Download Juniper.JN0-335.CertDumps.2023-07-07.65q.tqb
| Vendor: | Juniper |
| Exam Code: | JN0-335 |
| Exam Name: | Security, Specialist |
| Date: | Jul 07, 2023 |
| File Size: | 5 MB |
Demo Questions
Question 1
Regarding static attack object groups, which two statements are true? (Choose two.)
- Matching attack objects are automatically added to a custom group.
- Group membership automatically changes when Juniper updates the IPS signature database.
- Group membership does not automatically change when Juniper updates the IPS signature database.
- You must manually add matching attack objects to a custom group.
Correct answer: BC
Explanation:
static attack object groups are predefined groups of attack objects that are included in Juniper’s IPS signature database. These groups do not change automatically when Juniper updates the database2. static attack object groups are predefined groups of attack objects that are included in Juniper’s IPS signature database. These groups do not change automatically when Juniper updates the database2.
Question 2
You are deploying a new SRX Series device and you need to log denied traffic.
In this scenario, which two policy parameters are required to accomplish this task? (Choose two.)
- session-init
- session-close
- deny
- count
Correct answer: BC
Explanation:
you need to create a global firewall rulebase that matches RT_FLOW_SESSION_DENY events2. To do this, you need to specify two policy parameters: deny and session-close3. you need to create a global firewall rulebase that matches RT_FLOW_SESSION_DENY events2. To do this, you need to specify two policy parameters: deny and session-close3.
Question 3
You are asked to reduce the load that the JIMS server places on your Which action should you take in this situation?
- Connect JIMS to the RADIUS server
- Connect JIMS to the domain Exchange server
- Connect JIMS to the domain SQL server.
- Connect JIMS to another SRX Series device.
Correct answer: D
Explanation:
JIMS server is a Juniper Identity Management Service that collects user identity information from different authentication sources for SRX Series devices12. It can connect to SRX Series devices and CSO platform in your network1. JIMS server is a service that protects corporate resources by authenticating and restricting user access based on roles2. It connects to SRX Series devices and CSO platform to provide identity information for firewall policies1. To reduce the load that JIMS server places on your network, you should connect JIMS to another SRX Series device1. This way, you can distribute the identity information among multiple SRX Series devices and reduce network traffic. JIMS server is a Juniper Identity Management Service that collects user identity information from different authentication sources for SRX Series devices12. It can connect to SRX Series devices and CSO platform in your network1.
JIMS server is a service that protects corporate resources by authenticating and restricting user access based on roles2. It connects to SRX Series devices and CSO platform to provide identity information for firewall policies1. To reduce the load that JIMS server places on your network, you should connect JIMS to another SRX Series device1. This way, you can distribute the identity information among multiple SRX Series devices and reduce network traffic.
