1. Home
  2. Juniper
  3. JN0-1331

Security Design - Specialist (JNCDS-SEC)

Exam Details

  • Exam Code
    :JN0-1331
  • Exam Name
    :Security Design - Specialist (JNCDS-SEC)
  • Certification
    :Juniper Other Certification
  • Vendor
    :Juniper
  • Total Questions
    :65 Q&As
  • Last Updated
    :May 09, 2024

Juniper Juniper Other Certification JN0-1331 Questions & Answers

  • Question 31:

    You will be managing 1000 SRX Series devices. Each SRX Series device requires basic source NAT to access the Internet.

    Which product should you use to manage these NAT rules on the SRX Series devices?

    A. Security Director

    B. CSO

    C. Contrail

    D. JSA

  • Question 32:

    You work for an ISP that wants to implement remote-triggered black hole (RTBH) filters. What are three considerations in this scenario? (Choose three.)

    A. Source RTBH can block legitimate traffic on the network

    B. BGP FlowSpec improves the RTBH model by implementing dynamic firewall filters

    C. Source RTBH requires uRPF to be implemented on the service provider's network core

    D. Destination RTBH requires uRPF to be implemented on the service provider's network edge

    E. Destination RTBH essentially completes the attack on the victim's IP

  • Question 33:

    You are designing a solution to protect a service provider network against volumetric denial-of-service attacks. Your main concern is to protect the network devices. Which two solutions accomplish this task? (Choose two.)

    A. next-generation firewall

    B. screens

    C. intrusion prevention system

    D. BGP FlowSpec

  • Question 34:

    You must design a small branch office firewall solution that provides application usage statistics.

    In this scenario, which feature would accomplish this task?

    A. AppFW

    B. AppTrack

    C. UTM

    D. AppQoS

  • Question 35:

    You are working with a customer to create a design proposal using SRX Series devices. As part of the design, you must consider the requirements shown below:

    1.

    You must ensure that every packet entering your device is independently inspected against a set of rules.

    2.

    You must provide a way to protect the device from undesired access attempts.

    3.

    You must ensure that you can apply a different set of rules for traffic leaving the device than are in use for traffic entering the device.

    In this scenario, what do you recommend using to accomplish these requirements?

    A. firewall filters

    B. intrusion prevention system

    C. unified threat management

    D. screens

  • Question 36:

    You have a campus location with multiple WAN links. You want to specify the primary link used for your VoIP traffic.

    In this scenario, which type of WAN load balancing would you use?

    A. BGP

    B. OSPF

    C. FBF

    D. ECMP

  • Question 37:

    Your company has outgrown its existing secure enterprise WAN that is configured to use OSPF, AutoVPN, and IKE version 1. You are asked if it is possible to make a design change to improve the WAN performance without purchasing new hardware.

    Which two design changes satisfy these requirements? (Choose two.)

    A. Modify the IPsec proposal from AES-128 to AES-256

    B. Change the IGP from OSPF to IS-IS

    C. Migrate to IKE version 2

    D. Implement Auto Discovery VPN

  • Question 38:

    Your customer needs help designing a single solution to protect their combination of various Junos network devices from unauthorized management access.

    Which Junos OS feature will provide this protection?

    A. Use a firewall filter applied to the fxp0 interface

    B. Use a security policy with the destination of the junos-host zone

    C. Use the management zone host-inbound-traffic feature

    D. Use a firewall filter applied to the lo0 interface

  • Question 39:

    Your customer is getting ready to deploy a new WAN architecture. It must be simple to set up, address hub scaling concerns, and allow the automatic addition of new sites without requiring changes to the hub site. They want to deploy either AutoVPN or Auto Discovery VPN.

    In this scenario, why would you propose Auto Discovery VPN as a solution?

    A. Your customer requires direct spoke-to-spoke communication

    B. OSPF support is required

    C. Only Auto Discovery VPN supports the automatic addition of valid spokes

    D. Your customer needs to configure the hub site only once

  • Question 40:

    You are deploying Security Director with the logging and reporting functionality for VMs that use SSDs. You expect to have approximately 20,000 events per second of logging in your network.

    In this scenario, what is the minimum number of log receiver devices that you should use?

    A. 4

    B. 3

    C. 2

    D. 1

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-1331 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.