1. Home
  2. Juniper
  3. JN0-332

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Exam Details

  • Exam Code
    :JN0-332
  • Exam Name
    :Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)
  • Certification
    :Juniper Certifications
  • Vendor
    :Juniper
  • Total Questions
    :519 Q&As
  • Last Updated
    :Jun 06, 2025

Juniper Juniper Certifications JN0-332 Questions & Answers

  • Question 461:

    How do you apply UTM enforcement to security policies on the branch SRX series?

    A. UTM profiles are applied on a security policy by policy basis.

    B. UTM profiles are applied at the global policy level.

    C. Individual UTM features like anti-spam or anti-virus are applied directly on a security policy by policy basis.

    D. Individual UTM features like anti-spam or anti-virus are applied directly at the global policy level.

  • Question 462:

    Which URL database do branch SRX Series devices use when leveraging local Web filtering?

    A. The SRX Series device will download the database from an online repository to locally inspect HTTP traffic for Web filtering.

    B. The SRX Series device will use an offline database to locally inspect HTTP traffic for Web filtering.

    C. The SRX Series device will redirect local HTTP traffic to an external Websense server for Web filtering.

    D. The SRX Series administrator will define the URLs and their associated action in the local database to inspect the HTTP traffic for Web filtering.

  • Question 463:

    Which two statements are true with regard to policy ordering? (Choose two.)

    A. The last policy is the default policy, which allows all traffic.

    B. The order of policies is not important.

    C. New policies are placed at the end of the policy list.

    D. The insert command can be used to change the order.

  • Question 464:

    Regarding fast path processing, when does the system perform the policy check?

    A. The policy is determined after the SCREEN options check.

    B. The policy is determined only during the first packet path, not during fast path.

    C. The policy is determined after the zone check.

    D. The policy is determined after the SYN TCP flag.

  • Question 465:

    The Junos OS blocks an HTTP request due to the category of the URL.

    Which form of Web filtering is being used?

    A. redirect Web filtering

    B. integrated Web filtering

    C. categorized Web filtering

    D. local Web filtering

  • Question 466:

    A network administrator is using source NAT for traffic from source network 10.0.0.0/8. The administrator must also disable NAT for any traffic destined to the 202.2.10.0/24 network.

    Which configuration would accomplish this task?

    A. [edit security nat source rule-set test]

    user@host# show

    from zone trust;

    to zone untrust;

    rule A {

    match {

    source-address 202.2.10.0/24;

    }

    then {

    source-nat {

    pool {

    A;

    }

    }

    }

    }

    rule B {

    match {

    destination-address 10.0.0.0/8;

    }

    then {

    source-nat {

    off;

    }

    }

    }

    B. [edit security nat source] user@host# show rule-set test from zone trust; to zone untrust; rule 1 { match { destination-address 202.2.10.0/24; } then { source-nat { off; } } } rule 2 { match { source-address 10.0.0.0/8; } then { source-nat { pool { A; } } } }

    C. [edit security nat source rule-set test] user@host# show from zone trust; to zone untrust; rule A { match { source-address 10.0.0.0/8; } then { source-nat { pool { A; }

    }

    }

    }

    rule B {

    match {

    destination-address 202.2.10.0/24;

    }

    then {

    source-nat {

    off;

    }

    }

    }

    D. [edit security nat source rule-set test] user@host# show from zone trust; to zone untrust; rule A { match { source-address 10.0.0.0/8; } then { source-nat { pool { A; } } } }

  • Question 467:

    For which network anomaly does Junos provide a SCREEN?

    A. a telnet to port 80

    B. a TCP packet with the SYN and ACK flags set

    C. an SNMP getnext request

    D. an ICMP packet larger than 1024 bytes

  • Question 468:

    What is the proper sequence of evaluation for the SurfControl integrated Web filter solution?

    A. whitelists, blacklists, SurfControl categories

    B. blacklists, whitelists, SurfControl categories

    C. SurfControl categories, whitelists, blacklists

    D. SurfControl categories, blacklists, whitelists

  • Question 469:

    After applying the policy-rematch statement under the security policies stanza, what would happen to an existing flow if the policy source address or the destination address is changed and committed?

    A. The Junos OS drops any flow that does not match the source address or destination address.

    B. All traffic is dropped.

    C. All existing sessions continue.

    D. The Junos OS does a policy re-evaluation.

  • Question 470:

    Which statement is correct about HTTP trickling?

    A. It prevents the HTTP client or server from timing-out during an antivirus update.

    B. It prevents the HTTP client or server from timing-out during antivirus scanning.

    C. It is an attack.

    D. It is used to bypass antivirus scanners.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-332 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.