A Review Of Breathing JN0-1332 Test Questions

NEW QUESTION 1
You are designing an IP camera solution for your warehouse You must block command and control servers from communicating with the cameras. In this scenario. which two products would you need to include in your design? (Choose two)

• A. SRX Series device
• B. Security Director
• C. Juniper ATP Cloud
• D. IPS

Answer: CD

NEW QUESTION 2
Your company just purchased another company that uses the same IP address space as your company. You are asked to design a solution that allows both company’s to use each other's IT resources. Which two actions would you use to accomplish this task? (Choose two.)

• A. Implement double NAT
• B. Implement two non-overlapping equal-size address blocks
• C. Implement three non-overlapping equal-size address blocks.
• D. Implement persisted mat

Answer: C

NEW QUESTION 3
You arc designing a high availability firewall solution You select an off-path design instead of an mime design. What arc two reasons for this decision? (Choose two.)

• A. The off-path design is less complex
• B. The off-path design is more flexible
• C. The off-path design uses fewer interfaces at the adjacency layer
• D. The off-path design requires a proper routing configuration for selecting traffic

Answer: B

NEW QUESTION 4
You want to reduce the possibility of your data center's server becoming an unwilling participant in a DDoS attack When tvA3 features should you use on your SRX Series devices to satisfy this requirement? (Choose two.)

• A. dynamic IPsec tunnels
• B. Juniper ATP Cloud GeolP
• C. UTMWebtaering
• D. Juniper ATP Cloud CC feeds

Answer: AD

NEW QUESTION 5
When considering the data center, which two security aspects must be considered? (Choose two)

• A. theoretical
• B. conceptual
• C. physical
• D. logical

Answer: A

NEW QUESTION 6
Which automation language would you use to create on-box and off-box scripts for SRX Series devices?

• A. Python
• B. Pert
• C. Java
• D. Ruby

Answer: D

NEW QUESTION 7
As part of your design to secure a service provider WAN. you are asked to design a destination-based remote triggered black hole (RTBH) solution What arc two reasons for using this design? (Choose two)

• A. The attack is focused on a single IP address
• B. You do not know the source address of DDoS packets
• C. The attack comes from a limited number of source IP addresses
• D. You want to ensure that the destination IP remains reachable

Answer: D

NEW QUESTION 8
Physical security devices are ''blind'' to which type of traffic?

• A. bare metal server to VM
• B. private VLAN
• C. intra-server traffic
• D. management

Answer: B

NEW QUESTION 9
Refer to the exhibit.

The SRX Series devices are decoyed in an off-path active/passive Cluster configuration
What are two advantages of this deployment model over an active-'active duster configuration' (Choose two)

• A. load-balancing of east/west traffic
• B. load-balancing of north/south traffic
• C. reduced latency
• D. reduced fabric link traffic

Answer: CD

NEW QUESTION 10
You are designing Enterprise WAN attachments and want to follows Jumper recommended security practices In 0*s scenario. which two statements are correct? (Choose two.)

• A. Authentication authorization and accounting should be implemented on network resources
• B. The branch CPE should be configured to all outbound Ml:
• C. Printer traffic should be segmented from data traffic.
• D. Network management traffic should be segmented from data traffic

Answer: AD

NEW QUESTION 11
Refer to the Exhibit.

You are asked to provide a proposal for security elements in the service provider network shown in the exhibit. You must provide DOoS protection for Customer A from potential upstream attackers.
Which statements correct in this scenario?

• A. You should implement DDoS protection to drop offending traffic on the edge devices closest to the destination of the attack.
• B. You should implement DDoS protection to drop offending traffic on the edge devices closest to the source of the attack.
• C. You should implement DDoS protection to drop offending traffic on the core devices.
• D. You should implement DDoS protection to drop offending traffic on the customer edge device.

Answer: C

NEW QUESTION 12
Which two features would provide protection from known malware? (Choose two.)

• A. ALGs
• B. screens
• C. Junker ATP Cloud
• D. IPS

Answer: BC

NEW QUESTION 13
You are a security architect for a small managed service provider. The marketing team has proposed providing firewall services to the customers.
The requirements for the solution are shown below
-- The customer must be able 10 manage their own security device.
-- You must provide segmentation using Layer 2 and Layer 3.
-- You need to implement dynamic routing
-- You need to provide UTM services
in this scenario. which product would you select to provide the firewall services?

• A. cSRX
• B. vSRX
• C. vMX
• D. vQFX

Answer: D

NEW QUESTION 14
What are two factors you must consider when designing a network for security intelligence? (Choose two.)

• A. the number and model of JSA Series devices
• B. the third-party management application
• C. the number and model of SRX Series devices
• D. the Junos OS version

Answer: B

NEW QUESTION 15
When two security services process a packet whether it is being processed in the first-packet path or the fast path? (Choose two.)

• A. screen options
• B. ALG
• C. route lookup
• D. policy lookup

Answer: CD

NEW QUESTION 16
......