Free Security, Specialist (JNCIS-SEC) Exam JN0-334 Exam Practice Test

You must ensure that all encrypted traffic passing through your SRX device uses strong protocols and ciphers.Which feature should you implement to satisfy this requirement?

• SSL proxy
• AppSecure
• JIMS
• JATP

Which feature supports sandboxing of zero-day attacks?

• Sky ATP
• SSL proxy
• ALGs
• high availability

Which two statements are correct about server-protection SSP proxy? (Choose two.)

• The server-protection SSL proxy intercepts the server certificate.
• The server-protection SSL proxy is also known as SSL reverse proxy.
• The server-protection SSL proxy forwards the server certificate after modification.
• The server-protection SSL proxy acts as the server from the client's perspective. https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-ssl-proxy.html

Your network uses a remote e-mail server that is used to send and receive e-mails for your users.In this scenario, what should you do to protect users from receiving malicious files thorugh e-mail?

• Deploy Sky ATP IMAP e-mail protection
• Deploy Sky ATP MAPI e-mail protection
• Deploy Sky ATP SMTP e-mail protection
• Deploy Sky ATP POP3 e-mail protection

What are two elements of a custom IDP/IPS attack object? (Choose two.)

• the attack signature
• the severity of the attack
• the destination zone
• the exempt rulebase

What are two examples of RTOs? (Choose two.)

• IPsec SA entries
• session table entries
• fabric link probes
• control link heartbeats The data plane software creates RTOs for UDP and TCP sessions and tracks state changes. It also synchronizes traffic for IPv4 pass-through protocols such as Generic Routing Encapsulation (GRE) and IPsec. https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-chassis-cluster-data-plane-interfaces.html#id-45975

Which feature is used when you want to permit traffic on an SRX Series device only at specific times?

• scheduler
• pass-through authentication
• ALGs
• counters

When considering managed sessions, which configuration parameter determines how full the session table must be to implement the early age-out function? (Choose two)

• session service timeout
• high waremark
• low watermark
• policy rematch

Which two statements are true about virtualized SRX Series devices? (Choose two.)

• vSRX cannot be deployed in transparent mode.
• cSRX can be deployed in routed mode.
• cSRX cannot be deployed in routed mode.
• vSRX can be deployed in transparent mode. https://www.juniper.net/documentation/en_US/csrx/information-products/pathway-pages/security-csrx-contrail-guide-pwp.pdf

Which two session parameters would be used to manage space on the session table? (Choose two.)

• low watermark
• high watermark
• TCP MSS
• TCP RST