• Home
  • Articles
  • Authentic Best resources for JN0-1331 Test Engine Practice Exam [Q34-Q50]

Authentic Best resources for JN0-1331 Test Engine Practice Exam [Q34-Q50]

Share

Authentic Best resources for JN0-1331 Test Engine Practice Exam

[2021] JN0-1331 PDF Questions - Perfect Prospect To Go With ITPassLeader Practice Exam

NEW QUESTION 34
You are designing a DDoS solution for an ISP using BGP FlowSpec. You want to ensure that BGP FlowSpec does not overwhelm the ISP's edge routers.
Which two requirements should be included in your design? (Choose two.)

  • A. Implement a route policy to limit advertised routes to any public IP space
  • B. Specify a maximum number of BGP FlowSpec prefixes per device
  • C. Implement a route policy to limit advertised routes to /24 subnets
  • D. Specify a maximum number BGP FlowSpec prefixes per neighbor

Answer: A,B

 

NEW QUESTION 35
You are asked to design a secure enterprise WAN where all payload data is encrypted and branch sites communicate directly without routing all traffic through a central hub.
Which two technologies would accomplish this task? (Choose two.)

  • A. AutoVPN
  • B. Auto Discovery VPN
  • C. MPLS Layer 3 VPN
  • D. group VPN

Answer: B,C

Explanation:
Explanation/Reference: https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-auto-discovery- vpns.html

 

NEW QUESTION 36
You must design a small branch office firewall solution that provides application usage statistics.
In this scenario, which feature would accomplish this task?

  • A. AppQoS
  • B. AppTrack
  • C. AppFW
  • D. UTM

Answer: B

 

NEW QUESTION 37
You are deploying a data center Clos architecture and require secure data transfers within the switching fabric.
In this scenario, what will accomplish this task?

  • A. stacked VLAN tagging on the core switches
  • B. IRB VLAN routing between hosts
  • C. LAG Layer 2 hashing
  • D. MACsec encryption

Answer: D

 

NEW QUESTION 38
You are designing a solution to protect a service provider network against volumetric denial-of-service attacks. Your main concern is to protect the network devices.
Which two solutions accomplish this task? (Choose two.)

  • A. intrusion prevention system
  • B. BGP FlowSpec
  • C. screens
  • D. next-generation firewall

Answer: A,B

Explanation:
Explanation/Reference:
Reference: https://www.juniper.net/documentation/en_US/day-one-books/DO_BGP_FLowspec.pdf

 

NEW QUESTION 39
Which two steps should be included in your security design process? (Choose two.)

  • A. Identify the firewall enforcement points
  • B. Identify external attackers
  • C. Define overall security policies
  • D. Define safety requirements for the customer's organization

Answer: A,C

 

NEW QUESTION 40
Click the Exhibit button.

You are designing the virtualized server deployment shown in the exhibit in your data center. The vSRX device is acting as a Layer 2 firewall and the two VMs must communicate through the vSRX device.
Which two actions must you perform to accomplish this task? (Choose two.)

  • A. Place both VMs in the same VLAN
  • B. Place both VMs in different vSwitches
  • C. Place both VMs in the same vSwitch
  • D. Place both VMs in different VLANs

Answer: A,B

 

NEW QUESTION 41
You are designing a data center interconnect between two sites across a service provider Layer 2 leased line. The sites require Layer 2 connectivity between hosts, and the connection must be secure.
In this scenario, what will accomplish this task?

  • A. EVPN over IPsec
  • B. MACsec encryption
  • C. IPsec encryption
  • D. IRB VLAN routing

Answer: B

 

NEW QUESTION 42
Which two steps should be included in your security design process? (Choose two.)

  • A. Identify the firewall enforcement points
  • B. Identify external attackers
  • C. Define overall security policies
  • D. Define safety requirements for the customer's organization

Answer: A,C

Explanation:
Explanation/Reference: https://www.juniper.net/assets/us/en/local/pdf/whitepapers/2000591-en.pdf

 

NEW QUESTION 43
Which solution centralizes the management of security devices in your data center?

  • A. Junos CLI
  • B. Juniper Networks Secure Analytics
  • C. Junos Space Security Director
  • D. J-Web

Answer: C

 

NEW QUESTION 44
You work for an ISP that wants to implement remote-triggered black hole (RTBH) filters.
What are three considerations in this scenario? (Choose three.)

  • A. Source RTBH requires uRPF to be implemented on the service provider's network core
  • B. Source RTBH can block legitimate traffic on the network
  • C. Destination RTBH essentially completes the attack on the victim's IP
  • D. Destination RTBH requires uRPF to be implemented on the service provider's network edge
  • E. BGP FlowSpec improves the RTBH model by implementing dynamic firewall filters

Answer: A,B,E

 

NEW QUESTION 45
What are two benefits of the vSRX in a virtualized private or public cloud multitenant environment?
(Choose two.)

  • A. 100GbE interface support
  • B. stateful firewall protection at the tenant edge
  • C. full logical systems capabilities
  • D. OSPFv3 capabilities

Answer: B,C

Explanation:
Explanation/Reference: https://www.juniper.net/documentation/en_US/vsrx/topics/concept/security-vsrx-overview- generic.html
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/logical-systems-overview.html

 

NEW QUESTION 46
You are working on a network design that will use EX Series devices as Layer 2 access switches in a campus environment. You must include Junos Space in your design. You want to take advantage of security features supported on the devices.
Which two security features would satisfy this requirement? (Choose two.)

  • A. SDSN
  • B. ALG
  • C. Access Control
  • D. Stateful Firewall

Answer: A,C

 

NEW QUESTION 47
You are designing a data center security architecture. The design requires automated scaling of security services according to real-time traffic flows.
Which two design components will accomplish this task? (Choose two.)

  • A. VRF segmentation on high-capacity physical security appliances
  • B. JFlow traffic monitoring with event scripts
  • C. VNF security devices deployed on x86 servers
  • D. telemetry with an SDN controller

Answer: B,C

 

NEW QUESTION 48
You are required to design a university network to meet the conditions shown below.
* Users connected to the university network should be able to access the Internet and the research department lab network.
* The research department lab network should not be able to reach the Internet.
Which three actions satisfy the design requirements? (Choose three.)

  • A. Use a global deny security policy for the research lab
  • B. Use a global permit policy for Internet traffic
  • C. Use the default deny security policy for the research lab
  • D. Use separate security zones for each department
  • E. Use a static NAT rule between the internal zones for the research lab

Answer: A,B,D

 

NEW QUESTION 49
You are designing a solution to protect a service provider network against volumetric denial-of-service attacks.
Your main concern is to protect the network devices.
Which two solutions accomplish this task? (Choose two.)

  • A. intrusion prevention system
  • B. BGP FlowSpec
  • C. screens
  • D. next-generation firewall

Answer: A,B

 

NEW QUESTION 50
......

Best updated resource for JN0-1331 Online Practice Exam: https://www.itpassleader.com/Juniper/JN0-1331-dumps-pass-exam.html

Related Articles

more
Juniper JN0-1331 Certification Practice Exam
0
0
0
0