Juniper JN0-633 Exam Practice Questions (P. 2)
- Full Access (181 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #6
What are two AppSecure modules? (Choose two.)
- AAppDoS
- BAppFlow
- CAppTrack
- DAppNAT
Correct Answer:
AC
Reference : Page No 2 Figure 1 -
http://www.juniper.net/us/en/local/pdf/datasheets/1000327-en.pdf
AC
Reference : Page No 2 Figure 1 -
http://www.juniper.net/us/en/local/pdf/datasheets/1000327-en.pdf
send
light_mode
delete
Question #7
You are working as a security administrator and must configure a solution to protect against distributed botnet attacks on your company's central SRX cluster.
How would you accomplish this goal?
How would you accomplish this goal?
- AConfigure AppTrack to inspect and drop traffic from the malicious hosts.
- BConfigure AppQoS to block the malicious hosts.
- CConfigure AppDoS to rate limit connections from the malicious hosts.
- DConfigure AppID with a custom application to block traffic from the malicious hosts.
Correct Answer:
C
Reference : Page No 2 Figure 1 -
http://www.juniper.net/us/en/local/pdf/datasheets/1000327-en.pdf
C
Reference : Page No 2 Figure 1 -
http://www.juniper.net/us/en/local/pdf/datasheets/1000327-en.pdf
send
light_mode
delete
Question #8
You are asked to change the configuration of your company's SRX device so that you can block nested traffic from certain Web sites, but the main pages of these
Web sites must remain available to users. Which two methods will accomplish this goal? (Choose two.)
Web sites must remain available to users. Which two methods will accomplish this goal? (Choose two.)
- AEnable the HTTP ALG.
- BImplement a firewall filter for Web traffic.
- CUse an IDP policy to inspect the Web traffic.
- DConfigure an application firewall rule set.
Correct Answer:
BD
Reference: An application layer gateway (ALG) is a feature on ScreenOS gateways that enables the gateway to parse application layer payloads and take decisions on them. ALGs are typically employed to support applications that use the application layer payload to communicate the dynamic Transmission Control
Protocol (TCP) or User Datagram Protocol (UDP) ports on which the applications open data connections (http://kb.juniper.net/InfoCenter/index? page=content&id=KB13530)
IDP policy defines the rule for defining the type of traffic permitted on network (http://www.juniper.net/techpubs/software/junos-security/junos-security95/junos- security-swconfig- security/enable-idp-security-policy-section.html)
BD
Reference: An application layer gateway (ALG) is a feature on ScreenOS gateways that enables the gateway to parse application layer payloads and take decisions on them. ALGs are typically employed to support applications that use the application layer payload to communicate the dynamic Transmission Control
Protocol (TCP) or User Datagram Protocol (UDP) ports on which the applications open data connections (http://kb.juniper.net/InfoCenter/index? page=content&id=KB13530)
IDP policy defines the rule for defining the type of traffic permitted on network (http://www.juniper.net/techpubs/software/junos-security/junos-security95/junos- security-swconfig- security/enable-idp-security-policy-section.html)
send
light_mode
delete
Question #9
You are using the AppDoS feature to control against malicious bot client attacks. The bot clients are using file downloads to attack your server farm. You have configured a context value rate of 10,000 hits in 60 seconds. At which threshold will the bot clients no longer be classified as malicious?
- A5000 hits in 60 seconds
- B8000 hits in 60 seconds
- C7500 hits in 60 seconds
- D9999 hits in 60 seconds
Correct Answer:
B
Reference :
http://www.juniper.net/techpubs/software/junos-security/junos-security10.0/junos-security-swconfig- security/appddos-protection-overview.html
B
Reference :
http://www.juniper.net/techpubs/software/junos-security/junos-security10.0/junos-security-swconfig- security/appddos-protection-overview.html
send
light_mode
delete
Question #10
Your company's network has seen an increase in Facebook-related traffic. You have been asked to restrict the amount of Facebook-related traffic to less than 100
Mbps regardless of congestion. What are three components used to accomplish this task? (Choose three.)
Mbps regardless of congestion. What are three components used to accomplish this task? (Choose three.)
- AIDP policy
- Bapplication traffic control
- Capplication firewall
- Dsecurity policy
- Eapplication signature
Correct Answer:
BDE
An IDP policy defines how your device handles the network traffic. It will not limit the rate. Reference: http://www.juniper.net/techpubs/software/junos-security/ junos-security96/junos-security- swconfig-security/idp-policy-overview-section.html) Application Firewall enforces protocol and policy control at Layer 7. It inspects the actual content of the payload and ensures that it conforms to the policy, rather than limiting the rate. Reference: http://www.juniper.net/techpubs/en_US/ junos12.1x44/topics/concept/application- firewall-overview.html
BDE
An IDP policy defines how your device handles the network traffic. It will not limit the rate. Reference: http://www.juniper.net/techpubs/software/junos-security/ junos-security96/junos-security- swconfig-security/idp-policy-overview-section.html) Application Firewall enforces protocol and policy control at Layer 7. It inspects the actual content of the payload and ensures that it conforms to the policy, rather than limiting the rate. Reference: http://www.juniper.net/techpubs/en_US/ junos12.1x44/topics/concept/application- firewall-overview.html
send
light_mode
delete
All Pages