JN0-1332 Online Practice Questions and Answers

You are designing a data center security architecture. The design requires automated scaling of security services according to real-time traffic flows.

Which two design components will accomplish this task? (Choose two.)

A. telemetry with an SDN controller

B. JFlow traffic monitoring with event scripts

C. VNF security devices deployed on x86 servers

D. VRF segmentation on high-capacity physical security appliances

You are concerned about users downloading malicious attachments at work while using encrypted Web mail. You want to block these malicious files using your SRX Series device.

In this scenario, which two features should you use? (Choose two.)

A. SSL reverse proxy

B. SSL forward proxy

C. Sky ATP SMTP scanning

D. Sky ATP HTTP scanning

You are asked to install a mechanism to protect an ISP network from denial-of-service attacks from a small number of sources.

Which mechanism will satisfy this requirement?

A. RTBH

B. UTM

C. Sky ATP

D. GeoIP

Which statement is correct about service chaining?

A. Service chaining uses IPsec to connect together two or more VMs

B. Service chaining evaluates traffic by using multiple security features on the same instance

C. Service chaining redirects traffic back through the same device for additional processing

D. Service chaining combines multiple VNF instances together in the data flow

You are designing a data center security solution for a customer. The customer asks that you provide a DDoS solution. Several IPsec tunnels will be terminated at the data center gateway.

Which type of security is your customer asking you to implement?

A. segmentation

B. intra-data center policy enforcement

C. perimeter protection

D. compliance

You have multiple SRX chassis clusters on a single broadcast domain. Why must you assign different cluster IDs in this scenario?

A. to avoid MAC address conflicts

B. to avoid control link conflicts

C. to avoid node numbering conflicts

D. to avoid redundancy group conflicts

You are designing an SDSN security solution for a new campus network. The network will consist of Juniper Networks Policy Enforcer, Juniper Networks switches, third-party switches, and SRX Series devices. The switches and the SRX Series devices will be used as security enforcement points.

Which component supports the SRX Series devices in this scenario?

A. Security Director

B. RADIUS server

C. certificate server

D. DHCP server

You have a site that has two Internet connections but no switch on the outside of the firewall. You want to use ISP-A over ISP-B during normal operations.

Which type of chassis cluster design would you propose to satisfy this requirement?

A. Propose active/active cluster deployment with separate redundancy groups

B. Propose active/passive cluster deployment with separate redundancy groups

C. Propose active/active cluster deployment without separate redundancy groups

D. Propose active/passive cluster deployment without separate redundancy groups

You are responding to an RFP for securing a large enterprise. The RFP requires an onsite security solution which can use logs from third-party sources to prevent threats. The solution should also have the capability to detect and stop zero- day attacks.

Which Juniper Networks solution satisfies this requirement?

A. IDP

B. Sky ATP

C. JSA

D. JATP

You are designing an enterprise WAN network that must connect multiple sites. You must provide a design proposal for the security elements needed to encrypt traffic between the remote sites.

Which feature will secure the traffic?

A. BFD

B. OSPF

C. GRE

D. IPsec