JNCDS-SEC Exam Objectives (Exam: JN0-1330)
Fundamental Security Concepts
Describe the various tenets of common security features
Access control lists
Stateful security policies
Advanced Security Concepts
Describe advanced security features
Securing the Campus and Branch
Describe the security design considerations within a campus or branch network
Remote access VPN’s
Securing the Enterprise WAN
Describe the security design considerations for an enterprise WAN
Internet edge security design principles
Securing the Service Provider WAN
Describe the security design considerations for a service provider WAN
Securing the control plane
Securing the Data Center
Describe the security design considerations in a data center
Securing data center interconnects
Securing North-South flows
Securing East-West flows
Security Automation and Management
Describe the design considerations for security management
Securing the individual devices
Junos Space management platform
Junos Space Security Director and Log Director
Juniper Secure Analytics
Describe the security design considerations for a virtualized environment
Describe the design considerations of high availability in a secure networks
Physical high availability
Virtual high availability
Asymmetrical traffic handling
QUESTION: No: 1
You are asked to implement port-based authentication on your access switches. Security and ease of
access are the two primary requirements. Which authentication solution satisfies these requirements?
A. MAC RADIUS
B. network access control
C. firewall authentication
D. IPsec tunnel
QUESTION: No: 2
What is one way to increase the security ofa site-to-site IPsec VPN tunnel?
A. Implement a stronger Diffie-Hellman group.
B. Change IKE Phase 1 from main mode to aggressive mode.
C. Implement traffic selectors.
D. Implement a policy-based VPN.
QUESTION: No: 3
Your customer is planning the deployment of a new hub-and-spoke WAN architecture that must support
dual stack They have decided against using a dynamic routing protocol. They are concerned about the
difficulty of managing configurations and operations at the hub location as they deploy branch routers
In this scenario, what ate three reasons for selecting route-based VPNs with traffic selectors’? (Choose
A. Traffic selectors support IPv4 and IPv6.
B. Traffic selectors reduce the number of Phase 2 IPsec security associations.
C. Traffic selectors reduce latency because they bypass UTIVI.
D. Traffic selectors support auto route insertion
E. You can define mutliple traffic selectors within a single route-based VPN