更新されたPDF(2024年最新)実際にあるJuniper JN0-335試験問題 [Q15-Q38]

Share

更新されたPDF(2024年最新)実際にあるJuniper JN0-335試験問題

検証済みのJN0-335試験問題集PDF[2024年最新] 成功の秘訣はJPNTest


JN0-335試験は、セキュリティポリシー、ファイアウォールフィルター、仮想プライベートネットワーク(VPN)、侵入検知および防止(IDP)、および統合脅威管理(UTM)に関連する様々なトピックを扱います。この試験は、これらのトピックに関する知識と、その知識を実際の現場で適用する能力を個人がテストするために設計されています。


JN0-335試験は、65の質問から構成される多肢選択試験です。試験を受験する個人には90分の時間が与えられます。試験に合格するには、最低65%のスコアを達成する必要があります。


Juniper JN0-335試験は、Juniper Networks Security Technologiesにおける候補者の知識とスキルを評価する包括的な認定試験です。この認定は、セキュリティを専門とし、Juniper Networks Security Devicesと協力したいITの専門家に最適です。 JNCIS-SEC認定は、ジュニパーネットワークのセキュリティテクノロジーを使用する組織によって世界的に認識され、高く評価されています。

 

質問 # 15
Your network uses a remote e-mail server that is used to send and receive e-mails for your users.
In this scenario, what should you do to protect users from receiving malicious files thorugh e-mail?

  • A. Deploy Sky ATP SMTP e-mail protection
  • B. Deploy Sky ATP POP3 e-mail protection
  • C. Deploy Sky ATP MAPI e-mail protection
  • D. Deploy Sky ATP IMAP e-mail protection

正解:A


質問 # 16
You are asked to ensure that if the session table on your SRX Series device gets close to exhausting its resources, that you enforce a more aggress.ve age-out of existing flows. In this scenario, which two statements are correct? (Choose two.)

  • A. The high-watermark configuration specifies the percentage of how much of the session table is left before disabling a more aggressive age- out timer.
  • B. The early-ageout configuration specifies the timeout value, in seconds, that will be applied once the low-watermark value is met.
  • C. The early-ageout configuration specifies the timeout value, in seconds, that will be applied once the high-watermark value is met.
  • D. The high-watermark configuration specifies the percentage of how much of the session table can be allocated before applying a more aggressive age-out timer

正解:C、D

解説:
The early-ageout configuration specifies the timeout value, in seconds, that will be applied once the high-watermark value is met. The high-watermark configuration specifies the percentage of how much of the session table can be allocated before applying a more aggressive age-out timer.
This ensures that the session table does not become full and cause traffic issues, and also ensures that existing flows are aged out quickly when the table begins to get close to being full.


質問 # 17
Exhibit

You are trying to create a security policy on your SRX Series device that permits HTTP traffic from your private 172 25.11.0/24 subnet to the Internet You create a policy named permit-http between the trust and untrust zones that permits HTTP traffic. When you issue a commit command to apply the configuration changes, the commit fails with the error shown in the exhibit.
Which two actions would correct the error? (Choose two.)

  • A. Modify the security policy to use the built-in Junos-http applications.
  • B. Create a custom application named http at the [edit applications] hierarchy.
  • C. Execute the Junos commit full command to override the error and apply the configuration.
  • D. Issue the rollback 1 command from the top of the configuration hierarchy and attempt the commit again.

正解:A、B

解説:
Explanation
The error occurred because the "http" application is not defined in this context of Juniper SRX Series device configuration. One solution is to create a custom application named "http" at the [edit applications] hierarchy level (Option C). Another solution is to modify the security policy to use the built-in "junos-http" application which is predefined and doesn't need an explicit definition (Option D). Options A and B are not correct because they do not address the root cause of the error, which is the undefined application "http". References:
The answers can be verified from Juniper's official documentation on security policies and applications available on their website. Here are some relevant links:
Security Policies Feature Guide for Security Devices
Understanding Applications and Application Sets for SRX Series Devices
Configuring Custom Applications for SRX Series Devices
Predefined Applications for SRX Series Devices


質問 # 18
Click the Exhibit button.

The output shown in the exhibit is displayed in which format?

  • A. sd-syslog
  • B. binary
  • C. WELF
  • D. syslog

正解:D


質問 # 19
Which two statements about SRX Series device chassis clusters are true? (Choose two.)

  • A. Chassis cluster member devices must be the same model.
  • B. Redundancy group 0 is only active on the cluster backup node.
  • C. Each chassis cluster member device can host active redundancy groups
  • D. Each chassis cluster member requires a unique cluster ID value.

正解:C、D

解説:
1. Each chassis cluster member requires a unique cluster ID value: This statement is true. Each chassis cluster member must have a unique cluster ID assigned, which is used to identify each device in the cluster.
2. Each chassis cluster member device can host active redundancy groups: This statement is true. Both devices in a chassis cluster can host active redundancy groups, allowing for load balancing and failover capabilities.
The two statements about SRX Series device chassis clusters that are true are that each chassis cluster member requires a unique cluster ID value, and that each chassis cluster member device can host active redundancy groups. A unique cluster ID value is necessary so that all members of the cluster can be identified, and each chassis cluster member device can host active redundancy groups to ensure that the cluster is able to maintain high availability and redundancy. Additionally, it is not necessary for all chassis cluster member devices to be the same model, as long as all devices are running the same version of Junos software.


質問 # 20
Click the Exhibit button.

You are asked to create a security policy that will automatically add infected hosts to the infected hosts feed and block further communication through the SRX Series device.
What needs to be added to this configuration to complete this task?

  • A. Add an action to the permit portion of the security policy.
  • B. Add logging to the permit portion of the security policy.
  • C. Add a match rule to the security policy with an appropriate threat level.
  • D. Add a security intelligence policy to the permit portion of the security policy.

正解:D

解説:
To create a security policy that will automatically add infected hosts to the infected hosts feed and block further communication through the SRX Series device, you need to add a security intelligence policy to the permit portion of the security policy. A security intelligence policy is a policy that allows you to block or monitor traffic from malicious sources based on threat intelligence feeds from Juniper ATP Cloud or other providers. One of the feeds that you can use is the Infected-Hosts feed, which contains IP addresses of hosts that are infected with malware and communicate with command-and-control servers. You can create a profile and a rule for the Infected-Hosts feed and specify the threat level and the action to take for the infected hosts. Then, you can link the security intelligence policy with the firewall policy and apply it to the traffic that you want to protect.


質問 # 21
Which three statements are true about the difference between cSRX-based virtual security deployments and vSRX-based virtual security deployments? (Choose three.)

  • A. cSRX-based solutions are more scalable than vSRX-based solutions.
  • B. vSRX and cSRX both provide Layer 2 to Layer 7 secure services.
  • C. vSRX provides faster deployment time and faster reboots compared to cSRX.
  • D. vSRX provides Layer 2 to Layer 7 secure services and cSRX provides Layer 4 to Layer 7 secure services.
  • E. cSRX requires less storage and memory space for a given deployment than vSRX-based solutions.

正解:A、D、E


質問 # 22
Which two statements are correct about the Junos IPS feature? (Choose two.)

  • A. IPS is a standalone platform running on dedicated hardware or as a virtual device.
  • B. IPS is integrated as a security service on SRX Series devices.
  • C. IPS uses protocol anomaly rules to detect unknown attacks.
  • D. IPS uses sandboxinQ to detect unknown attacks.

正解:B、C

解説:
Explanation
The Junos IPS feature is a security service that is integrated on SRX Series devices, which are high-performance network security platforms that offer firewall, VPN, IPS, application security, and unified threat management capabilities. The Junos IPS feature uses various methods to detect and prevent intrusions, such as signature-based detection, protocol anomaly detection, behavioral anomaly detection, and custom signatures. Signature-based detection compares network traffic against predefined patterns of known attacks and blocks traffic when a match is found. Protocol anomaly detection monitors network traffic for deviations from the expected or normal behavior of common protocols, such as HTTP, FTP, SMTP, and DNS, and blocks traffic when an anomaly is detected. Behavioral anomaly detection monitors network traffic forchanges in the baseline behavior of hosts, networks, or applications, and blocks traffic when a significant deviation is detected. Custom signatures allow administrators to create their own patterns of attacks based on specific criteria, such as IP addresses, ports, protocols, or payload content, and block traffic when a match is found.
The Junos IPS feature does not use sandboxing to detect unknown attacks, as this is a function of the Juniper ATP Cloud service, which is a cloud-based service that provides advanced malware detection and prevention for the network. The Junos IPS feature is not a standalone platform, but rather a service that runs on SRX Series devices, which can be deployed as physical or virtual appliances. References:
[Juniper Security, Professional (JNCIP-SEC) Reference Materials] 1
[Juniper Security, Specialist (JNCIS-SEC) Reference Materials] 2
[Junos OS Security Configuration Guide] 3
[Junos OS Security Feature Guide] 4
[Junos OS Security Feature Support Reference] 5


質問 # 23
Which three statements are correct about fabric interfaces on the SRX5800? (Choose three.)

  • A. Fabric interfaces must be same interface type.
  • B. Fabric interfaces must be user-assigned interfaces.
  • C. Fabric interfaces must be on the same Layer 2 segment.
  • D. Fabric interfaces must have a user-assigned IP address.
  • E. Fabric interfaces must be system-assigned interfaces.

正解:A、C、E


質問 # 24
Which statement about security policy schedulers is correct?

  • A. A policy without a defined scheduler will not become active
  • B. When the scheduler is disabled, the policy will still be available.
  • C. Multiple policies can use the same scheduler.
  • D. A policy can have multiple schedulers.

正解:C

解説:
Schedulers can be defined and reused by multiple policies, allowing for more efficient management of policy activation and deactivation. This can be particularly useful for policies that need to be activated during specific time periods, such as business hours or maintenance windows.


質問 # 25
You enable chassis clustering on two devices and assign a cluster ID and a node ID to each device.
In this scenario, what is the correct order for rebooting the devices?

  • A. Reboot the primary device, then the secondary device.
  • B. Reboot only the secondary device since the primary will assign itself the correct cluster and node ID.
  • C. Reboot only the primary device since the secondary will assign itself the correct cluster and node ID.
  • D. Reboot the secondary device, then the primary device.

正解:A

解説:
Explanation
In a Juniper Networks chassis clustering setup, when you enable chassis clustering on two devices and assign a cluster ID and a node ID to each device, the correct order for rebooting the devices is: C. Reboot the primary device, then the secondary device.
Explanation: After assigning the cluster ID and node ID to each device, it is a good practice to reboot the primary device first. This ensures that the primary device comes online with the specified cluster and node IDs. Once the primary device is up and running, you can then reboot the secondary device. The secondary device will recognize the existing cluster and node IDs assigned to the primary device and join the cluster accordingly.


質問 # 26
You are asked to reduce the load that the JIMS server places on your Which action should you take in this situation?

  • A. Connect JIMS to the domain SQL server.
  • B. Connect JIMS to another SRX Series device.
  • C. Connect JIMS to the RADIUS server
  • D. Connect JIMS to the domain Exchange server

正解:B

解説:
JIMS server is a Juniper Identity Management Service that collects user identity information from different authentication sources for SRX Series devices12. It can connect to SRX Series devices and CSO platform in your network1.
JIMS server is a service that protects corporate resources by authenticating and restricting user access based on roles2. It connects to SRX Series devices and CSO platform to provide identity information for firewall policies1. To reduce the load that JIMS server places on your network, you should connect JIMS to another SRX Series device1. This way, you can distribute the identity information among multiple SRX Series devices and reduce network traffic.


質問 # 27
When considering managed sessions, which configuration parameter determines how full the session table must be to implement the early age-out function? (Choose two)

  • A. high waremark
  • B. session service timeout
  • C. low watermark
  • D. policy rematch

正解:A、B


質問 # 28
You are asked to block malicious applications regardless of the port number being used. In this scenario, which two application security features should be used? (Choose two.)

  • A. AppFW
  • B. AppTrack
  • C. APPID
  • D. AppQoE

正解:A、C

解説:
You can block applications and users based on network access policies, users and their job roles, time, and application signatures. You can also use Juniper Advanced Threat Prevention (ATP) to find and block commodity and zero-day cyberthreats within files, IP traffic, and DNS requests.


質問 # 29
Which solution should you use if you want to detect known attacks using signature-based methods?

  • A. ALGs
  • B. SSL proxy
  • C. IPS
  • D. JIMS

正解:C


質問 # 30
Which two statements are true about Juniper ATP Cloud? (Choose two.)

  • A. If the cache lookup determines that a file contains malware, performed to verify the results.
  • B. Dynamic analysis is not always necessary to determine if a file contains malware.
  • C. If the cache lookup determines that a file contains malware, static analysis is not performed to verify the results.
  • D. Dynamic analysis is always performed to determine if a file contains malware.

正解:B、C

解説:
Dynamic analysis is not always necessary to determine if a file contains malware, as the ATP Cloud uses a cache lookup to quickly identify known malicious files. If the cache lookup determines that a file contains malware, static analysis is not performed to verify the results.


質問 # 31
You are building a VPN tunnel between two SRX Series devices. You want the tunnel to always be established, even if there is no traffic to send. Which action would be used to achieve this goal?

  • A. Configure an RPM probe to constantly ping across the links.
  • B. Configure the OSPF demand-circuit feature on the tunnel interface.
  • C. Configure establish-tunnels with the immediately parameter.
  • D. Configure vpn-monitor with the optimized parameter on the tunnel.

正解:C


質問 # 32
You want to show tabular data for operational mode commands.
In this scenario, which logging parameter will provide this function?

  • A. session-close
  • B. permit
  • C. count
  • D. session-init

正解:C

解説:
Explanation
The count logging parameter displays the number of packets that match the firewall filter term in a tabular format. The count parameter also creates a counter that you can view with the show firewall command. The other logging parameters (permit, session-init, and session-close) do not show tabular data, but rather log the packets that match the term to a system log file or a user-specified file. References:
Understanding Firewall Filter Counters
Configuring Firewall Filter Counters
show firewall


質問 # 33
Your JIMS server is unable to view event logs.
Which two actions would you take to solve this issue? (Choose two.)

  • A. Enable remote event log management within Windows Firewall on the necessary Exchange servers.
  • B. Enable remote event log management within Windows Firewall on the JIMS server.
  • C. Enable remote event log management within Windows Firewall on the necessary domain controllers.
  • D. Enable the correct host-inbound-traffic rules on the SRX Series devices.

正解:B、C

解説:
Explanation
JIMS server is a Windows service application that collects and maintains user, device, and group information from Active Directory domains or syslog sources. JIMS server uses the Windows event logs to obtain user login and logout information from the domain controllers and Exchange servers. Therefore, to enable JIMS server to view the event logs, you need to perform the following actions:
Enable remote event log management within Windows Firewall on the necessary domain controllers and Exchange servers. This allows JIMS server to access the event logs on these servers remotely. You can do this by using the Windows Firewall with Advanced Security snap-in or by using the netsh command.
For example, to enable remote event log management on a domain controller, you can use the following command:
netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes Enable remote event log management within Windows Firewall on the JIMS server. This allows JIMS server to receive the event logs from the domain controllers and Exchange servers. You can do this by using the same method as above. For example, to enable remote event log management on the JIMS server, you can use the following command:
netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes Option C and Option D show the correct actions for solving this issue. Option A and Option B are incorrect because they are not related to the JIMS server's ability to view the event logs. Host-inbound-traffic rules are used to control the traffic that is allowed to reach the SRX Series devices, not the JIMS server. Enabling remote event log management on the Exchange servers is not necessary if JIMS server does not need to collect user information from them.
References: Juniper Security, Specialist (JNCIS-SEC) Reference Materials and Juniper Security, Professional (JNCIP-SEC) Reference Materials


質問 # 34
Which solution enables you to create security policies that include user and group information?

  • A. JIMS
  • B. ATP Appliance
  • C. Network Director
  • D. NETCONF

正解:A

解説:
Explanation
JIMS (Juniper Identity Management Service) is a standalone Windows service application that collects and maintains a large database of user, device, and group information from Active Directory domains1. You can use JIMS to obtain user identity information and populate the identity management authentication table on SRX Series devices1. You can then use the username or group name in security policies to identify a user and not rely directly on the IP address of the device used2. JIMS also supports integration with ClearPass, which is another solution for user authentication and enforcement2.
ATP Appliance is a solution for advanced threat prevention and detection, not for user and group information.
Network Director is a solution for network management and orchestration, not for user and group information.
NETCONF is a protocol for network configuration, not for user and group information. References:
2: Configure Juniper Identity Management Service to Obtain User Identity Information | Junos OS | Juniper Networks
6: Enforce Security Policies using ClearPass | Junos OS | Juniper Networks
[7]: Juniper Advanced Threat Prevention Appliance | Juniper Networks
[8]: Network Director | Juniper Networks
[9]: NETCONF | Junos OS | Juniper Networks


質問 # 35
When a security policy is deleted, which statement is correct about the default behavior of active sessions allowed by that policy?

  • A. The active sessions allowed by the policy will be marked as a legacy flow and will continue to be forwarded.
  • B. The active sessions allowed by the policy will continue
  • C. The active sessions allowed by the policy will be dropped.
  • D. The active sessions allowed by the policy will be reevaluated by the cached

正解:C

解説:
When a security policy is deleted, the active sessions allowed by the policy will be dropped. The default behavior is that all active sessions allowed by the policy will be terminated and the traffic will no longer be forwarded. There is no way to mark the active sessions as a legacy flow or to reevaluate them by the cached rules.
Reference:
According to Juniper Networks Security, Specialist (JNCIS-SEC) Study Guide, when a security policy is deleted, the active sessions allowed by that policy will be dropped. This behavior is the default behavior of the device. There is no way to mark the active sessions as a legacy flow or to re-evaluate them against cached rules. The device will terminate the active sessions and will no longer forward traffic for those sessions.


質問 # 36
Data plane logging operates in which two modes? (Choose two.)

  • A. binary
  • B. stream
  • C. event
  • D. syslog

正解:B、C


質問 # 37
What is the default session timeout value for ICMP and UDP traffic?

  • A. 30 seconds
  • B. 5 minutes
  • C. 60 seconds
  • D. 30 minutes

正解:C


質問 # 38
......

ベストを体験せよ!JN0-335試験問題トレーニングを提供しています:https://www.jpntest.com/shiken/JN0-335-mondaishu

練習サンプルと問題集と秘訣には2024年最新のJN0-335有効なテスト問題集:https://drive.google.com/open?id=1aprokb8VQ5GyJpu4WunMVl7ZB68JNZMH

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡