CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Juniper JN0-635 Dumps Questions Answers

Page: 1 / 3
Total 1 questions
Get JN0-635 Full Access Download JN0-635 PDF

Security Professional (JNCIP-SEC) Questions and Answers

Question 1

Click the Exhibit button.

Which type of NAT is shown in the exhibit?

Options:

A.

NAT46

B.

NAT64

C.

persistent NAT

D.

DS-Lite

Buy Now
Question 2

Click the Exhibit button.

You are asked to look at a configuration that is designed to take all traffic with a specific source IP address and forward the traffic to a traffic analysis server for further evaluation. The configuration is not working as intended.

Referring to the exhibit, which change must be made to correct the configuration?

Options:

A.

Apply the filter as an input filter on interface xe-0/2/1.0

B.

Create a routing instance named default

C.

Apply the filter as an input filter on interface xe-0/0/1.0

D.

Apply the filter as an output filter on interface xe-0/1/0.0

Question 3

Click the Exhibit button.

A user reports trouble when using SSH to a server outside your organization. The traffic traverses an SRX Series device that is performing NAT and applying security policies.

Referring to the exhibit, which configuration will allow you to see the bidirectional flow through the SRX Series device?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 4

Click the Exhibit button.

You are implementing a new branch site and want to ensure Internet traffic is sent directly to your ISP and other traffic is sent to your company headquarters. You have configured filter-based forwarding to accomplish this objective. You verify proper functionality using the outputs shown in the exhibit.

Which two statements are true in this scenario? (Choose two.)

Options:

A.

The session utilizes one routing instance

B.

The ge-0/0/5 and ge-0/0/1 interfaces must reside in a single security zone

C.

The ge-0/0/5 and ge-0/0/1 interfaces can reside in different security zones

D.

The session utilizes two routing instances

Question 5

You issue the command shown in the exhibit.

Which policy will be active for the identified traffic?

Options:

A.

Policy p4

B.

Policy p7

C.

Policy p1

D.

Policy p12

Question 6

You are asked to implement the session cache feature on an SRX5400.

In this scenario, what information does a session cache entry record? (Choose two.)

Options:

A.

The type of processing to do for ingress traffic

B.

The type of processing to do for egress traffic

C.

To which SPU the traffic of the session should be forwarded

D.

To which NPU the traffic of the session should be forwarded

Question 7

Click the Exhibit button.

Referring to the exhibit, which statement is true?

Options:

A.

ARP security is securing data across the control interface

B.

IPsec is securing data across the control interface

C.

SSH is securing data across the control interface

D.

MACsec is securing data across the control interface

Question 8

Your organization has multiple Active Directory domain to control user access. You must ensure that security polices are passing traffic based upon the user’s access rights.

What would you use to assist your SRX series devices to accomplish this task?

Options:

A.

JIMS

B.

Junos Space

C.

JSA

D.

JATP Appliance

Question 9

Click the Exhibit button.

You have two hosts on the same subnet connecting to an SRX340 on interfaces ge-0/0/4 and ge-0/0/5. However, the two hosts cannot communicate with each other.

Referring to the exhibit, what are two actions that would solve this problem? (Choose two.)

Options:

A.

Set the SRX340 to Ethernet switching mode and reboot

B.

Add an IRB interface to the VLAN

C.

Put the ge-0/0/4 and ge-0/0/5 interfaces in different VLANs

D.

Remove the ge-0/0/4 and ge-0/0/5 interfaces from the L2 security zone

Question 10

Which Junos security feature is used for signature-based attack prevention?

Options:

A.

RADIUS

B.

AppQoS

C.

IPS

D.

PIM

Question 11

Your SRX Series device does not see the SYN packet.

What is the default action in this scenario?

Options:

A.

The device will forward the subsequent packets and the session will be established

B.

The device will forward the subsequent packets and the session will not be established

C.

The device will drop the subsequent packets and the session will not be established

D.

The device will drop the subsequent packets and the session will be established

Question 12

Exhibit.

Referring to the exhibit, which two statements are true? (Choose two.)

Options:

A.

The configured solution allows IPv6 to IPv4 translation.

B.

The configured solution allows IPv4 to IPv6 translation.

C.

The IPv6 address is invalid.

D.

External hosts cannot initiate contact.

Question 13

You are asked to configure a new SRX Series CPE device at a remote office. The device must participate in forwarding MPLS and IPsec traffic.

Which two statements are true regarding this implementation? (Choose two.)

Options:

A.

Host inbound traffic must not be processed by the flow module

B.

Host inbound traffic must be processed by the flow module

C.

The SRX Series device can process both MPLS and IPsec with default traffic handling

D.

A firewall filter must be configured to enable packet mode forwarding

Exam Detail
Vendor: Juniper
Certification: Juniper Other Certification
Exam Code: JN0-635
Exam Name: Security Professional (JNCIP-SEC)
Last Update: Dec 22, 2024
JN0-635 Question Answers
Page: 1 / 3
Total 1 questions
Get JN0-635 Full Access Download JN0-635 PDF