Most Recent Juniper JN0-335 Exam Questions & Answers

Two statements that are true about Juniper ATP Cloud are:

Juniper ATP Cloud uses multiple antivirus software packages to analyze files: Juniper ATP Cloud is a cloud-based service that provides advanced threat prevention and detection for your network. It integrates with SRX Series firewalls and MX Series routers to analyze files and network traffic for signs of malicious activity. Juniper ATP Cloud uses multiple antivirus software packages from different vendors to scan files for known malware signatures and provide a comprehensive verdict based on their results.

Juniper ATP Cloud does not use antivirus software packages to protect against zero-day threats: Juniper ATP Cloud protects against zero-day threats by using dynamic analysis, not antivirus software packages. Dynamic analysis is a method of executing files in a sandbox environment and observing their behavior and network interactions. Dynamic analysis can uncover unknown malware that may evade static analysis or signature-based detection methods.

unified security policies are security policies that enable you to use dynamic applications as match conditions along with existing 5-tuple or 6-tuple matching conditions12.They simplify application-based security policy management at Layer 7 and provide greater control and extensibility to manage dynamic applications traffic3

When a security policy is deleted, the active sessions allowed by the policy will be dropped. The default behavior is that all active sessions allowed by the policy will be terminated and the traffic will no longer be forwarded. There is no way to mark the active sessions as a legacy flow or to reevaluate them by the cached rules.

According to Juniper Networks Security, Specialist (JNCIS-SEC) Study Guide, when a security policy is deleted, the active sessions allowed by that policy will be dropped. This behavior is the default behavior of the device. There is no way to mark the active sessions as a legacy flow or to re-evaluate them against cached rules. The device will terminate the active sessions and will no longer forward traffic for those sessions.

vSRX is a virtual firewall that runs as a software instance on a hypervisor or in a cloud environment. It provides the same features and functionality as the SRX Series physical firewalls, such as advanced security, secure SD-WAN, and robust networking. Two statements that are true about vSRX are:

AWS is supported as an IaaS solution: AWS (Amazon Web Services) is a cloud computing platform that provides on-demand services such as infrastructure, platform, software, and database as a service. vSRX is available on the AWS Marketplace and can be deployed and scaled in minutes to provide firewall protection for workloads running in AWS Virtual Private Clouds (VPCs), private clouds, or on-premises resources.

OpenStack is supported as a cloud orchestration solution: OpenStack is an open source software platform that enables users to create and manage cloud infrastructure and services. vSRX can be integrated with OpenStack using Heat templates or Contrail Service Orchestration to automate the provisioning and configuration of vSRX instances in an OpenStack environment.

vSRX is a virtual firewall that runs as a software instance on a hypervisor. A hypervisor is a software layer that allows multiple virtual machines to run on a single physical host. vSRX supports three hypervisors: VMware ESXi, Hyper-V, and KVM. VMware ESXi is a hypervisor that runs on x86 servers and supports various operating systems and applications. Hyper-V is a hypervisor that runs on Windows Server and supports Windows and Linux virtual machines. KVM (Kernel-based Virtual Machine) is a hypervisor that runs on Linux and supports Linux, Windows, and other operating systems.