1. Home
  2. Juniper
  3. JN0-332

Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)

Exam Details

  • Exam Code
    :JN0-332
  • Exam Name
    :Juniper Networks Certified Internet Specialist, SEC (JNCIS-SEC)
  • Certification
    :Juniper Certifications
  • Vendor
    :Juniper
  • Total Questions
    :519 Q&As
  • Last Updated
    :Jun 06, 2025

Juniper Juniper Certifications JN0-332 Questions & Answers

  • Question 511:

    Which zone is system-defined?

    A. security

    B. functional

    C. junos-global

    D. management

  • Question 512:

    Which statement contains the correct parameters for a route-based IPsec VPN?

    A. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; } policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface ge-0/0/1.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

    B. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; } policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

    C. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200;

    }

    policy ipsec1-policy {

    perfect-forward-secrecy {

    keys group2;

    }

    proposals ike1-proposal;

    }

    vpn VpnTunnel {

    bind-interface ge-0/0/1.0;

    ike {

    gateway ike1-gateway;

    ipsec-policy ipsec1-policy;

    }

    establish-tunnels immediately;

    }

    D. [edit security ipsec] user@host# show proposal ike1-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; }policy ipsec1-policy { perfect-forward-secrecy { keys group2; } proposals ike1-proposal; } vpn VpnTunnel { bind-interface st0.0; ike { gateway ike1-gateway; ipsec-policy ipsec1-policy; } establish-tunnels immediately; }

  • Question 513:

    Which security or functional zone name has special significance to the Junos OS?

    A. self

    B. trust

    C. untrust

    D. junos-global

  • Question 514:

    Which command do you use to display the status of an antivirus database update?

    A. show security utm anti-virus status

    B. show security anti-virus database status

    C. show security utm anti-virus database

    D. show security utm anti-virus update

  • Question 515:

    Which type of Web filtering by default builds a cache of server actions associated with each URL it has checked?

    A. Websense Redirect Web filtering

    B. integrated Web filtering

    C. local Web filtering

    D. enhanced Web filtering

  • Question 516:

    You must configure a SCREEN option that would protect your router from a session table flood.Which configuration meets this requirement?

    A. [edit security screen] user@host# show ids-option protectFromFlood { icmp { ip-sweep threshold 5000; flood threshold 2000; } }

    B. [edit security screen] user@host# show ids-option protectFromFlood { tcp { syn-flood { attack-threshold 2000; destination-threshold 2000; } } }

    C. [edit security screen] user@host# show ids-option protectFromFlood { udp { flood threshold 5000; } }

    D. [edit security screen] user@host# show ids-option protectFromFlood { limit-session { source-ip-based 1200; destination-ip-based 1200; } }

  • Question 517:

    Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH? (Choose three.)

    A. data integrity

    B. data confidentiality

    C. data authentication

    D. outer IP header confidentiality

    E. outer IP header authentication

  • Question 518:

    Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing a security policy change?

    A. policy-rematch

    B. policy-evaluate

    C. rematch-policy

    D. evaluate-policy

  • Question 519:

    Click the Exhibit button.

    You need to alter the security policy shown in the exhibit to send matching traffic to an IPsec VPN tunnel.

    Which command causes traffic to be sent through an IPsec VPN named remote- vpn?

    A. [edit security policies from-zone trust to-zone untrust] user@host# set policy tunnel-traffic then tunnel remote-vpn

    B. [edit security policies from-zone trust to-zone untrust] user@host# set policy tunnel-traffic then tunnel ipsec-vpn remote-vpn

    C. [edit security policies from-zone trust to-zone untrust] user@host# set policy tunnel-traffic then permit ipsec-vpn remote-vpn

    D. [edit security policies from-zone trust to-zone untrust] user@host# set policy tunnel-traffic then permit tunnel ipsec-vpn remote-vpn

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-332 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.