JN0-314 Exam Questions

On a MAG Series device, where is the preauthentication sign-in message configured?

You are the administrator in your company and you have restricted administrator access to require a user certificate to access the admin GUI on your company's MAG Series device. Yo...

Which two actions are available in the GUI for creating location awareness rules? (Choose two.)

You are the network administrator for your company. A user is complaining that they are not able to access the network with the Junos Pulse client. You run a packet capture on the...

An administrator has created three different Odyssey Access Client preconfiguration files and assigned them to three different roles in the same realm. Which action should the admi...

You want to create a Host Checker policy that looks for a specific antivirus product that is running on your client machines, but the predefined antivirus options do not include th...

What are three benefits of IF-MAP Federation? (Choose three.)

Which three authentication server types are supported for retrieving user attributes used in role- mapping rules? (Choose three.)

You have an SRX Series Layer 2 enforcer providing 802.1X authentication for connected endpoints. Your security policy requires that users who fail their authentication be placed in...

A company has completed two acquisitions over the previous year. Each of the acquired companies was allowed to keep its own independent authentication server. The network administr...

You want to customize access to the corporate network so that agentiess users are instructed to obtain a certificate before accessing the network. Which two configurations solve th...

You want to restrict access to a role based on the client machine from which the user is accessing the network. Which two role restrictions accomplish this goal? (Choose two.)

You are configuring an LDAP authentication server, and you want to configure role-mapping rules based on group membership. When you attempt to search for groups in the server catal...

Before replacing a MAG Series device, using the admin GUI, you export two backup files, system.cfg from "Maintenance" > "ImportfExport Configuration" and user.cfg from "Maintenance...

You administer a network containing SRX Series firewalls. New policy requires that you implement MAG Series devices to provide access control for end users. The policy requires tha...

Click the Exhibit button. A user logs in, is assigned the default role, and successfully loads the Host Enforcer policies shown in the exhibit. Which three statements are true? (Ch...

An outside vendor is eligible for the guest role and the contractor role when accessing your network, that is secured with the Junos Pulse Access Control Service. What is the defau...

You want to create a security policy on an SRX240 that redirects unauthenticated users back to the Junos Pulse Access Control Service. Which two steps must you take to accomplish t...

Which three authentication resources are grouped within an authentication realm? (Choose three.)

A user calls the help desk and explains that they just purchased a Macintosh computer. When they log into the network, the Odyssey Access Client is not automatically downloaded as...

Your company has deployed the Junos Pulse Access Control Service. The system administrator notices that the Host Checker policies are not being applied and enforced. You have verif...

You want to provide 802.1X access for Windows clients using Junos Pulse as the agent. Which two considerations must you take into account? (Choose two.)

What is a function of a user role?

At which point in the authentication process does the Junos Pulse Access Control Service determine whether the endpoint complies with a realm's authentication policy?

You are installing a MAG Series device for access control using an SRX Series device as the firewall enforcer. The MAG Series device resides in the same security zone as users. How...

Which Junos Pulse Access Control Service client provides a built-in viewer to access local logs?

A user logs in and is mapped to two roles. The first role has a maximum timeout value of 600 minutes and the default Juniper Networks logo on the user interface page. The second ro...

You have created a security policy on an SRX240 that permits traffic from any source-address, any destination-address, and any application. The policy will be a source IP policy fo...

What are two benefits of integrating Junos Pulse Access Control Service with Security Threat Response Manager (STRM)? (Choose two.)

You have a firewall enforcer receiving resource access policies from a Junos Pulse Access Control Service. You are using Network and Security Manager (NSM) for configuration manage...

End users want to map a network drive on their PCs when they are connected to the Junos Pulse Access Control Service. The mapped drive must be removed when users disconnect their s...

What are two roles of the authenticator as described in the 802.1X standard? (Choose two.)

You want to enforce a Host Checker policy so that only users who pass the policy receive the Employee role. In the admin GUI, which two parameters must you configure? (Choose two.)

You have three classes of users on your network: employee, contractor, and IT administrator. You configure the Junos Pulse Access Control Service to assign roles to each user class...

What are three necessary steps for enabling 802.1X access when configuring Layer 2 enforcement? (Choose three.)

On the Junos Pulse Access Control Service, you have created a role called Secret that you only want to provide to users who present a certificate. Using the admin GUI, which two fe...

Your IT manager has requested that you start providing weekly reports of CPU utilization on all network devices. Which monitoring function should be enabled on the MAG Series devic...

What are three default role-mapping rule values that are available for all realms? (Choose three.)

You must configure access to the corporate network for employees using a client access method. Users require IPsec tunneling to protected resources and an 802.1X supplicant. Users...

You are performing the initial setup of a new MAG Series device and have installed a valid CA- signed certificate on the MAG Series device. Connectivity to an existing SRX Series f...

In a Junos Pulse Access Control Service firewall enforcement configuration, what is the purpose of the source IP policy?

You are installing a new deployment of the Junos Pulse Access Control Service. In your environment, you have VoIP handsets that support 802.1X authentication with EAP-MD5. Which de...

What is a Host Enforcer policy?

You want to provide all users in your corporation with a single agent that provides access to multiple connection types conditionally. For example, you connect to the Junos Pulse A...

You have created a Host Checker policy that contains multiple rules. You want to inform end users which rule specifically has failed. In the admin GUI, which configuration setting...

Your IT director has decided to allow employees to use their laptops at home as well as in the office. You have deployed the Junos Pulse client to allow access to the office's 802....

Which two considerations must you take into account when deploying a Junos Pulse Access Control Service cluster? (Choose two.)

A system administrator wants to configure 802.1X on an Ethernet switch to enable access to specific parts of the network based on group memberships. How can the administrator accom...

When configuring a single SRX210 as a firewall enforcer to a MAG4610 active/passive cluster, which statement supports a fault-tolerant configuration?

What are two use cases enabled by IF-MAP Federation? (Choose two.)