SSL proxy is a transparent proxy that performs SSL encryption and decryption between the client and the server. It allows inspection of encrypted traffic by terminating the SSL connection from either end and applying security policies to the clear text. SSL proxy can leverage pre-match or post-match results to determine whether to apply SSL proxy to a session. Pre-match results are based on the initial packet of the session, while post-match results are based on the application identification after the session is established. In the exhibit, the session shows that the application services identification is “ssl-proxy”, which means that SSL proxy is applied based on the pre-match results. The cache lookup status for application services is “on”, which means that the SRX Series device uses the application system cache to store the pre-match results for faster processing. Therefore, the correct answer is D. SSL proxy leverages pre-match result. References: = SSL Proxy, Configuring SSL Proxy, and Application System Cache
Question 2
Which two functions does Juniper ATP Cloud perform to reduce delays in the inspection of files? (Choose two.)
Options:
A.
Juniper ATP Cloud allows the creation of allowlists.
B.
Juniper ATP Cloud uses a single antivirus software package to analyze files.
C.
Juniper ATP Cloud allows end users to bypass the inspection of files.
D.
Juniper ATP Cloud performs a cache lookup on files.
Answer:
A, D
Explanation:
Explanation:
Juniper ATP Cloud is a cloud-based service that provides advanced threat prevention for SRX Series devices. Juniper ATP Cloud can inspect files for malware by sending them to the cloud or performing a hash lookup. To reduce delays in the inspection of files, Juniper ATP Cloud performs the following two functions12:
Juniper ATP Cloud allows the creation of allowlists. Allowlists are lists of trusted files or domains that are not sent to the cloud for inspection. This reduces the network traffic and the processing time for the files that are known to be safe. You can create allowlists from the Juniper ATP Cloud Web UI or the SRX Series device CLI.
Juniper ATP Cloud performs a cache lookup on files. Cache lookup is a feature that checks if a file has been previously scanned by Juniper ATP Cloud and returns the cached verdict. This avoids sending the same file to the cloud again and saves bandwidth and time. Cache lookup is enabled by default and can be configured from the SRX Series device CLI. References:
Juniper ATP Cloud User Guide
Juniper ATP Cloud Deployment Guide for SRX Series Devices
Question 3
Which statement about security policy schedulers is correct?
Options:
A.
Multiple policies can use the same scheduler.
B.
A policy can have multiple schedulers.
C.
When the scheduler is disabled, the policy will still be available.
D.
A policy without a defined scheduler will not become active
Answer:
A
Explanation:
Explanation:
Security policy schedulers are a feature that allows you to activate or deactivate a policy for a specified time period. You can create schedulers for a single or recurrent time slot, and apply them to one or more policies. A policy can only have one scheduler associated with it, but a scheduler can have multiple policies associated with it. When a scheduler is active, the policy is available for policy lookup. When a scheduler is inactive, the policy is unavailable for policy lookup. A policy without a defined scheduler will always be active, unless it is explicitly disabled. References: