1. Home
  2. Juniper
  3. JN0-1331

Security Design - Specialist (JNCDS-SEC)

Exam Details

  • Exam Code
    :JN0-1331
  • Exam Name
    :Security Design - Specialist (JNCDS-SEC)
  • Certification
    :Juniper Other Certification
  • Vendor
    :Juniper
  • Total Questions
    :65 Q&As
  • Last Updated
    :May 09, 2024

Juniper Juniper Other Certification JN0-1331 Questions & Answers

  • Question 11:

    You are concerned about users attacking the publicly accessible servers in your data center through encrypted channels. You want to block these attacks using your SRX Series devices.

    In this scenario, which two features should you use? (Choose two.)

    A. Sky ATP

    B. IPS

    C. SSL forward proxy

    D. SSL reverse proxy

  • Question 12:

    You are designing a data center interconnect between two sites across a service provider Layer 3 VPN service. The sites require Layer 2 connectivity between hosts, and the connection must be secure.

    In this scenario, what will accomplish this task?

    A. EVPN over IPsec

    B. MACsec encryption

    C. SSL VPN encryption

    D. stacked VLAN tagging

  • Question 13:

    You are asked to design a secure enterprise WAN where all payload data is encrypted and branch sites communicate directly without routing all traffic through a central hub.

    Which two technologies would accomplish this task? (Choose two.)

    A. group VPN

    B. AutoVPN

    C. MPLS Layer 3 VPN

    D. Auto Discovery VPN

  • Question 14:

    In a data center, what are two characteristics of access tier VLAN termination on the aggregation tier? (Choose two.)

    A. Multiple VLANs can be part of one security zone

    B. A security zone is limited to a single VLAN

    C. Inter-VLAN traffic within a zone can bypass firewall services

    D. Inter-VLAN traffic is secured through firewall services

  • Question 15:

    You are responding to an RFP for securing a large enterprise. The RFP requires an onsite security solution which can use logs from third-party sources to prevent threats. The solution should also have the capability to detect and stop zero- day attacks.

    Which Juniper Networks solution satisfies this requirement?

    A. IDP

    B. Sky ATP

    C. JSA

    D. JATP

  • Question 16:

    You are designing a data center interconnect between two sites across a service provider Layer 2 leased line. The sites require Layer 2 connectivity between hosts, and the connection must be secure.

    In this scenario, what will accomplish this task?

    A. IRB VLAN routing

    B. MACsec encryption

    C. EVPN over IPsec

    D. IPsec encryption

  • Question 17:

    You are asked to design a security solution for your client's new two-tier data center. The client has a need for some flows to bypass firewall inspection entirely.

    Where should the firewall be deployed in this data center?

    A. inline, between the core switches and the access switches

    B. inline, between the core switches and the edge routers

    C. one-arm configuration, connected to the core switches

    D. one-arm configuration, connected to each access switch

  • Question 18:

    Your company has 500 branch sites and the CIO is concerned about minimizing the potential impact of a VPN router being stolen from an enterprise branch site. You want the ability to quickly disable a stolen VPN router while minimizing administrative overhead.

    Which solution accomplishes this task?

    A. Implement a certificate-based VPN using a public key infrastructure (PKI)

    B. Modify your IKE proposals to use Diffie-Hellman group 14 or higher

    C. Use firewall filters to block traffic from the stolen VPN router

    D. Rotate VPN pre-shared keys every month

  • Question 19:

    You are deploying a data center Clos architecture and require secure data transfers within the switching fabric.

    In this scenario, what will accomplish this task?

    A. MACsec encryption

    B. LAG Layer 2 hashing

    C. IRB VLAN routing between hosts D. stacked VLAN tagging on the core switches

  • Question 20:

    You are asked to design a VPN solution between 25 branches of a company. The company wants to have the sites talk directly to each other in the event of a hub device failure. The solution should follow industry standards.

    Which solution would you choose in this scenario?

    A. AutoVPN

    B. Auto Discovery VPN

    C. Group VPN

    D. full mesh VPN

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-1331 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.