JN0-1332 Online Practice Questions and Answers

You are designing a data center security architecture. The design requires automated scaling of security services according to real-time traffic flows.

Which two design components will accomplish this task? (Choose two.)

A. telemetry with an SDN controller

B. JFlow traffic monitoring with event scripts

C. VNF security devices deployed on x86 servers

D. VRF segmentation on high-capacity physical security appliances

Which solution centralizes the management of security devices in your data center?

A. Juniper Networks Secure Analytics

B. J-Web

C. Junos Space Security Director

D. Junos CLI

You are concerned about malicious attachments being transferred to your e-mail server at work through encrypted channels. You want to block these malicious files using your SRX Series device.

Which two features should you use in this scenario? (Choose two.)

A. Sky ATP SMTP scanning

B. Sky ATP HTTP scanning

C. SSL forward proxy

D. SSL reverse proxy

You are deploying Security Director with the logging and reporting functionality for VMs that use SSDs. You expect to have approximately 20,000 events per second of logging in your network.

In this scenario, what is the minimum number of log receiver devices that you should use?

A. 4

B. 3

C. 2

D. 1

What are two benefits of the vSRX in a virtualized private or public cloud multitenant environment? (Choose two.)

A. full logical systems capabilities

B. stateful firewall protection at the tenant edge

C. 100GbE interface support

D. OSPFv3 capabilities

You are implementing Routing Engine protection, and packets are processed in a specific order. In this scenario, which function processed a received packet last?

A. loopback interface input policer

B. loopback interface input firewall filter

C. physical interface input firewall filters

D. physical interface input policer

Which two steps should be included in your security design process? (Choose two.)

A. Identify external attackers

B. Define safety requirements for the customer's organization

C. Identify the firewall enforcement points

D. Define overall security policies

You are deploying a data center Clos architecture and require secure data transfers within the switching fabric.

In this scenario, what will accomplish this task?

A. MACsec encryption

B. LAG Layer 2 hashing

C. IRB VLAN routing between hosts D. stacked VLAN tagging on the core switches

In a data center, what are two characteristics of access tier VLAN termination on the aggregation tier? (Choose two.)

A. Multiple VLANs can be part of one security zone

B. A security zone is limited to a single VLAN

C. Inter-VLAN traffic within a zone can bypass firewall services

D. Inter-VLAN traffic is secured through firewall services

You are required to design a university network to meet the conditions shown below.

Users connected to the university network should be able to access the Internet and the research

department lab network.

The research department lab network should not be able to reach the Internet.

Which three actions satisfy the design requirements? (Choose three.)

A. Use a global permit policy for Internet traffic

B. Use a global deny security policy for the research lab

C. Use separate security zones for each department

D. Use the default deny security policy for the research lab

E. Use a static NAT rule between the internal zones for the research lab