ExamGecko
Search Search Login
Home Home / Juniper / JN0-335
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which two statements are correct about the Junos IPS feature? (Choose two.)
You want to show tabular data for operational mode commands. In this scenario, which logging parameter will provide this function?
Which two devices would you use for DDoS protection with Policy Enforcer? (Choose two.)
Which solution enables you to create security policies that include user and group information?
Which two sources are used by Juniper Identity Management Service (JIMS) for collecting username and device IP addresses? (Choose two.)
You want to manually failover the primary Routing Engine in an SRX Series high availability cluster pair. Which step is necessary to accomplish this task?
What are three capabilities of AppQoS? (Choose three.)
Exhibit You just finished setting up your command-and-control (C&C) category with Juniper ATP Cloud. You notice that all of the feeds have zero objects in them. Which statement is correct in this scenario?
You are asked to implement IPS on your SRX Series device. In this scenario, which two tasks must be completed before a configuration will work? (Choose two.)
Which two features are configurable on Juniper Secure Analytics (JSA) to ensure that alerts are triggered when matching certain criteria? (Choose two.)

Question 86 - JN0-335 discussion

Report
Export

Which two statements are correct about the Junos IPS feature? (Choose two.)

A.
IPS is integrated as a security service on SRX Series devices.
Answers
A.
IPS is integrated as a security service on SRX Series devices.
B.
IPS uses sandboxinQ to detect unknown attacks.
Answers
B.
IPS uses sandboxinQ to detect unknown attacks.
C.
IPS is a standalone platform running on dedicated hardware or as a virtual device.
Answers
C.
IPS is a standalone platform running on dedicated hardware or as a virtual device.
D.
IPS uses protocol anomaly rules to detect unknown attacks.
Answers
D.
IPS uses protocol anomaly rules to detect unknown attacks.
Suggested answer: A, D

Explanation:

Junos IPS is a feature that provides intrusion prevention and detection services on SRX Series devices. It monitors network traffic and compares it against predefined signatures or custom rules to identify and block malicious or unwanted packets. Two statements that are correct about the Junos IPS feature are:

IPS is integrated as a security service on SRX Series devices: Junos IPS is not a separate platform or device, but a security service that runs on SRX Series firewalls. It can be enabled and configured as part of the security policy on the SRX Series device and applied to specific zones, interfaces, or traffic flows.

IPS uses protocol anomaly rules to detect unknown attacks: Junos IPS uses two types of rules to detect attacks: signature rules and protocol anomaly rules. Signature rules match traffic against known attack patterns or signatures and block them based on predefined actions. Protocol anomaly rules detect deviations from the expected behavior or structure of common protocols, such as TCP, UDP, ICMP, etc. Protocol anomaly rules can help identify unknown or zero-day attacks that may not have a signature yet.

Show Answer
asked 18/09/2024
Sandeep Ramakrishnan
49 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms