JN0-1332 Dumps PDF - JN0-1332 Real Exam Questions Answers [Q20-Q44] : Exams Labs Braindumps : http://blog.examslabs.com

NEW QUESTION 20
Your company just purchased another company that uses the same IP address space as your company. You are asked to design a solution that allows both company’s to use each other’s IT resources. Which two actions would you use to accomplish this task? (Choose two.)

Implement double NAT

Implement two non-overlapping equal-size address blocks

Implement three non-overlapping equal-size address blocks.

Implement persisted mat

NEW QUESTION 21
You are designing a service provider network. As part of your design you must ensure that the OSPF, BGP, and RSVP protocol communications are secured using the same authentication method. Which authentication protocol will accomplish this task?

HMAC-MD5

simple authentication

SHA-RSA

SHA-256

NEW QUESTION 22
What are two factors you must consider when designing a network for security intelligence? (Choose two.)

the number and model of JSA Series devices

the third-party management application

the number and model of SRX Series devices

the Junos OS version

NEW QUESTION 23
When using Contra! networking, security policies are distributed as access control list to which component?

vSwith

vSRX

vMX

vRouter

NEW QUESTION 24
You arc asked to proud a design proposal to secure a service provider’s network against IP spoofing As part of your design, you must ensure that only traffic sourced from the same subnet is followed on the customer-facing interfaces. Which solution will satisfy this requirement?

BGP with source of origin community

unicast RPF with strict mode

unicast RPF with loose mode

BGP labeled-unicast using the resolve-vpn option

NEW QUESTION 25
Refer to the Exhibit.

You are asked to provide a proposal for security elements in the service provider network shown in the exhibit. You must provide DOoS protection for Customer A from potential upstream attackers.
Which statements correct in this scenario?

You should implement DDoS protection to drop offending traffic on the edge devices closest to the destination of the attack.

You should implement DDoS protection to drop offending traffic on the edge devices closest to the source of the attack.

You should implement DDoS protection to drop offending traffic on the core devices.

You should implement DDoS protection to drop offending traffic on the customer edge device.

NEW QUESTION 26
Which firewall service is used as a first line of defense and often used by a security device to protect itself?

intrusion prevention system

unified Threat management

network address translation

stateless firewall filter

NEW QUESTION 27
You want to reduce the possibility of your data center’s server becoming an unwilling participant in a DDoS attack When tvA3 features should you use on your SRX Series devices to satisfy this requirement? (Choose two.)

dynamic IPsec tunnels

Juniper ATP Cloud GeolP

UTMWebtaering

Juniper ATP Cloud CC feeds

NEW QUESTION 28
What are two reasons for using a cSRX instance over a vSRX instance? (Choose two )

cSRX instances launch faster than vSRX instances

cSRX instances share the host OS unlike vSRX instances.

A cSRX instance uses more memory but uses less disk space than a vSRX instance

A cSRX instance supports more features than a vSRX instance

NEW QUESTION 29
Your network design requires that you ensure privacy between WAN endpoints.
Which transport technology requires an IPsec overlay to satisfy this requirement?

L3VPN

leased line

internet

L2VPN

NEW QUESTION 30
You are a security architect for a small managed service provider. The marketing team has proposed providing firewall services to the customers.
The requirements for the solution are shown below
— The customer must be able 10 manage their own security device.
— You must provide segmentation using Layer 2 and Layer 3.
— You need to implement dynamic routing
— You need to provide UTM services
in this scenario. which product would you select to provide the firewall services?

cSRX

vSRX

vMX

vQFX

NEW QUESTION 31
You must secure network access by requiring users to log in through an HTTP browser, while also allowing printers to connect to the network using MAC address validation. What will satisfy these requirements?

captive portal

guest VLAN

MAC RADIUS

802. IX multiple supplicant

NEW QUESTION 32
Physical security devices are ”blind” to which type of traffic?

bare metal server to VM

private VLAN

intra-server traffic

management

NEW QUESTION 33
You are designing an IP camera solution for your warehouse You must block command and control servers from communicating with the cameras. In this scenario. which two products would you need to include in your design? (Choose two)

SRX Series device

Security Director

Juniper ATP Cloud

IPS

NEW QUESTION 34
You are asked to implement Jumper AppSecure to increase application security. You want to analyze specific application usage In this scenario. which AppSecure feature would accomplish this task?

AppQoS

AppTrack

AppFW

IDP/IP

NEW QUESTION 35
As part of a design requirement you are asked to allow users in a specific department to authenticate only on their laptops and no other devices on the same network port. Which mode of 802 .1X authentication will you use to satisfy this requirement?

multiple

single-secure

single

MAC RADIUS

NEW QUESTION 36
Which technology enables IPS inspection for users browsing websites that use Transport Layer Security (TLS)?

SSL reverse proxy

defense in-depth

SSL forward proxy

screens

NEW QUESTION 37
You are asked to perform a risk assessment for a core layer switch in your data center. After analyze the Annual loss Expectancy (ALE) for this switch, you conclude that the risk remediation strategy involves purchasing insurance to protect against losses due to compromise or failure.
This scenario describes which risk remediation strategy?

risk transfer

risk mitigation

risk avoidance

risk acceptance

NEW QUESTION 38
Which solution would you deploy to accomplish this task?

Junes Space Log Director

Juniper Networks Central insights

Junos Space Security Director

Juniper Networks Secure Analytics

NEW QUESTION 39
Which feature is evaluated first when a packet is received on an interface of an SRX Series device?

UTM

ALG

stateless firewall filter

screens

NEW QUESTION 40
Refer to the exhibit.

The SRX Series devices are decoyed in an off-path active/passive Cluster configuration What are two advantages of this deployment model over an active-‘active duster configuration’ (Choose two)

load-balancing of east/west traffic

load-balancing of north/south traffic

reduced latency

reduced fabric link traffic

NEW QUESTION 41
Which two features would provide protection from known malware? (Choose two.)

ALGs

screens

Junker ATP Cloud

IPS

NEW QUESTION 42
Exhibit.

In the 3-tier VPN design shown in the exhibit, which function are the Campus A and Campus B SRX Series devices performing?

Internet security gateway

data center firewall

WAN aggregation

VPN bridging

NEW QUESTION 43
Which two steps should be included in your security design process? (Choose two )

Define an overall routing strategy

identity external attackers

Identify permitted communications

Identify security requirements for the customer’s organization

NEW QUESTION 44
According to Juniper Networks, what are two focus points when designing a secure network? (Choose two.)

performance

automation

distributed control

classification

JN0-1332 Dumps PDF - JN0-1332 Real Exam Questions Answers [Q20-Q44]

Juniper JN0-1332 Exam Topics:

Juniper JN0-1332 Exam Certification Details: