Juniper JN0-1332 today updated questions - Verified by Juniper Experts

Security Design Specialist (JNCDS-SEC) Questions and Answers

Question 1

When designing the security for a service provider core router, you are asked to add a firewall fitter on the to0 interface in this scenario, which two protocols would you want to allow through the filter? (Choose two.)

Options:

LLDP

SSH

BGP

STP

Question 2

You are designing a security solution that includes SRX Series firewalls in a chassis cluster.

In this scenario. which two dements must be part of the design? (Choose two.)

Options:

The physical interface on each SRX Series device making up the reth interface must be in the same L2 domain

The physical interface on each SRX Series device making up the reth interface must be in separate L2 domains

The duster ID must be the same on both SRX Series devices

The node 10 must be the same on both SRX Series devices

Question 3

Refer to the Exhibit.

You are asked to provide a proposal for security elements in the service provider network shown in the exhibit. You must provide DOoS protection for Customer A from potential upstream attackers.

Which statements correct in this scenario?

Options:

You should implement DDoS protection to drop offending traffic on the edge devices closest to the destination of the attack.

You should implement DDoS protection to drop offending traffic on the edge devices closest to the source of the attack.

You should implement DDoS protection to drop offending traffic on the core devices.

You should implement DDoS protection to drop offending traffic on the customer edge device.

Question 4

Which solution would you deploy to accomplish this task?

Options:

Junes Space Log Director

Juniper Networks Central insights

Junos Space Security Director

Juniper Networks Secure Analytics

Question 5

Which two statements are true about WAN security considerations? (Choose two.)

Options:

MACsec increases protection on alt WAN types

Provider VPN circuit require iPsec

internal connections are susceptible to fragmentation

IPsec increases protection on all WAN types

Question 6

You want to reduce the possibility of your data center's server becoming an unwilling participant in a DDoS attack When tvA3 features should you use on your SRX Series devices to satisfy this requirement? (Choose two.)

Options:

dynamic IPsec tunnels

Juniper ATP Cloud GeolP

UTMWebtaering

Juniper ATP Cloud CC feeds

Question 7

A new virus is sheading across the Internet, with the potential to affect your customer's network

Which two statements describe how Policy Enforcer interacts with other devices to ensure that the network is protected in this scenario? (Choose two.)

Options:

Policy Enforcer pulls security intelligence feeds from Juniper ATP Cloud to apply to SRX Series devices

Policy Enforcer pulls security policies from Juniper ATP cloud and apples them to SRX Series devices

Policy Enforcer automates the enrollment of SRX Series devices with Jumper ATP Cloud

Security Director pulls security intelligence feeds from Juniper ATP Cloud and applies them to Policy Enforcer

Question 8

Which two steps should be included in your security design process? (Choose two )

Options:

Define an overall routing strategy

identity external attackers

Identify permitted communications

Identify security requirements for the customer's organization

Question 9

Which feature is evaluated first when a packet is received on an interface of an SRX Series device?

Options:

UTM

ALG

stateless firewall filter

screens

Load More JN0-1332 Questions

Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Juniper JN0-1332 Security Design Specialist (JNCDS-SEC) Exam Practice Test

Security Design Specialist (JNCDS-SEC) Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: