Download Security, Specialist (JNCIS-SEC).JN0-336.ExamTopics.2026-01-20.28q.vcex

Vendor: Juniper
Exam Code: JN0-336
Exam Name: Security, Specialist (JNCIS-SEC)
Date: Jan 20, 2026
File Size: 289 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
You are asked to set up SSL proxy in SRX Series devices. An SSL proxy profile is already defined for you.
Which two steps are required to complete the setup? (Choose two.)
  1. Enable host-inbound-traffic HTTPS in the security zone in which SSL proxy is referenced.
  2. Reference the SSL proxy profile in a security zone.
  3. Reference the SSL proxy profile in a security policy.
  4. Enable any Layer 7 services in the security policy in which SSL proxy is referenced.
Correct answer: BC
Question 2
Your manager asks you to update your SRX Series device’s IDP security package. You perform the required steps; however, when you attempt to install the package, you receive an error.
Referring to the exhibit, which two statements are correct about this error? (Choose two.)
  1. IDP stops inspecting traffic.
  2. The IDP license has expired.
  3. IDP continues to inspect traffic only using the installed signatures.
  4. The IDP license is missing (not installed).
Correct answer: CD
Question 3
Which two statements are correct about client-protection Secure Socket Layer (SSL) proxy configurations? (Choose two.)
  1. Server certificate is required.
  2. Root certificate authority (CA) configuration is required.
  3. Root certificate authority (CA) configuration is not required.
  4. Server certificate is not required.
Correct answer: AB
Question 4
You need to secure communications from a mobile command center which uses a 5G mobile ISP behind CGNAT to an SRX Series Firewall at headquarters.
Which two actions should be performed on the SRX Series Firewall in this scenario? (Choose two.)
  1. Configure the IPsec VPN to use NAT-T.
  2. Configure the IPsec VPN to use IKEv1 aggressive mode.
  3. Configure the IPsec VPN to use IKEv2 aggressive mode.
  4. Configure the IPsec VPN to use DPD.
Correct answer: AD
Question 5
What are three policy types available in Junos Space Security Director? (Choose three.)
  1. device
  2. local
  3. group
  4. universal
  5. global
Correct answer: BDE
Question 6
What are two ways to help reduce false positives for an IDP rule? (Choose two.)
  1. Change the rule to a lower severity action.
  2. Remove the attack object from the rule.
  3. Create an exempt rule.
  4. Configure a terminal rule at the end of the rule base.
Correct answer: AC
Question 7
Which two steps are necessary to prepare the Active Directory domain for a JIMS installation? (Choose two.)
  1. Create two limited access user accounts.
  2. Create three limited access user accounts.
  3. Add one full access user account to Active Directory groups.
  4. Add limited access user accounts to Active Directory groups.
Correct answer: AD
Question 8
Which two statements are correct about IDP policy templates? (Choose two.)
  1. They are provided by Juniper Networks.
  2. They are not customizable.
  3. They are available on a “factory-default config.”
  4. They must be installed.
Correct answer: AC
Question 9
You are asked to use Junos Space Security Director to download the latest application signatures in the AppID database.
In this scenario, which two statements are correct? (Choose two.)
  1. The AppID database is stored in Junos Space Security Director.
  2. The AppID database is stored on the managed SRX Series device.
  3. The AppID database is maintained by a third-party host.
  4. The AppID database is stored on a local storage server in the management network.
Correct answer: BC
Question 10
Which statement is correct about Active Directory as an identity source for identity-aware security policies?
  1. It supports a maximum of two domains.
  2. It supports logical systems.
  3. It supports 20 Active Directory servers per domain.
  4. It tracks non-Windows Active Directory users.
Correct answer: C
Question 11
Which two statements are correct about fabric interfaces on an SRX Series Firewall? (Choose two.)
  1. In an active/active configuration, inter-chassis traffic uses the fab link.
  2. In an active/passive configuration, inter-chassis traffic uses the fab link.
  3. The node ID is reflected in the fabric interface name.
  4. The cluster ID is reflected in the fabric interface name.
Correct answer: AB
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!