Questions for the JN0-334 were updated on : Nov 29 ,2024
What are two examples of RTOs? (Choose two.)
A. IPsec SA entries
B. session table entries
C. fabric link probes
D. control link heartbeats
AB
The data plane software creates RTOs for UDP and TCP sessions and tracks state changes. It also
synchronizes traffic for IPv4 pass-through protocols such as Generic Routing Encapsulation (GRE) and
IPsec.
//www.juniper.net/documentation/en_US/junos/topics/topic-map/security-chassis-
cluster-data-plane-interfaces.html#id-45975
Click the Exhibit button.
Referring to the exhibit, you want to deploy Sky ATP with Policy Enforcer to block infected hosts at
the access layer.
To complete this task, where should you configure the default gateway for the User-1 device?
A. the irb interface on QFX-2
B. the irb interface on QFX-1
C. the interface of QFX-1 that connects to User-1
D. the interface on SRX-1 that connects to QFX-2
A
//www.juniper.net/documentation/en_US/release-independent/nce/topics/example/nce-162-
sdsn-example.html
Click the Exhibit button.
You need to have the JATP solution analyzer .jar, .xls, and .doc files.
Referring to the exhibit, which two file types must be selected to accomplish this task? (Choose two.)
A. Java
B. library
C. document
D. executable
AC
//www.juniper.net/documentation/en_US/release-independent/sky-
atp/topics/reference/general/sky-atp-profile-overview.html
Which three features are parts of Juniper Networks’ AppSecure suite? (Choose three.)
ABD
Reference:
https://www.juniper.net/documentation/en_US/junos/information-products/pathway-
pages/security/security
- application-identification.pdf
Which two statements are correct about server-protection SSP proxy? (Choose two.)
A. The server-protection SSL proxy intercepts the server certificate.
B. The server-protection SSL proxy is also known as SSL reverse proxy.
C. The server-protection SSL proxy forwards the server certificate after modification.
D. The server-protection SSL proxy acts as the server from the clients perspective.
BD
//www.juniper.net/documentation/en_US/junos/topics/topic-map/security-ssl-proxy.html
Which statement is true about high availability (HA) chassis clusters for the SRX Series device?
C
What are two types of attack objects used by IPS on SRX Series devices? (Choose two.)
AC
When considering managed sessions, which configuration parameter determines how full the
session table must be to implement the early age-out function? (Choose two)
AB
You are asked to improve resiliency for individual redundancy groups in an SRX4600 chassis cluster.
Which two features would accomplish this task? (Choose two.)
BD
What are two elements of a custom IDP/IPS attack object? (Choose two.)
AB
Click the Exhibit button.
Referring to the configuration shown in the exhibit, which two statements are true? (Choose two.)
A. The log is being stored on the local Routing Engine.
B. The log is being sent to a remote server.
C. The syslog is configured for a user facility.
D. The syslog is configured for an info facility.
BC
//www.juniper.net/documentation/en_US/junos/topics/reference/configuration-
statement/syslog-edit-system.html
Your network uses a remote e-mail server that is used to send and receive e-mails for your users.
In this scenario, what should you do to protect users from receiving malicious files thorugh e-mail?
C
Which two statements are true about virtualized SRX Series devices? (Choose two.)
A. vSRX cannot be deployed in transparent mode.
B. cSRX can be deployed in routed mode.
C. cSRX cannot be deployed in routed mode.
D. vSRX can be deployed in transparent mode.
BD
//www.juniper.net/documentation/en_US/csrx/information-products/pathway-pages/security-
csrx-contrail-guide-pwp.pdf
A routing change occurs on an SRX Series device that involves choosing a new egress interface.
In this scenario, which statement is true for all affected current sessions?
A. The current session are torn dowm only if the policy-rematch option has been enabled.
B. The current sessions do not change.
C. The current sessions are torn down and go through first path processing based on the new route.
D. The current sessions might change based on the corresponding security policy.
B
//forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/Affect-of-Route-change-on-Session/m-
p/27810#M11385
What information does JIMS collect from domain event log sources? (Choose two.)
CD