1. Home
  2. Juniper
  3. JN0-332

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Exam Details

  • Exam Code
    :JN0-332
  • Exam Name
    :Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)
  • Certification
    :Juniper Certifications
  • Vendor
    :Juniper
  • Total Questions
    :519 Q&As
  • Last Updated
    :Jun 22, 2025

Juniper Juniper Certifications JN0-332 Questions & Answers

  • Question 391:

    Which three types of content filtering are supported only for HTTP? (Choose three.)

    A. block Flash

    B. block Java applets

    C. block ActiveX

    D. block EXE files

    E. block MIME type

  • Question 392:

    Which three represent IDP policy match conditions? (Choose three.)

    A. protocol

    B. source-address

    C. port

    D. application

    E. attacks

  • Question 393:

    You want to create a security policy allowing traffic from any host in the Trust zone to hostb.example.com

    (172.19.1.1)

    in the Untrust zone. How do you create this policy?

    A.

    Specify the IP address (172.19.1.1/32) as the destination address in the policy.

    B.

    Specify the DNS entry (hostb.example.com) as the destination address in the policy.

    C.

    Create an address book entry in the Trust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

    D.

    Create an address book entry in the Untrust zone for the 172.19.1.1/32 prefix and reference this entry in the policy.

  • Question 394:

    Which two statements are true regarding firewall user authentication? (Choose two.)

    A. When configured for pass-through firewall user authentication, the user must first open a connection to the Junos security platform before connecting to a remote network resource.

    B. When configured for Web firewall user authentication only, the user must first open a connection to the Junos security platform before connecting to a remote network resource.

    C. If a Junos security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted to perform authentication.

    D. If a Junos security device is configured for Web firewall user authentication, new sessions are automatically intercepted to perform authentication.

  • Question 395:

    Click the Exhibit button.

    Referring to the exhibit, you are not able to telnet to 192.168.10.1 from client PC 192.168.10.10. What is causing the problem?

    A. Telnet is not being permitted by self policy.

    B. Telnet is not being permitted by security policy.

    C. Telnet is not allowed because it is not considered secure.

    D. Telnet is not enabled as a host-inbound service on the zone.

  • Question 396:

    Which statement is true about SurfControl integrated Web filter solution?

    A. The SurfControl server in the cloud provides the SRX device with the category of the URL as well as the reputation of the URL.

    B. The SurfControl server in the cloud provides the SRX device with only the category of the URL.

    C. The SurfControl server in the cloud provides the SRX device with only the reputation of the URL.

    D. The SurfControl server in the cloud provides the SRX device with a decision to permit or deny the URL.

  • Question 397:

    In the Junos OS, which statement is true?

    A. vlan.0 belongs to the untrust zone.

    B. You must configure Web authentication to allow inbound traffic in the untrust zone.

    C. he zone name untrust has no special meaning

    D. The untrust zone is not configurable.

  • Question 398:

    The Junos OS blocks an HTTP request due to its inclusion on the url-blacklist.

    Which form of Web filtering on the branch SRX device is fully executed within the device itself?

    A. redirect Web filtering

    B. integrated Web filtering

    C. blacklist Web filtering

    D. local Web filtering

  • Question 399:

    You have configured your chassis cluster to include redundancy group 1. Node 0 is configured to be the primary node for this redundancy group. You need to verify that the redundancy group failover is successful.

    Which command do you use to manually test the failover?

    A. request chassis cluster manual failover group 1 node 1

    B. request cluster failover redundancy-group 1 node 1

    C. request chassis cluster manual failover redundancy-group 1 node 1

    D. request chassis cluster failover redundancy-group 1 node 1

  • Question 400:

    Which parameters are valid SCREEN options for combating operating system probes?

    A. syn-fin, syn-flood, and tcp-no-frag

    B. syn-fin, port-scan, and tcp-no-flag

    C. syn-fin, fin-no-ack, and tcp-no-frag

    D. syn-fin, syn-ack-ack-proxy, and tcp-no-frag

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-332 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.