the same AppQoE configuration.

You need an APPID feature license: AppQoE requires an APPID feature license to be installed on the SRX Series device. The APPID feature license enables application identification and classification, which are essential for AppQoE to work.

asked 18/09/2024
frederic dohen
36 questions

Which two statements are true about the vSRX? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

You want to show tabular data for operational mode commands.

In this scenario, which logging parameter will provide this function?

Become a Premium Member for full access
  Unlock Premium Member

Which solution enables you to create security policies that include user and group information?

JIMS
JIMS
ATP Appliance
ATP Appliance
Network Director
Network Director
NETCONF
NETCONF
Suggested answer: A
Explanation:

The solution that enables you to create security policies that include user and group information is JIMS (Juniper Identity Management Service). JIMS collects and maintains a large database of user, device, and group information from Active Directory domains or syslog sources, and enables SRX Series devices to rapidly identify thousands of users in a large, distributed enterprise. With JIMS, you can create security policies that include user and group information, and enforce user-based access control policies to protect network resources.

asked 18/09/2024
Kaliannan K
33 questions

Exhibit

Juniper JN0-335 image Question 37 50535 09182024211155000000

You just finished setting up your command-and-control (C&C) category with Juniper ATP Cloud. You notice that all of the feeds have zero objects in them.

Which statement is correct in this scenario?

The security intelligence policy must be configured; on a unified security policy
The security intelligence policy must be configured; on a unified security policy
Use the commit full command to start the download.
Use the commit full command to start the download.
No action is required, the feeds take a few minutes to download.
No action is required, the feeds take a few minutes to download.
Set the maximum C&C entries within the Juniper ATP Cloud GUI.
Set the maximum C&C entries within the Juniper ATP Cloud GUI.
Suggested answer: C
Explanation:

According to the Juniper Networks JNCIS-SEC Study Guide, when you set up your command-and-control (C&C) category with Juniper ATP Cloud, all of the feeds will initially have zero objects in them. This is normal, as it can take a few minutes for the feeds to download. No action is required in this scenario and you will notice the feeds start to populate with objects once the download is complete.

asked 18/09/2024
Krishna chaithanya
38 questions