JN0-332 Exam Questions

Which configuration keyword ensures that all in-progress sessions are re-evaluated upon committing a security policy change?

Click the Exhibit button. You need to alter the security policy shown in the exhibit to send matching traffic to an IPsec VPN tunnel. Which command causes traffic to be sent throug...

Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by AH? (Choose three.)

You must configure a SCREEN option that would protect your router from a session table flood.Which configuration meets this requirement?

Which type of Web filtering by default builds a cache of server actions associated with each URL it has checked?

Which security or functional zone name has special significance to the Junos OS?

Which command do you use to display the status of an antivirus database update?

Which statement contains the correct parameters for a route-based IPsec VPN?

Which zone is system-defined?

You want to allow your device to establish OSPF adjacencies with a neighboring device connected to interface ge-0/0/3.0. Interface ge-0/0/3.0 is a member of the HR zone. Under whic...

Click the Exhibit button. Your IKE SAs are up, but the IPsec SAs are not up.Referring to the exhibit, what is the problem?

Which three statements are true regarding IDP? (Choose three.)

Which two statements regarding symmetric key encryption are true? (Choose two.)

Regarding content filtering, what are two pattern lists that can be configured in the Junos OS? (Choose two.)

Which two statements are true about hierarchical architecture? (Choose two.)

Which two statements regarding external authentication servers for firewall user authentication are true? (Choose two.)

Click the Exhibit button. In the exhibit, a new policy named DenyTelnet was created. You notice that Telnet traffic is still allowed. Which statement will allow you to rearrange th...

Which UTM feature requires a license to function?

Click the Exhibit button. System services SSH, Telnet, FTP, and HTTP are enabled on the SRX Series device. Referring to the configuration shown in the exhibit, which two statements...

A user wants to establish an HTTP session to a server behind an SRX device but is being pointed to Web page on the SRX device for additional authentication. Which type of user auth...

Which two UTM features require a license to be activated? (Choose two.)

Which two statements in a source NAT configuration are true regarding addresses, rule-sets, or rules that overlap? (Choose two.)

A network administrator has configured source NAT, translating to an address that is on a locally connected subnet. The administrator sees the translation working, but traffic does...

Which statement describes an ALG?

Which three components can be leveraged when defining a local whitelist or blacklist for antispam on a branch SRX Series device? (Choose three.)

What is the correct syntax for applying node-specific parameters to each node in a chassis cluster?

Which statement describes a security zone?

A system administrator detects thousands of open idle connections from the same source.Which problem can arise from this type of attack?

Under which Junos hierarchy level are security policies configured?

You must configure a SCREEN option that would protect your device from a session table flood. Which configuration meets this requirement?

Which three methods of source NAT does the Junos OS support? (Choose three.)

Which three firewall user authentication objects can be referenced in a security policy? (Choose three.)

What is the default session timeout for TCP sessions?

Which three advanced permit actions within security policies are valid? (Choose three.)

Which statement is true regarding the Junos OS for security platforms?

Click the Exhibit button. Which type of NAT is being used in the exhibit?

At which two levels of the Junos CLI hierarchy is the host-inbound-traffic command configured? (Choose two.)

Which two parameters are configured in IPsec policy? (Choose two.)

The SRX device receives a packet and determines that it does not match an existing session.After SCREEN options are evaluated, what is evaluated next?

Which zone type can be specified in a policy?

Which two statements about Junos software packet handling are correct? (Choose two.)

Which Web-filtering technology can be used at the same time as integrated Web filtering on a single branch SRX Series device?

In a chassis cluster with two SRX 5800 devices, the interface ge-13/0/0 belongs to which device?

An IPsec tunnel is established on an SRX Series Gateway on an interface whose IP address was obtained using DHCP. Which two statements are true? (Choose two.)

Which two statements about the use of SCREEN options are correct? (Choose two.)

Click the Exhibit button. In the exhibit, you decided to change my Hosts addresses. What will happen to the new sessions matching the policy and in-progress sessions that had alrea...

When using UTM features in an HA cluster, which statement is true for installing the licenses on the cluster members?

Which statement is true regarding NAT?

Which two functions of the Junos OS are handled by the data plane? (Choose two.)

After applying the policy-rematch statement under the security policies stanza, what would happen to an existing flow if the policy source address or the destination address is cha...