Curious about Actual Juniper Junos Security Certification (JN0-335) Exam Questions?

Correct : C

Juniper ATP Cloud is a cloud-based service that provides advanced threat prevention and detection for your network. It integrates with SRX Series firewalls and MX Series routers to analyze files and network traffic for signs of malicious activity. Juniper ATP Cloud protects a network from zero-day threats by using dynamic analysis, which is a method of executing files in a sandbox environment and observing their behavior and network interactions. Dynamic analysis can uncover unknown malware that may evade static analysis or signature-based detection methods.

Correct : C

The exhibit shows a configuration snippet for security intelligence on an SRX Series device. Security intelligence is a feature that allows you to block or monitor traffic from malicious sources based on threat intelligence feeds from Juniper ATP Cloud or other providers. The configuration defines a profile for ATP Infected-Hosts, which is a feed that contains IP addresses of hosts that are infected with malware and communicate with command-and-control servers. The configuration also defines a rule for threat level 8, which is a parameter that indicates the severity of the threat. Based on this configuration, the SRX Series device will do the following:

Packets from the infected hosts with a threat level of 8 or above will be dropped: The action block-and-drop under the rule means that the device will block any traffic from the infected hosts that have a threat level equal to or higher than 8. This will prevent the hosts from sending or receiving malicious commands or data.

No log message will be generated: The absence of any log option under the rule means that the device will not generate any log message for the blocked traffic. This may reduce the load on the device and the logging server, but it may also limit the visibility and analysis of the security events.

Correct : A, D

To control when cluster failovers occur, you need to configure two specific parameters on an SRX Series device: heartbeat-interval and heartbeat-threshold. These parameters determine how often the nodes in a cluster exchange heartbeat messages and how many consecutive heartbeats can be missed before a failover is triggered. The heartbeat-interval specifies the time interval in seconds between each heartbeat message. The default value is 1 second and the range is from 0.1 to 10 seconds. The heartbeat-threshold specifies the number of consecutive heartbeats that must be missed before a failover occurs. The default value is 3 and the range is from 2 to 255.Reference:=Configuring Chassis Clustering on SRX Series Devices,Chassis Cluster Redundancy Group Failover

Correct : D

To include a rule that sets a threshold for excessive firewall denies and sends an SNMP trap after receiving related syslog messages from an SRX Series firewall, you need to use an event rule type in JSA. An event rule type allows you to create custom rules based on the events that are collected and normalized by JSA from various sources, such as firewalls, routers, switches, servers, and so on. You can define the conditions, tests, and actions for an event rule, such as matching a specific event name, setting a threshold for the number of occurrences, and sending an SNMP trap to a specified host.Reference:=Creating a Custom Rule,Customizing the SNMP Trap Output

Correct : D

The service that you would implement at your edge device to prioritize VoIP traffic in this scenario is AppQoS. AppQoS is a feature that enables you to allocate bandwidth and prioritize traffic based on application signatures or custom rules. AppQoS can enhance the quality of service and experience for critical or latency-sensitive applications, such as VoIP. You can configure AppQoS policies to assign different classes of service (CoS) values or queue numbers to different applications or traffic flows. You can also define bandwidth limits, guarantees, or bursts for each class or queue.Reference:= [Application Quality of Service Overview], [Configuring Application Quality of Service]