JN0-335 Exam Dumps : Security, Specialist (JNCIS-SEC)

An Application Layer Gateway (ALG) is a software component that is designed to manage specific protocols such as Session Initiation Protocol (SIP) or FTP on Juniper Networks devices running Junos OS. The ALG module is responsible for Application-Layer aware packet processing on switches1. The ALG can perform various functions such as modifying the payload and header of packets, opening secondary connections, translating addresses and ports, and applying security policies1. The ALG does not use software processes for permitting or disallowing specific IP address ranges, as this is the function of firewall filters or security zones2. The ALG does not use software that is used by a single TCP session using the same port numbers as the application, as this is the definition of a stateful firewall3. The ALG does not contain protocols that use one application session for each TCP session, as this is the characteristic of some application protocols such as HTTP or SMTP4. References:

• 1: ALG Overview | Junos OS | Juniper Networks
• 2: Firewall Filters Overview | Junos OS | Juniper Networks
• 3: Stateful Firewall Overview | Junos OS | Juniper Networks
• 4: Application Layer Protocols | Junos OS | Juniper Networks

 SSL proxy is a transparent proxy that performs SSL encryption and decryption between the client and the server. It allows inspection of encrypted traffic by terminating the SSL connection from either end and applying security policies to the clear text. SSL proxy can leverage pre-match or post-match results to determine whether to apply SSL proxy to a session. Pre-match results are based on the initial packet of the session, while post-match results are based on the application identification after the session is established. In the exhibit, the session shows that the application services identification is “ssl-proxy”, which means that SSL proxy is applied based on the pre-match results. The cache lookup status for application services is “on”, which means that the SRX Series device uses the application system cache to store the pre-match results for faster processing. Therefore, the correct answer is D. SSL proxy leverages pre-match result. References: = SSL Proxy, Configuring SSL Proxy, and Application System Cache

= The vSRX is a virtual firewall that offers the same features as the physical SRX Series firewalls, but in a virtualized form factor for delivering security services that scale to match network demand. The vSRX supports Juniper Contrail Networking and third-party software-defined networking (SDN) solutions, which enable dynamic and automated network provisioning and management. The vSRX also integrates with cloud orchestration tools such as OpenStack, which allow for flexible deployment and configuration of virtual machines and networks. The vSRX provides granular security for the workloads that run within the virtual network on the public or private cloud. It supports next-generation firewall capabilities, such as application security, intrusion prevention, user identity, and role-based access control. It also supports advanced threat prevention features, such as malware sandboxing, threat intelligence feeds, and encrypted traffic inspection. The vSRX can protect the network from both internal and external threats, and enforce consistent security policies across the entire network. References:

• vSRX Virtual Firewall | Juniper Networks US
• vSRX Documentation | Juniper Networks
• Understand vSRX Virtual Firewall with Microsoft Azure Cloud