1. Home
  2. Juniper
  3. JN0-332

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Exam Details

  • Exam Code
    :JN0-332
  • Exam Name
    :Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)
  • Certification
    :Juniper Certifications
  • Vendor
    :Juniper
  • Total Questions
    :519 Q&As
  • Last Updated
    :Jun 06, 2025

Juniper Juniper Certifications JN0-332 Questions & Answers

  • Question 401:

    Click the Exhibit button.

    A network administrator receives complaints that the application voicecube is timing out after being idle for 30 minutes. Referring to the exhibit, what is a resolution?

    A. [edit] user@host# set applications application voicecube inactivity-timeout never

    B. [edit] user@host# set applications application voicecube inactivity-timeout 2

    C. [edit] user@host# set applications application voicecube destination-port 5060

    D. [edit] user@host# set security policies from-zone trust to-zone trust policy intrazone then timeout never

  • Question 402:

    Host A opens a Telnet connection to Host B. Host A then opens another Telnet connection to Host B.

    These connections are the only communication between Host A and Host B. The security policy configuration permits both connections.

    How many sessions exist between Host A and Host B?

    A. 1

    B. 2

    C. 3

    D. 4

  • Question 403:

    You want to create an out-of-band management zone and assign the ge-0/0/0.0 interface to that zone. From the [edit] hierarchy, which command do you use to configure this assignment?

    A. set security zones management interfaces ge-0/0/0.0

    B. set zones functional-zone management interfaces ge-0/0/0.0

    C. set security zones functional-zone management interfaces ge-0/0/0.0

    D. set security zones functional-zone out-of-band interfaces ge-0/0/0.0

  • Question 404:

    Which two content-filtering features does FTP support? (Choose two.)

    A. block extension list

    B. block MIME type

    C. protocol command list

    D. notifications-options

  • Question 405:

    Which statement is true about a NAT rule action of off?

    A. The NAT action of off is only supported for destination NAT rule-sets.

    B. The NAT action of off is only supported for source NAT rule-sets.

    C. The NAT action of off is useful for detailed control of NAT.

    D. The NAT action of off is useful for disabling NAT when a pool is exhausted.

  • Question 406:

    Using a policy with the policy-rematch flag enabled, what happens to the existing and new sessions when you change the policy action from permit to deny?

    A. The new sessions matching the policy are denied. The existing sessions are dropped.

    B. The new sessions matching the policy are denied. The existing sessions, not being allowed to carry any traffic, simply timeout.

    C. The new sessions matching the policy might be allowed through if they match another policy. The existing sessions are dropped.

    D. The new sessions matching the policy are denied. The existing sessions continue until they are completed or their timeout is reached.

  • Question 407:

    Which two statements describe the difference between Junos software for security platforms and a traditional router? (Choose two.)

    A. Junos software for security platforms supports NAT and PAT; a traditional router does not support NAT or PAT.

    B. Junos software for security platforms does not forward traffic by default; a traditional router forwards traffic by default.

    C. Junos software for security platforms uses session-based forwarding; a traditional router uses packet-based forwarding.

    D. Junos software for security platforms performs route lookup for every packet; a traditional router performs route lookup only for the first packet.

  • Question 408:

    Click the Exhibit button.

    Which command is needed to change this policy to a tunnel policy for a policy-based VPN?

    A. set policy tunnel-traffic then tunnel remote-vpn

    B. set policy tunnel-traffic then permit tunnel remote-vpn

    C. set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn permit

    D. set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn

  • Question 409:

    Which statement is true when express AV detects a virus in TCP session?

    A. TCP RST is sent and a session is restarted.

    B. TCP connection is closed gracefully and the data content is dropped.

    C. TCP traffic is allowed and an SNMP trap is sent.

    D. AV scanning is restarted.

  • Question 410:

    Which two statements are true when describing the capabilities of integrated Web filtering on branch SRX Series devices? (Choose two.)

    A. Integrated Web filtering can enforce UTM policies on traffic encrypted in SSL.

    B. Integrated Web filtering can detect client-side exploits that attack the user's Web browser.

    C. Integrated Web filtering can permit or deny access to specific categories of sites.

    D. Different integrated Web-filtering policies can be applied on a firewall rule-by-rule basis to allow different policies to be enforced for different users.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-332 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.