Real Juniper JN0-1332 Exam Online

NEW QUESTION 1
Which two features would provide protection from known malware? (Choose two.)

• A. ALGs
• B. screens
• C. Junker ATP Cloud
• D. IPS

Answer: BC

NEW QUESTION 2
Refer to the exhibit.

You arc designing a security solution using an SRX Series chassis duster in two separate buildings In this scenario, what are three considerations? (Choose three )

• A. The switches connecting to interface fab1 must support jumbo frames
• B. Latency on the fabric path must be under 1000 ms
• C. Latency on the control path must be under 100 ms
• D. The switches connecting to interface fxp: must support jumbo frames
• E. Both HA Inks must be on physically different switches.

Answer: ACD

NEW QUESTION 3
Refer to the Exhibit.

You are asked to provide a proposal for security elements in the service provider network shown in the exhibit. You must provide DOoS protection for Customer A from potential upstream attackers.
Which statements correct in this scenario?

• A. You should implement DDoS protection to drop offending traffic on the edge devices closest to the destination of the attack.
• B. You should implement DDoS protection to drop offending traffic on the edge devices closest to the source of the attack.
• C. You should implement DDoS protection to drop offending traffic on the core devices.
• D. You should implement DDoS protection to drop offending traffic on the customer edge device.

Answer: C

NEW QUESTION 4
Which firewall service is used as a first line of defense and often used by a security device to protect itself?

• A. intrusion prevention system
• B. unified Threat management
• C. network address translation
• D. stateless firewall filter

Answer: A

NEW QUESTION 5
You are a security architect for a small managed service provider. The marketing team has proposed providing firewall services to the customers.
The requirements for the solution are shown below
-- The customer must be able 10 manage their own security device.
-- You must provide segmentation using Layer 2 and Layer 3.
-- You need to implement dynamic routing
-- You need to provide UTM services
in this scenario. which product would you select to provide the firewall services?

• A. cSRX
• B. vSRX
• C. vMX
• D. vQFX

Answer: D

NEW QUESTION 6
Your company just purchased another company that uses the same IP address space as your company. You are asked to design a solution that allows both company’s to use each other's IT resources. Which two actions would you use to accomplish this task? (Choose two.)

• A. Implement double NAT
• B. Implement two non-overlapping equal-size address blocks
• C. Implement three non-overlapping equal-size address blocks.
• D. Implement persisted mat

Answer: C

NEW QUESTION 7
When designing the security for a service provider core router, you are asked to add a firewall fitter on the to0 interface in this scenario, which two protocols would you want to allow through the filter? (Choose two.)

• A. LLDP
• B. SSH
• C. BGP
• D. STP

Answer: AC

NEW QUESTION 8
You are asked to perform a risk assessment for a core layer switch in your data center. After analyze the Annual loss Expectancy (ALE) for this switch, you conclude that the risk remediation strategy involves purchasing insurance to protect against losses due to compromise or failure.
This scenario describes which risk remediation strategy?

• A. risk transfer
• B. risk mitigation
• C. risk avoidance
• D. risk acceptance

Answer: D

NEW QUESTION 9
You must design a separate network within your trust network with added security and separation. What is the common name for this type of network?

• A. guest
• B. DMZ
• C. enclave
• D. trust

Answer: C

NEW QUESTION 10
Which two statements are true about WAN security considerations? (Choose two.)

• A. MACsec increases protection on alt WAN types
• B. Provider VPN circuit require iPsec
• C. internal connections are susceptible to fragmentation
• D. IPsec increases protection on all WAN types

Answer: C

NEW QUESTION 11
You are designing a security solution that includes SRX Series firewalls in a chassis cluster. In this scenario. which two dements must be part of the design? (Choose two.)

• A. The physical interface on each SRX Series device making up the reth interface must be in the same L2 domain
• B. The physical interface on each SRX Series device making up the reth interface must be in separate L2 domains
• C. The duster ID must be the same on both SRX Series devices
• D. The node 10 must be the same on both SRX Series devices

Answer: B

NEW QUESTION 12
When designing security for the service provider WAN. you are asked to implement unicast reverse path forwarding (uRPF) in this scenario. on which interfaces would you choose to implement loose mode uRPF?

• A. On interfaces where the best forwarding path fee routes is through the receiving interface
• B. On interfaces that are user access interfaces
• C. On interfaces where all data originates on the same network as that of the router interface
• D. On interfaces that participate in multihomes environments

Answer: B

NEW QUESTION 13
As part of your service provider WAN network design, you are asked to create a design that secures BGP communication .
In this scenario, what are two reasons you would choose BGP Generated TTL Security Mechanism (GTSM)? (Choose two.)

• A. You have an automated method of rotating MD5 hashes on each router.
• B. All of your router BGP connections are point-to-multipoint.
• C. AlI of your router BGP connections are point-to-point
• D. You do not have an easy method of rotating MD5 hashes on each router

Answer: BD

NEW QUESTION 14
Which automation language would you use to create on-box and off-box scripts for SRX Series devices?

• A. Python
• B. Pert
• C. Java
• D. Ruby

Answer: D

NEW QUESTION 15
As part of a design requirement you are asked to allow users in a specific department to authenticate only on their laptops and no other devices on the same network port. Which mode of 802 .1X authentication will you use to satisfy this requirement?

• A. multiple
• B. single-secure
• C. single
• D. MAC RADIUS

Answer: A

NEW QUESTION 16
Which two statements describe Juniper ATP Cloud? (Choose two)

• A. Juniper ATP Cloud can use a sandbox to detect threats that use evasion techniques.
• B. Juniper ATP Cloud runs mime with network traffic to Nock all traffic before reaching endpoint.
• C. Juniper ATP Cloud provides protection against zero-day threats
• D. Juniper ATP Cloud is an added app that must be instated with Security Director

Answer: AD

NEW QUESTION 17
You are asked to enable denial of service protection for a webserver behind an SRX Series device In this scenario, which feature would you enable?

• A. screens
• B. App Secure
• C. Web filtering
• D. Juniper ATP

Answer: D

NEW QUESTION 18
Which two steps should be included in your security design process? (Choose two )

• A. Define an overall routing strategy
• B. identity external attackers
• C. Identify permitted communications
• D. Identify security requirements for the customer's organization

Answer: BC

NEW QUESTION 19
......