Latest Real JN0-332 Tests Dumps and VCE Exam Questions 381-390

EnsurepassQUESTION 381 — Exhibit – — Exhibit — Click the Exhibit button. A server in the DMZ of your company is under attack. The attacker is opening a large number of TCP connections to your server which causes resource utilization problems on the server. All of the connections from the attacker appear to be coming from a single IP address. Referring to the exhibit, which Junos Screen option should you enable to limit the effects of the attack while allowing legitimate traffic? A. Apply the Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 371-380

EnsurepassQUESTION 371 Which two criteria does the enhanced Web filtering solution use to make decisions? (Choose two.) A. site reputation B. keyword in the document                 C. results of antivirus scan D. category   Answer: A,D     QUESTION 372 — Exhibit — [edit interfaces] ge-0/0/1 { unit 0 { family ethernet-switching { vlan { members vlan-trust; } } } } [edit vlans] vlan-trust { vlan-id 3; l3-interface Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 361-370

EnsurepassQUESTION 361 Which three Unified Threat Management features require a license? (Choose three.) A. antivirus B. surf control Web filtering C. Websense Web filtering D. content filtering E. antispam   Answer: A,B,E     QUESTION 362 Which global UTM configuration parameter contains lists, such as MIME patterns, filename extensions, and URL patterns, that can be used across all UTM features? A. custom objects B. feature profile C. UTM policy D. address sets   Answer: A Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 351-360

EnsurepassQUESTION 351 What is supported on the fabric link? A. jumbo frames B. filters C. fragmentation D. policies   Answer: A     QUESTION 352 You are asked to establish a chassis cluster between two SRX Series devices. You must ensure that end-to-end connectivity is monitored and that the redundancy group will fail over to the other node if the remote device becomes unreachable. What would ensure this behavior? A. Bidirectional Forwarding Detection B. real-time performance monitoring Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 341-350

EnsurepassQUESTION 341 You are asked to implement the hashing algorithm that uses the most bits in the calculation on your Junos security device. Which algorithm should you use? A. SHA-512 B. SHA-256 C. MD5-Plus D. MD5   Answer: B     QUESTION 342 You are asked to establish an IPsec VPN to a remote device whose IP address is dynamically assigned by the ISP. Which IKE Phase 1 mode must you use? A. passive B. aggressive C. main D. quick   Answer: B     QUESTION 343 Which Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 331-340

EnsurepassQUESTION 331 During packet flow on an SRX Series device, which two processes occur before route lookup? (Choose two.) A. static NAT B. destination NAT C. source NAT D. reverse static NAT   Answer: A,B     QUESTION 332 Which Junos NAT implementation requires the use of proxy ARP? A. destination NAT using a pool outside the IP network of the device’s interface B. source NAT using the device’s egress interface C. source NAT using a pool in the same IP network as the device’s Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 321-330

EnsurepassQUESTION 321 You want to authenticate users accessing an internal FTP server using the SRX Series Services Gateway. You also want to use an internal LDAP server as the authentication server. What will satisfy this requirement? A. a security policy with authentication redirection B. pass-through firewall user authentication C. captive portal D. Web firewall user authentication   Answer: B     QUESTION 322 Which two settings in the options field of an IP header will Junos Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 311-320

EnsurepassQUESTION 311 Which two statements are correct regarding the security policy parameter policy-rematch? (Choose two.) A. Configuration changes to existing policies do not impact current sessions. B. Configuration changes to existing policies cause re-evaluation of current sessions. C. Configuration changes to the action field of a policy from permit to either deny or reject cause all existing sessions to drop. D. Configuration changes to the action field of a policy from permit to either Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 301-310

EnsurepassQUESTION 301 Which two statements are true about zones? (Choose two.) A. Null zones accept all traffic to and from an interface. B. Security zones filter transit traffic and traffic destined for the device itself. C. Functional zones filter transit traffic and traffic destined for the device itself. D. Functional zones do not pass transit traffic and allow only management access to the device.   Answer: B,D     QUESTION 302 Which statement is true about factory-default zones? Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 291-300

EnsurepassQUESTION 291 Which Junos security feature helps protect against spam, viruses, trojans, and malware? A. session-based stateful firewall B. IPsec VPNs C. security policies D. Unified Threat Management   Answer: D  The major features of Unified Threat Management (UTM); A branch office network in today’s market significantly contributes to the bottom line and is central to an organization’s success. Branch offices normally include a relatively smaller number of computing resources Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 281-290

EnsurepassQUESTION 281 You are implementing an IDP policy template from Juniper Networks. Which three steps are included in this process? (Choose three.) A. activating a JUNOS Software commit script? B. configuring an IDP groups statement C. setting up a chassis cluster D. downloading the IDP policy templates E. installing the policy templates   Answer: A,D,E     QUESTION 282 Which statement regarding the implementation of an IDP policy template is true? A. IDP policy templates are Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 271-280

EnsurepassQUESTION 271 Regarding secure tunnel (st) interfaces, which statement is true? A. You cannot assign st interfaces to a security zone. B. You cannot apply static NAT on an st interface logical unit. C. st interfaces are optional when configuring a route-based VPN. D. A static route can reference the st interface logical unit as the next-hop.   Answer: D     QUESTION 272 What are three benefits of using chassis clustering? (Choose three.) A. Provides stateful session failover Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 261-270

EnsurepassQUESTION 261 Regarding an IPsec security association (SA), which two statements are true? (Choose two.) A. IKE SA is bidirectional. B. IPsec SA is bidirectional. C. IKE SA is established during phase 2 negotiations. D. IPsec SA is established during phase 2 negotiations.   Answer: A,C     QUESTION 262 Which operational mode command displays all active IPsec phase 2 security associations? A. show ike security-associations B. show ipsec security-associations C. show security Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 251-260

EnsurepassQUESTION 251 Click the Exhibit button. [edit security policies] from-zone trust to-zone untrust { policy AllowHTTP{ match { source-address HOSTA; destination-address any; application junos-ftp; } then { permit; }} policy AllowHTTP2{ match { source-address any; destination-address HOSTA; application junos-http; } then { permit; }} policy AllowHTTP3{ match { source-address any; destination-address any; application any; } then { permit; }}} A flow of HTTP traffic needs to go from HOSTA to Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 241-250

EnsurepassQUESTION 241 Which two commands can be used to monitor firewall user authentication? (Choose two.) A. show access firewall-authentication B. show security firewall-authentication users C. show security audit log D. show security firewall-authentication history   Answer: B,D     QUESTION 242 Which two statements regarding external authentication servers for firewall user authentication are true? (Choose two.) A. Up to three external authentication server types can be used Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 231-240

EnsurepassQUESTION 231 Which two steps are performed when configuring a zone? (Choose two.) A. Define a default policy for the zone. B. Assign logical interfaces to the zone. C. Assign physical interfaces to the zone. D. Define the zone as a security or functional zone.   Answer: B,D     QUESTION 232 You want to allow all hosts on interface ge-0/0/0.0 to be able to ping the device’s ge- 0/0/0.0 IP address. Where do you configure this functionality? A. [edit interfaces] B. [edit security Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 221-230

EnsurepassQUESTION 221 Which three functions are provided by JUNOS Software for security platforms? (Choose three.) A. VPN establishment B. stateful ARP lookups C. Dynamic ARP inspection D. Network Address Translation E. inspection of packets at higher levels (Layer 4 and above)   Answer: A,D,E     QUESTION 222 Which two functions of JUNOS Software are handled by the data plane? (Choose two.) A. NAT B. OSPF C. SNMP D. SCREEN options   Answer: A,D     QUESTION 223 In Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 211-220

EnsurepassQUESTION 211 Click the Exhibit button. Which type of source NAT is configured in the exhibit? A. interface-based source NAT B. static source NAT C. pool-based source NAT with PAT D. pool-based source NAT without PAT   Answer: A     QUESTION 212 Click the Exhibit button. — Exhibit — user@host> show security utm web-filtering statistics UTM web-filtering statistics: Total requests:  298171 white list hit: 0 Black list hit: 0 Queries to server:  17641 Server Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 201-210

EnsurepassQUESTION 201 Which two traffic types trigger pass-through firewall user authentication? (Choose two.) A. SSH B. ICMP C. Telnet D. FTP   Answer: C,D     QUESTION 202 How does the antivirus feature operate once the antivirus license has expired? A. Any traffic matching a UTM policy will be dropped. B. Any traffic matching a UTM policy will be permitted. C. Any traffic matching a UTM policy will be correctly evaluated with the existing set of antivirus signatures. D. Any traffic Read more […]

Continue reading


Latest Real JN0-332 Tests Dumps and VCE Exam Questions 191-200

EnsurepassQUESTION 191 Your task is to provision the Junos security platform to permit transit packets from the Private zone to the External zone and send them through the IPsec VPN. You must also have the device generate a log message when the session ends. Which configuration meets this requirement? A. [edit security policies from-zone Private to-zone External] user@host# show policy allowTransit { match { source-address PrivateHosts; destination-address ExtServers; application ExtApps; } then Read more […]

Continue reading