Security, Specialist (JNCIS-SEC) v1.0

Page:    1 / 5   
Exam contains 64 questions
Expand All

What are two different methods to probe the onboarded device on Junos Space Security Director? (Choose two.)

  • A. using SNMP
  • B. using SMTP
  • C. using the ping command
  • D. using HTTP


Answer : AC


You have configured a new site-to-site VPN tunnel. The exhibit shows the security IPsec statistics output for the specific tunnel index from one of the tunnel-end devices.
Which two statements are correct in this scenario? (Choose two.)

  • A. AH is incorrectly configured.
  • B. The far-end tunnel device is rebooting.
  • C. The ESP configuration is not set up correctly.
  • D. No traffic passes through this tunnel.


Answer : CD

Which three algorithms are used to encrypt IP packets? (Choose three.)

  • A. Data Encryption Standard (DES)
  • B. Secure Hash Algorithm (SHA) - 1
  • C. Message Digest 5 (MD5)
  • D. Triple Data Encryption Standard (3DES)
  • E. Advanced Encryption Standard (AES)


Answer : ADE


Referring to the exhibit, what should you do to ensure that Juniper ATP Cloud detects malware in HTTPS traffic?

  • A. Manually configure and apply an SSL proxy profile.
  • B. Lower the threat score.
  • C. Configure a new device profile that includes encrypted traffic.
  • D. Change the action to redirect the encrypted traffic to a decryption device.


Answer : A

Which two statements are correct about redundant fabric interfaces in a chassis cluster? (Choose two.)

  • A. fab0 and fab1 are located on both node0 and node1.
  • B. fab0 is located on node0, whereas fab1 is located on node1.
  • C. The media type must be the same for each redundant fabric interface.
  • D. The media type can be different for each redundant fabric interface.


Answer : AC

Which two statements are correct about fabric interfaces on an SRX Series Firewall? (Choose two.)

  • A. In an active/active configuration, inter-chassis traffic uses the fab link.
  • B. In an active/passive configuration, inter-chassis traffic uses the fab link.
  • C. The node ID is reflected in the fabric interface name.
  • D. The cluster ID is reflected in the fabric interface name.


Answer : AB

Which two statements are correct about Juniper Secure Connect? (Choose two.)

  • A. Juniper Secure Connect uses a policy-based VPN.
  • B. Juniper Secure Connect can use a self-signed certificate.
  • C. Juniper Secure Connect uses a route-based VPN.
  • D. Juniper Secure Connect cannot use a self-signed certificate.


Answer : BC

How does the SSL proxy detect if a particular session is SSL encrypted?

  • A. It uses AppID services.
  • B. It verifies the length of the packet.
  • C. It looks at the destination port number.
  • D. It uses a certificate authority (CA).


Answer : A

Which two statements are correct about the security associations of an IPsec VPN? (Choose two.)

  • A. IPsec security associations are established during IKEv1 Phase 2 negotiations.
  • B. IKEv1 security associations are established during IKEv1 Phase 2 negotiations.
  • C. IPsec security associations are established during IKEv1 Phase 1 negotiations.
  • D. IKEv1 security associations are established during IKEv1 Phase 1 negotiations.


Answer : AD

What is the role of SRX Series devices while deploying identity-aware security policies with JIMS?

  • A. enforcement point
  • B. identity producer
  • C. domain controller
  • D. certificate authority


Answer : A

Which statement is correct about Active Directory as an identity source for identity-aware security policies?

  • A. It supports a maximum of two domains.
  • B. It supports logical systems.
  • C. It supports 20 Active Directory servers per domain.
  • D. It tracks non-Windows Active Directory users.


Answer : C

Which two statements are correct about SSL proxy server protection? (Choose two.)

  • A. Server protection SSL proxy forwards the actual server certificate to the client without modifying it.
  • B. Server protection SSL proxy is also known as SSL forward proxy.
  • C. Server protection SSL proxy is also known as SSL reverse proxy.
  • D. Server protection SSL proxy intercepts the server certificate.


Answer : AC

What are two types of attack objects included in an IDP attack object database? (Choose two.)

  • A. statistic-based
  • B. protocol anomaly-based
  • C. signature-based
  • D. vector-based


Answer : BC

You are establishing an IPsec VPN and must ensure that payload data is encrypted.
In this scenario, which IPsec security protocol should you configure?

  • A. SHA-1
  • B. ESP
  • C. AH
  • D. PFS


Answer : B

Which two statements accurately describe the role of hashing in VPNs? (Choose two.)

  • A. Hashing compresses data in VPN communications.
  • B. Hashing generates a fixed-size string of characters.
  • C. Hashing encrypts data to ensure confidentiality.
  • D. Hashing verifies that data has not been altered during transmission.


Answer : BD

Page:    1 / 5   
Exam contains 64 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy