Juniper JN0-1331 Exam Practice Questions (P. 4)
- Full Access (65 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #16
You will be managing 1000 SRX Series devices. Each SRX Series device requires basic source NAT to access the Internet.
Which product should you use to manage these NAT rules on the SRX Series devices?
Which product should you use to manage these NAT rules on the SRX Series devices?
send
light_mode
delete
Question #17
Which two features are used to stop IP spoofing in and out of your network? (Choose two.)
- AGeoIP
- Bfirewall filters
- Cunicast reverse path forwarding
- DIPS
Correct Answer:
CD
Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-attacker-evasion-technique.html
CD
Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-attacker-evasion-technique.html
send
light_mode
delete
Question #18
What are two benefits of the vSRX in a virtualized private or public cloud multitenant environment? (Choose two.)
- Afull logical systems capabilities
- Bstateful firewall protection at the tenant edge
- C100GbE interface support
- DOSPFv3 capabilities
Correct Answer:
AB
Reference:
https://www.juniper.net/documentation/en_US/vsrx/topics/concept/security-vsrx-overview-generic.html https://www.juniper.net/documentation/en_US/junos/topics/topic-map/logical-systems-overview.html
AB
Reference:
https://www.juniper.net/documentation/en_US/vsrx/topics/concept/security-vsrx-overview-generic.html https://www.juniper.net/documentation/en_US/junos/topics/topic-map/logical-systems-overview.html
send
light_mode
delete
Question #19
You are designing a new network for your organization with the characteristics shown below.
✑ All traffic must pass inspection by a security device.
✑ A center-positioned segmentation gateway must provide deep inspection of each packet using 10 Gbps interfaces.
✑ Policy enforcement must be centrally managed.
Which security model should you choose for your network design?
✑ All traffic must pass inspection by a security device.
✑ A center-positioned segmentation gateway must provide deep inspection of each packet using 10 Gbps interfaces.
✑ Policy enforcement must be centrally managed.
Which security model should you choose for your network design?
- AIntrazone Permit
- Btrust but verify
- Cuser-role firewall policies
- DZero Trust
Correct Answer:
D
Reference:
https://www.juniper.net/assets/cn/zh/local/pdf/whitepapers/2000749-en.pdf
D
Reference:
https://www.juniper.net/assets/cn/zh/local/pdf/whitepapers/2000749-en.pdf
send
light_mode
delete
Question #20
A hosting company is migrating to cloud-based solutions. Their customers share a physical firewall cluster, subdivided into individual logical firewalls for each customer. Projection data shows that the cloud service will soon deplete all the resources within the physical firewall. As a consultant, you must propose a scalable solution that continues to protect all the cloud customers while still securing the existing physical network.
In this scenario, which solution would you propose?
In this scenario, which solution would you propose?
- ADeploy a vSRX cluster in front of each customer's servers while keeping the physical firewall cluster
- BDeploy a software-defined networking solution
- CRemove the physical firewall cluster and deploy vSRX clusters dedicated to each customer's servers
- DReplace the physical firewall cluster with a higher-performance firewall
Correct Answer:
C
C
send
light_mode
delete
All Pages