This page was exported from Latest Exam Prep [ http://certify.vceprep.com ] Export date:Sat Dec 14 8:57:00 2024 / +0000 GMT ___________________________________________________ Title: [Sep-2022] Get 100% Real JN0-334 Exam Questions, Accurate & Verified VCEPrep Dumps in the Real Exam! [Q50-Q70] --------------------------------------------------- [Sep-2022] Get 100% Real JN0-334 Exam Questions, Accurate & Verified VCEPrep Dumps in the Real Exam! Pass Your JNCIS-SEC Exams Fast. All Top JN0-334 Exam Questions Are Covered. QUESTION 50Which two statements describe how rules are used with Juniper Secure Analytics? (Choose two.)  When a rule is triggered, JSA can respond by sending an e-mail to JSA administrators.  Rules are defined on Junos Space Security Director, and then pushed to JSA log collectors.  A rule defines matching criteria and actions that should be taken when an events matches the rule.  When a rule is triggered, JSA can respond by blocking all traffic from a specific source address. QUESTION 51Which feature is used when you want to permit traffic on an SRX Series device only at specific times?  scheduler  pass-through authentication  ALGs  counters QUESTION 52Exhibit.You want to deploy Sky ATP with Policy Enforcer to block infected hosts at the access layer To complete this task, where should you configure the default gateway for the User-1 device?  the irb interface on QFX-2  the irb interface on QFX-1  the interface of QFX-1 that connects to User-1  the interface on SRX-1 that connects to QFX-2 QUESTION 53Which two statements are correct about server-protection SSL proxy? (Choose two.)  The server-protection SSL proxy intercepts the server certificate.  The server-protection SSL proxy is also known as SSL reverse proxy.  The server-protection SSL proxy forwards the server certificate after modification  The server-protection SSL proxy acts as the server from the client’s perspective QUESTION 54Click the Exhibit button.You are configuring an SRX chassis cluster with the node-specific hostname and management address.Referring to the exhibit, which configuration completes this requirement?A)B)C)D)  Option A  Option B  Option C  Option D QUESTION 55Which two functions are performed by Juniper Identity Management Service (JIMS)? (Choose two.)  JIMS synchronizes Active Directory authentication information between a primary and secondary JIMS server.  JIMS forwards Active Directory authentication information to SRX Series client devices.  JIMS collects and maintains a database of authentication information from Active Directory domains.  JIMS replicates Active Directory authentication information to non-trusted Active Directory domain controllers. QUESTION 56Click the Exhibit button.Users at a remote office are unable to access an FTP server located at the remote corporate data center as expected. The remote FTP server is listening on the non-standard TCP port 2121.Referring to the exhibit, what is causing the problem?  The FTP clients must be configured to listen on non-standard client ports for the FTP data channel negotiations to succeed.  Two custom FTP applications must be defined to allow bidirectional FTP communication through the SRX Series device.  The custom FTP application definition does not have the FTP ALG enabled.  A new security policy must be defined between the untrust and trust zones. QUESTION 57Click the Exhibit button.The output shown in the exhibit is displayed in which format?  syslog  WELF  binary  sd-syslog QUESTION 58You are asked to improve resiliency for individual redundancy groups in an SRX4600 chassis cluster. Which two features would accomplish this task? (Choose two.)  IP address monitoring  control link recovery  interface monitoring  dual fabric links QUESTION 59You want to use Sky ATP to protect your network; however, company policy does not allow you to send any files to the cloud.Which Sky ATP feature should you use in this situation?  Only use on-premises local Sky ATP server anti-malware file scanning.  Only use cloud-based Sky ATP file hash lookups.  Only use on-box SRX anti-malware file scanning.  Only use cloud-based Sky ATP file blacklists. QUESTION 60A routing change occurs on an SRX Series device that involves choosing a new egress interface.In this scenario, which statement is true for all affected current sessions?  The current session are torn dowm only if the policy-rematch option has been enabled.  The current sessions do not change.  The current sessions are torn down and go through first path processing based on the new route.  The current sessions might change based on the corresponding security policy. QUESTION 61Your network uses a remote e-mail server that is used to send and receive e-mails for your users.In this scenario, what should you do to protect users from receiving malicious files through e-mail?  Deploy Sky ATP IMAP e-mail protection  Deploy Sky ATP MAPI e-mail protection  Deploy Sky ATP SMTP e-mail protection  Deploy Sky ATP POP3 e-mail protection QUESTION 62Click the Exhibit button.The output shown in the exhibit is displayed in which format?  syslog  sd-syslog  binary  WELF QUESTION 63Which host-inbound-traffic security zone parameter would allow access to the REST API configured to listen on custom TCP port 5080?  http  all  xnm-clear-text  any-service QUESTION 64What are two types of collectors for the JATP core engine? (Choose two)  SNMP  e-mail  Web  telemetry QUESTION 65Which statement describes the AppTrack module in AppSecure?  The AppTrack module provides enforcement with the ability to block traffic, based on specific applications.  The AppTrack module provides control by the routing of traffic, based on the application.  The AppTrack module identifies the applications that are present in network traffic.  The AppTrack module provides visibility and volumetric reporting of application usage on the network. https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-tracking.htmlQUESTION 66Which two protocols are supported for Sky ATP advanced anti-malware scanning? (Choose two.)  POP3  MAPI  IMAP  SMTP QUESTION 67Which statement is true about high availability (HA) chassis clusters for the SRX Series device?  Cluster nodes require an upgrade to HA compliant Routing Engines.  Cluster nodes must be connected through a Layer 2 switch  There can be active/passive or active/active clusters  HA clusters must use NAT to prevent overlapping subnets between the nodes QUESTION 68Referring to the configuration shown in the exhibit, which two statements are true? (Choose two)  The log is being stored on the local Routing Engine  The log is being sent to a remote server  The syslog is configured for a user facility  The syslog is configured for an info facility QUESTION 69Which feature supports sandboxing of zero-day attacks?  Sky ATP  SSL proxy  ALGs  high availability ExplanationQUESTION 70What are two elements of a custom IDP/IPS attack object? (Choose two )  the attack signature  the seventy of the attack  the destination zone  the exempt rulebase  Loading … Penetration testers simulate JN0-334 exam: https://www.vceprep.com/JN0-334-latest-vce-prep.html --------------------------------------------------- Images: https://certify.vceprep.com/wp-content/plugins/watu/loading.gif https://certify.vceprep.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-09-10 10:32:00 Post date GMT: 2022-09-10 10:32:00 Post modified date: 2022-09-10 10:32:00 Post modified date GMT: 2022-09-10 10:32:00