1. Home
  2. Juniper
  3. JN0-1332

Security Design Specialist (JNCDS-SEC)

Exam Details

  • Exam Code
    :JN0-1332
  • Exam Name
    :Security Design Specialist (JNCDS-SEC)
  • Certification
    :JNCDS-SEC
  • Vendor
    :Juniper
  • Total Questions
    :65 Q&As
  • Last Updated
    :May 09, 2024

Juniper JNCDS-SEC JN0-1332 Questions & Answers

  • Question 11:

    In a data center, what are two characteristics of access tier VLAN termination on the aggregation tier? (Choose two.)

    A. Multiple VLANs can be part of one security zone

    B. A security zone is limited to a single VLAN

    C. Inter-VLAN traffic within a zone can bypass firewall services

    D. Inter-VLAN traffic is secured through firewall services

  • Question 12:

    You are concerned about users attacking the publicly accessible servers in your data center through encrypted channels. You want to block these attacks using your SRX Series devices.

    In this scenario, which two features should you use? (Choose two.)

    A. Sky ATP

    B. IPS

    C. SSL forward proxy

    D. SSL reverse proxy

  • Question 13:

    You are designing a data center interconnect between two sites across a service provider Layer 3 VPN service. The sites require Layer 2 connectivity between hosts, and the connection must be secure.

    In this scenario, what will accomplish this task?

    A. EVPN over IPsec

    B. MACsec encryption

    C. SSL VPN encryption

    D. stacked VLAN tagging

  • Question 14:

    You are using SRX Series devices to secure your network and you require sandboxing for malicious file detonation. However, per company policy, you cannot send potentially malicious files outside your network for sandboxing.

    Which feature should you use in this situation?

    A. Sky ATP

    B. UTM antivirus

    C. IPS

    D. JATP

  • Question 15:

    You are asked to design a VPN solution between 25 branches of a company. The company wants to have the sites talk directly to each other in the event of a hub device failure. The solution should follow industry standards.

    Which solution would you choose in this scenario?

    A. AutoVPN

    B. Auto Discovery VPN

    C. Group VPN

    D. full mesh VPN

  • Question 16:

    Your company has 500 branch sites and the CIO is concerned about minimizing the potential impact of a VPN router being stolen from an enterprise branch site. You want the ability to quickly disable a stolen VPN router while minimizing administrative overhead.

    Which solution accomplishes this task?

    A. Implement a certificate-based VPN using a public key infrastructure (PKI)

    B. Modify your IKE proposals to use Diffie-Hellman group 14 or higher

    C. Use firewall filters to block traffic from the stolen VPN router

    D. Rotate VPN pre-shared keys every month

  • Question 17:

    You are designing a data center interconnect between two sites across a service provider Layer 2 leased line. The sites require Layer 2 connectivity between hosts, and the connection must be secure.

    In this scenario, what will accomplish this task?

    A. IRB VLAN routing

    B. MACsec encryption

    C. EVPN over IPsec

    D. IPsec encryption

  • Question 18:

    You are asked to design a security solution for your client's new two-tier data center. The client has a need for some flows to bypass firewall inspection entirely.

    Where should the firewall be deployed in this data center?

    A. inline, between the core switches and the access switches

    B. inline, between the core switches and the edge routers

    C. one-arm configuration, connected to the core switches

    D. one-arm configuration, connected to each access switch

  • Question 19:

    You are responding to an RFP for securing a large enterprise. The RFP requires an onsite security solution which can use logs from third-party sources to prevent threats. The solution should also have the capability to detect and stop zero- day attacks.

    Which Juniper Networks solution satisfies this requirement?

    A. IDP

    B. Sky ATP

    C. JSA

    D. JATP

  • Question 20:

    Which statement about IPsec tunnels is true?

    A. They are used to provide in-depth packet inspection for traffic leaving your network

    B. They are used to prevent routing loops in a Layer 2 environment

    C. They are used to secure and encrypt traffic between tunnel endpoints

    D. They are used to combine multiple interfaces into a single bundle

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-1332 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.