Juniper JN0-636 JNCIP-SEC Exam Practice Test Instant Access

Question 1

You are configuring transparent mode on an SRX Series device. You must permit IP-based traffic only, and BPDUs must be restricted to the VLANs from which they originate.

Which configuration accomplishes these objectives?

AOption A

BOption B

COption C

DOption D

Answer : D

Question 2

Click the Exhibit button.

When attempting to enroll an SRX Series device to JATP, you receive the error shown in the exhibit. What is the cause of the error?

AThe fxp0 IP address is not routable

BThe SRX Series device certificate does not match the JATP certificate

CThe SRX Series device does not have an IP address assigned to the interface that accesses JATP

DA firewall is blocking HTTPS on fxp0

Answer : C

Question 3

You are asked to download and install the IPS signature database to a device operating in chassis cluster mode. Which statement is correct in this scenario?

AYou must download and install the IPS signature package on the primary node.

BThe first synchronization of the backup node and the primary node must be performed manually.

CThe first time you synchronize the IPS signature package from the primary node to the backup node, the primary node must be rebooted.

DThe IPS signature package must be downloaded and installed on the primary and backup nodes.

Answer : D

Question 4

You want to configure a threat prevention policy.

Which three profiles are configurable in this scenario? (Choose three.)

Adevice profile

BSSL proxy profile

Cinfected host profile

DC&C profile

Emalware profile

Answer : A, B, C

Question 5

Exhibit

Referring to the exhibit, which two statements are true? (Choose two.)

AThe 3uspicious_Endpoint3 feed is only usable by the SRX-1 device.

BYou must manually create the suspicious_Endpoint3 feed in the Juniper ATP Cloud interface.

CThe 3uspiciou3_Endpoint3 feed is usable by any SRX Series device that is a part of the same realm as SRX-1

DJuniper ATP Cloud automatically creates the 3uopi'cioua_Endpoints feed after you commit the security policy.

Answer : A, C

Question 6

While troubleshooting security policies, you added the count action. Where do you see the result of this action?

AIn the show security policies hit-count command output.

BIn the show security flow statistics command output.

CIn the show security policies detail command output.

DIn the show firewall log command output.

Answer : D

Question 7

Exhibit

You configure Source NAT using a pool of addresses that are in the same subnet range as the external ge-0/0/0 interface on your vSRX device. Traffic that is exiting the internal network can reach external destinations, but the return traffic is being dropped by the service provider router.

Referring to the exhibit, what must be enabled on the vSRX device to solve this problem?

ASTUN

BProxy ARP

CPersistent NAT

DDNS Doctoring

Answer : D

Juniper JN0-636 Security, Professional JNCIP-SEC Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7