Recently Published Juniper JN0-1330 Dumps from PassLeader with VCE and PDF (Question 31 – Question 35)

The newest Juniper JN0-1330 dumps are available from PassLeader, you can get both JN0-1330 VCE dumps and JN0-1330 PDF dumps from PassLeader! PassLeader have added the newest JN0-1330 exam questions into its JN0-1330 VCE and PDF dumps now, the new JN0-1330 braindumps will help you 100% passing the JNCDS-SEC JN0-1330 exam. Welcome to download the valid PassLeader JN0-1330 dumps VCE and PDF here: https://www.passleader.com/jn0-1330.html (70 Q&As Dumps)

Besides, download that PassLeader JN0-1330 braindumps from Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpS2k2dmcwYk9FYjQ (FREE VERSION!!!)

QUESTION 31
Your company must enable high-speed Layer 2 connectivity between two data centers connected by private fiber. Your security policy mandates that all company data is encrypted between sites. Which technology would you use to meet these requirements?

A. IPsec
B. MACsec
C. L2PT
D. VXLAN

Answer: B

QUESTION 32
Your customer is in the design stage for a new data center. They have historically used the SRX5600. To improve the security of the data center, you will be suggesting they deploy vSRXs and hardware-based firewalls. In this scenario, what are two reasons for deploying a virtual firewall? (Choose two.)

A. The SRX5600 does not support IPS.
B. The ability to secure traffic between VMs without leaving the physical server hardware.
C. vSRX can reside anywhere in the virtual environment.
D. A vSRX has greater throughput than an SRX5600.

Answer: BC

QUESTION 33
Which statements about IPsec tunnels is true?

A. They are used to provide in-depth packet inspection for traffic leaving your network.
B. They are used to prevent routing loops in a Layer 2 environment.
C. They are used to secure and encrypt traffic between tunnel endpoints.
D. They are used to combine multiple interfaces into a single bundle.

Answer: C

QUESTION 34
A client wants to deploy a vSRX chassis cluster across two existing ESXi hosts without changing the external switch configuration. Which two actions must you perform to meet this requirement? (Choose two.)

A. Use a distributed virtual switch.
B. Use an overlay network to transport cluster heartbeats over Layer 3.
C. Configure private VLANs on the virtual switch for the control and fabric links.
D. Use a standard virtual switch.

Answer: AC
Explanation:
http://www.juniper.net/techpubs/en_US/vsrx15.1×49/topics/task/configuration/security-vsrx-chassis-cluster-node-dswitch-deploying.html

QUESTION 35
Referring to the network shown in the exhibit, a SYN flood attacks is initiated by an attacker that has a public IP address from ISP B within the 200.200.10.0/24 prefix. The attacker is sending SYN packets to the victim, connected to ISP A, with destination address of 100.100.31.78 using spoofed source addresses at random from the 192.168.0.0/16 prefix. Which two design best practices would prevent this attack from working? (Choose two.)
passleader-JN0-1330-dumps-351

A. ISP A should implement an ingress firewall filter on router R2 to discard traffic originating from the 200.200.10.0/24 prefix.
B. ISP A should implement an ingress firewall filter on router R3 to discard traffic originating from the 192.168.0.0/16, 172.16.0.0/12, and 10.0.0.0/8 prefixes.
C. ISP A should implement an ingress firewall filter on router R3 to discard traffic originating from the 200.200.10.0/24 prefix.
D. ISP B should implement an ingress firewall filter on the router R5 interface connecting to the attacker that discards packets with a source address not matching the 200.200.10.0/24 prefix.

Answer: BD


Thanks for reading the newest JN0-1330 exam dumps! We recommend you to try the PREMIUM PassLeader JN0-1330 dumps in VCE and PDF here: https://www.passleader.com/jn0-1330.html (70 Q&As Dumps)

Also, you can download that PassLeader JN0-1330 braindumps from Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpS2k2dmcwYk9FYjQ (FREE VERSION!!!)