JN0-335無料問題集「Juniper Security, Specialist (JNCIS-SEC)」

質問 1

You are asked to block malicious applications regardless of the port number being used. In this scenario, which two application security features should be used? (Choose two.)

（A）AppQoE

（B）AppTrack

（C）APPID

（D）AppFW

正解：C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

You are troubleshooting advanced policy-based routing (APBR). Which two actions should you perform in this scenario? (Choose two.)

（A）Review the APBR statistics for matching rules and route modifications.

（B）Verify that the APBR profiles are applied to the egress zone.

（C）Inspect the application system cache for the application entry.

（D）Verity inet.0 for correct route leaking.

正解：A、C 解答を投票する

質問 3

Which two statements are correct about server-protection SSP proxy? (Choose two.)

（A）The server-protection SSL proxy is also known as SSL reverse proxy.

（B）The server-protection SSL proxy forwards the server certificate after modification.

（C）The server-protection SSL proxy intercepts the server certificate.

（D）The server-protection SSL proxy acts as the server from the client's perspective.

正解：A、D 解答を投票する

質問 4

Click the Exhibit button.

You examine the log file shown in the exhibit after running the set security idp active-policy command.
Which two statements are true in this scenario? (Choose two.)

（A）The IDP hit cache is set to 16384.

（B）The IDP policy loaded successfully.

（C）The entire configuration was committed.

（D）The IDP policy compiled successfully.

正解：B、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Regarding dynamic attack object groups, which two statements are true? (Choose two.)

（A）Group membership does not automatically change when Juniper updates the IPS signature database.

（B）Group membership automatically changes when Juniper updates the IPS signature database.

（C）You must manually add matching attack objects to a custom group.

（D）Matching attack objects are automatically added to a custom group.

正解：B、C 解答を投票する

質問 6

You want to control when cluster failovers occur.
In this scenario, which two specific parameters would you configure on an SRX Series device?
(Choose two.)

（A）heartbeat-threshold

（B）heartbeat-address

（C）heartbeat-interval

（D）heartbeat-tos

正解：A、C 解答を投票する

質問 7

Which two statements are correct about AppTrack? (Choose two.)

（A）AppTrack identifies and blocks traffic flows that might be malicious regardless of the ports being used.

（B）AppTrack collects traffic flow information including byte, packet, and duration statistics.

（C）AppTrack can be configured for any defined logical system on an SRX Series device.

（D）AppTrack can only be configured in the main logical system on an SRX Series device.

正解：B、C 解答を投票する

質問 8

A client has attempted communication with a known command-and-control server and it has reached the configured threat level threshold.
Which feed will the clients IP address be automatically added to in this situation?

（A）the custom cloud feed

（B）the command-and-control cloud feed

（C）the infected host cloud feed

（D）the allowlist and blocklist feed

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Which two protocols are supported for Sky ATP advanced anti-malware scanning? (Choose two.)

（A）IMAP

（B）MAPI

（C）SMTP

（D）POP3

正解：A、C 解答を投票する

質問 10

How does Juniper ATP Cloud protect a network from zero-day threats?

（A）It uses known virus signatures.

（B）It uses antivirus software.

（C）It uses dynamic analysis.

（D）It uses a cache lookup.

正解：C 解答を投票する

JN0-335 無料問題集「Juniper Security, Specialist (JNCIS-SEC)」

弊社を連絡する

関連リンク

トップ試験