Master Juniper JN0-335 Exam with Reliable Practice Questions
Upgrade to Premium
Which two statements are correct about the Junos IPS feature? (Choose two.)
Correct : A, D
Junos IPS is a feature that provides intrusion prevention and detection services on SRX Series devices. It monitors network traffic and compares it against predefined signatures or custom rules to identify and block malicious or unwanted packets. Two statements that are correct about the Junos IPS feature are:
IPS is integrated as a security service on SRX Series devices: Junos IPS is not a separate platform or device, but a security service that runs on SRX Series firewalls. It can be enabled and configured as part of the security policy on the SRX Series device and applied to specific zones, interfaces, or traffic flows.
IPS uses protocol anomaly rules to detect unknown attacks: Junos IPS uses two types of rules to detect attacks: signature rules and protocol anomaly rules. Signature rules match traffic against known attack patterns or signatures and block them based on predefined actions. Protocol anomaly rules detect deviations from the expected behavior or structure of common protocols, such as TCP, UDP, ICMP, etc. Protocol anomaly rules can help identify unknown or zero-day attacks that may not have a signature yet.
Start a Discussions
You want to be alerted if the wrong password is used more than three times on a single device within five minutes.
Which Juniper Networks solution will accomplish this task?
Correct : B
The Juniper Networks solution that will accomplish the task of alerting if the wrong password is used more than three times on a single device within five minutes is Juniper Secure Analytics (JSA). JSA is a security intelligence platform that collects, analyzes, and correlates network data from various sources, such as firewalls, routers, switches, servers, and applications. JSA can detect and respond to threats, anomalies, and vulnerabilities in real time using rules, offenses, reports, and dashboards. JSA can also integrate with JIMS (Juniper Identity Management Service) to obtain user identity information from Active Directory domains or syslog sources. JSA can use this information to create custom rules that trigger offenses or alerts based on user behavior or activity, such as failed login attempts or password changes.
Start a Discussions
While working on an SRX firewall, you execute the show security policies policy-name
Which function does this command accomplish?
Correct : D
The function that the show security policies policy-name <name> detail command accomplishes is showing policy counters for a configured policy. Policy counters are statistics that indicate how many times a policy has been matched by traffic and what actions have been taken by the policy. Policy counters can help you monitor and troubleshoot the performance and effectiveness of your security policies. The show security policies policy-name <name> detail command displays detailed information about a specific policy, such as its source zone, destination zone, description, state, hit count, byte count, packet count, action count, and session count.
Start a Discussions
Your JIMS server is unable to view event logs.
Which two actions would you take to solve this issue? (Choose two.)
Correct : B, C
If your JIMS server is unable to view event logs, two actions that you would take to solve this issue are:
Enable remote event log management within Windows Firewall on the necessary Exchange servers: JIMS (Juniper Identity Management Service) is a Windows service that collects user, device, and group information from Active Directory domains or syslog sources and provides it to SRX Series devices for identity-based security policies. JIMS relies on the event logs generated by the domain controllers and Exchange servers to track user logins, logouts, and IP address changes. If the Windows Firewall on the Exchange servers blocks the remote event log management, JIMS cannot access the event logs and obtain the user identity information. Therefore, you need to enable remote event log management within Windows Firewall on the Exchange servers that are configured as event sources in JIMS.
Enable remote event log management within Windows Firewall on the necessary domain controllers: Similarly, if the Windows Firewall on the domain controllers blocks the remote event log management, JIMS cannot access the event logs and obtain the user identity information. Therefore, you need to enable remote event log management within Windows Firewall on the domain controllers that are configured as event sources in JIMS.
Start a Discussions
Which two statements are correct about a reth LAG? (Choose two.)
Correct : A, D
A reth LAG is a redundant Ethernet link aggregation group that combines multiple physical interfaces into a single logical interface in a chassis cluster. A reth LAG provides load balancing and redundancy for traffic within or between redundancy groups. Two statements that are correct about a reth LAG are:
Links must have the same speed and duplex setting: To form a reth LAG, the physical interfaces must have the same speed and duplex setting. This ensures that the links can operate at the same capacity and avoid performance issues or errors.
You should have two or more interfaces: To create a reth LAG, you need to have at least two physical interfaces. One interface should be connected to node 0 and the other interface should be connected to node 1. You can also have more than two interfaces in a reth LAG for increased bandwidth and redundancy.
Start a Discussions