Documente Academic
Documente Profesional
Documente Cultură
DOCSIS
8-Port Gigabit Ethernet SFP XPIM
1-Port Gigabit Ethernet PoE
Serial
1-Port Gigabit Ethernet Small Form-Factor Pluggable (SFP)
SRX320
SRX300
SRX650
SRX5600
Which two of the following does a default configuration on an SRX300 include? (Choose two.)
a default gateway
an untrust security zone
a DHCP client on ge-0/0/0
a DHCP client on ge-0/0/1
What match criteria does an SRX Series device’s network processing unit (NPU) use to
determine if a flow already exists for a packet? (Choose three.)
MAC address
inbound interface
source port
unique session token number for a given zone and virtual router
protocol
The vSRX is available for which two of the following hypervisors? (Choose two.)
Hyper-V
Xen
OpenVZ
KVM
When traffic has met match criteria, what options are available to be performed on the traffic?
(Choose three.)
permit
reject
deny
discard
redirect
After a packet is not able to be matched to an existing session, what is the next service to inspect
the packet?
screens
zones
policy
static NAT
In the context of SRX Series devices, what services does fast-path processing skip? (Choose
two.)
zones
screens
services ALG
policy
Which is the correct syntax representation of a wildcard address for an address book entry?
192.168.*.7/23
192.168.0.7/0.0.255.0
192.168.0.7/255.255.0.255
192.168.0.7/ 00000000.00000000.00000001.11111111
What security component is a collection of one of more network segments sharing identical
security requirements?
screen
zone
policy
filter
What are two security policy components? (Choose two.)
Which two statements are true regarding unified security policies? (Choose two.)
What is a set of rules that tells a Junos security device how to treat transit traffic?
zone
screen
policy
filter
Which order do Junos security devices examine policies for transit traffic?
Which two criteria are correct when considering security policy rule ordering? (Choose two.)
Which two statements describe the C&C threat prevention feature of Sky ATP? (Choose two.)
C&C threat prevention stops compromised hosts in your network from communicating
with known C&C servers.
C&C threat prevention stops the users in your network from downloading malicious software
from webservers.
C&C threat prevention can stop hosts in your network from unwillingly participating in a
DDoS attack.
C&C threat prevention stops users in your network from downloading malicious software from
an e-mail server.
Which two statements are true about Sky ATP e-mail protection? (Choose two.)
If you need to protect against malicious files that might be download through Web-based e-mail,
which Sky ATP protection mechanism should you use?
source
destination
dynamic
static
interface-based
pool-based
zone-based
policy-based
In the J-Web user interface, which feature is used to facilitate building IPsec VPN tunnels?
When considering secure VPNs, what are three major security concerns? (Choose three.)
integrity
reliability
source authentication
confidentiality
high availability
What is the correct order for processing UTM traffic within the Junos flow module services?
Deploy a vSRX with the UTM suite in AWS and configure Web filtering.
Deploy a vSRX with the AppSecure suite in AWS and configure the AppFW.
Deploy a vSRX with IPS in the AWS deployment.
Deploy a vSRX in AWS and configure a new security policy with the respective IP address and
port numbers.
Which statement is correct about the antivirus feature on SRX Series devices?
The Sophos antivirus feature is less CPU intensive than the full file-based antivirus feature.
The full file-based antivirus feature is less CPU intensive than the Sophos antivirus feature.
The full file-based antivirus feature allows you to create local whitelists and blacklists.
The Sophos antivirus feature supports a different set of protocols than the full file-based antivirus
feature.
Which three features are does Unified Threat Management (UTM) include? (Choose three.)
IDP/IPS
antispam
antivirus
content filtering
screen filtration
You are installing a Junos Space Log Collector VM for a large-scale deployment. What are two
valid node types for this deployment? (Choose two.)
All-in-One node
Log Receiver node
Log Storage node
Chassis Cluster node
You have downloaded the package “junos-srxme-19.1R1.6-domestic.tgz”. Based on the naming
convention, which two things are true about this release? (Choose two.)
It is a service release.
It is FIPS compliant.
It supports strong encryption.
It is a standard release.
Prior to creating reports by the routing engines, what must be enabled on an SRX Series device?
SNMP
security logging
root user access
packet capture
On an SRX Series device, which two troubleshooting utilities are available within the J-Web
interface? (Choose two.)
Ping Host
Traceroute
Netstat
Finger