JN0-1331 Online Practice Questions and Answers

You are asked to deploy a security solution in your data center that ensures all traffic flows through the SRX Series devices.

Which firewall deployment method meets this requirement?

A. one-arm

B. two-arm

C. transparent

D. inline

You are designing a data center security architecture. The design requires automated scaling of security services according to real-time traffic flows.

Which two design components will accomplish this task? (Choose two.)

A. telemetry with an SDN controller

B. JFlow traffic monitoring with event scripts

C. VNF security devices deployed on x86 servers

D. VRF segmentation on high-capacity physical security appliances

You want to deploy JATP in your network that uses SRX Series devices.

In this scenario, which feature must you enable on the SRX Series devices?

A. SSL forward proxy

B. AppSecure

C. UTM antivirus

D. IPS

You must allow applications to connect to external servers. The session has embedded IP address information to enable the remote system to establish a return session.

In your design, which function should be implemented?

A. source NAT

B. application layer gateway

C. destination NAT

D. HTTP redirect

You are working with a customer to create a design proposal using SRX Series devices. As part of the design, you must consider the requirements shown below:

1.

You must ensure that every packet entering your device is independently inspected against a set of rules.

2.

You must provide a way to protect the device from undesired access attempts.

3.

You must ensure that you can apply a different set of rules for traffic leaving the device than are in use for traffic entering the device.

In this scenario, what do you recommend using to accomplish these requirements?

A. firewall filters

B. intrusion prevention system

C. unified threat management

D. screens

You are working on a network design that will use EX Series devices as Layer 2 access switches in a campus environment. You must include Junos Space in your design. You want to take advantage of security features supported on the devices.

Which two security features would satisfy this requirement? (Choose two.)

A. SDSN

B. Stateful Firewall

C. Access Control

D. ALG

Which statement about IPsec tunnels is true?

A. They are used to provide in-depth packet inspection for traffic leaving your network

B. They are used to prevent routing loops in a Layer 2 environment

C. They are used to secure and encrypt traffic between tunnel endpoints

D. They are used to combine multiple interfaces into a single bundle

Which two steps should be included in your security design process? (Choose two.)

A. Identify external attackers

B. Define safety requirements for the customer's organization

C. Identify the firewall enforcement points

D. Define overall security policies

You are concerned about users attacking the publicly accessible servers in your data center through encrypted channels. You want to block these attacks using your SRX Series devices.

In this scenario, which two features should you use? (Choose two.)

A. Sky ATP

B. IPS

C. SSL forward proxy

D. SSL reverse proxy

You are using SRX Series devices to secure your network and you require sandboxing for malicious file detonation. However, per company policy, you cannot send potentially malicious files outside your network for sandboxing.

Which feature should you use in this situation?

A. Sky ATP

B. UTM antivirus

C. IPS

D. JATP