NEW QUESTION 1
Your network includes SRX Series devices configured with AppSecure.
Which two statements regarding the application identification engine are true? (Choose two.)

• A. Applications are only matched in traffic flows associated with client-to-server sessions.
• B. Applications are matched in traffic flows associated with client-to-server and server-to- client sessions.
• C. If the packets entering the engine match a known application, then processing continues.
• D. If the packets entering the engine match a known application, then processing stops.

Answer: BD

NEW QUESTION 2
Which two statements about the integrated user firewall feature of the Junos OS are true? (Choose two.)

• A. The maximum number of supported active directory servers is ten.
• B. IPv6 addresses are not supported.
• C. The maximum number of supported active directory servers is five.
• D. IPv6 addresses are supported.

Answer: AB

NEW QUESTION 3
Which two parameters are required to match in an IDP rule for the terminal option to take effect? (Choose two.)

• A. attacks custom-attacks
• B. attacks predefined-attacks
• C. application
• D. source-address

Answer: AB

NEW QUESTION 4
What is the required when deploying a log collector in Junos Space?

• A. root user access to the log collector
• B. a shared log file directory on the log collector
• C. the IP address of interface eth1 on the log collector
• D. a distributed deployment of the log collector nodes

Answer: A

NEW QUESTION 5
Which feature of Sky ATP is deployed with Software-Defined Secure Networks?

• A. zero-day threat mitigation
• B. software image snapshot support
• C. device inventory management
• D. service redundancy daemon configuration support

Answer: A

NEW QUESTION 6
Click the Exhibit button.

Referring to the security policy shown in the exhibit, which two actions will happen as the packet is processed? (Choose two.)

• A. It passes unmatched traffic after modifying the DSCP priority.
• B. It marks and passes matched traffic with a high DSCP priority.
• C. It marks and passes matched traffic with a low DSCP priority.
• D. It passes unmatched traffic without modifying DSCP priority.

Answer: BD

NEW QUESTION 7
SRX Series devices with AppSecure support which three custom signatures? (Choose three.)

• A. MAC address-based mapping
• B. latency detection mapping
• C. IP protocol-based mapping
• D. ICMP-based mapping
• E. Layer 7-based signatures

Answer: CDE

NEW QUESTION 8
Click the Exhibit button.

Referring to the exhibit, which statement is true?

• A. E-mails from the user@example.com address are marked with SPAM in the subject line by the spam block list server.
• B. E-mails from the user@example.com address are blocked by the spam list server.
• C. E-mails from the user@example.com address are blocked by the reject blacklist.
• D. E-mails from the user@example.com address are allowed by the allow whitelist.

Answer: D

NEW QUESTION 9
The Software-Defined Secure Networks Policy Enforcer contains which two components? (Choose two.)

• A. SRX Series device
• B. Sky ATP
• C. Policy Controller
• D. Feed Connector

Answer: CD

NEW QUESTION 10
Click the Exhibit button.

Referring to the exhibit, you have expanded the disk storage size in ESXi for your log collector from 500 GB to 600 GB. However, your log collector’s disk size has not changed.
Given the scenario, which two statements are true? (Choose two.)

• A. You must run a script from the console to expand the disk size.
• B. The ESXi storage parameter is not associated with the Elasticsearch disk size parameter.
• C. You must reboot the log collector for storage settings to be updated
• D. You must re-run the log collector setup script to update the storage settings.

Answer: AC

NEW QUESTION 11
Your network includes SRX Series devices at the headquarters location. The SRX Series devices at this location are part of a high availability chassis cluster and are configured for IPS. There has been a node failover.
In this scenario, which statement is true?

• A. Existing sessions continue to be processed by IPS because of table synchronization.
• B. Existing sessions are no longer processed by IPS and become firewall sessions.
• C. Existing session continue to be processed by IPS as long as GRES is configured.
• D. Existing sessions are dropped and must be reestablished so IPS processing can occur.

Answer: A

NEW QUESTION 12
You are configuring transparent mode on an SRX Series device. You must permit IP-based traffic only, and BPDUs must be restarted to the VLANs from which they originate.
Which configuration accomplishes these objectives?

• A. bridge {block-non-ip-all;bpdu-vlan-flooding;}
• B. bridge {block-non-ip-all;bypass-non-ip-unicast;no-packet-flooding;}
• C. bridge {bypass-non-ip-unicast;bpdu-vlan-flooding;}
• D. bridge {block-non-ip-all;bypass-non-ip-unicast;bpdu-vlan-flooding;}

Answer: A

NEW QUESTION 13
You have configured a log collector VM and Security Director. System logging is enabled on a branch SRX Series device, but security logs do not appear in the monitor charts.
How would you solve this problem?

• A. Configure a security policy to forward logs to the collector.
• B. Configure application identification on the SRX Series device.
• C. Configure security logging on the SRX Series device.
• D. Configure J-Flow on the SRX Series device.

Answer: C

NEW QUESTION 14
You are using IDP on your SRX Series device and are asked to ensure that the SRX Series device has the latest IDP database, as well as the latest application signature database.
In this scenario, which statement is true?

• A. The application signature database cannot be updated on a device with the IDP database installed.
• B. You must download each database separately.
• C. The IDP database includes the latest application signature database.
• D. You must download the application signature database before installing the IDP database.

Answer: C

NEW QUESTION 15
What are three types of content that are filtered by the Junos UTM feature set? (Choose three.)

• A. IMAP
• B. HTTP
• C. SIP
• D. SSL
• E. FTP

Answer: ABE

NEW QUESTION 16
Your network includes SRX Series devices at the headquarters location. The SRX Series devices at this location are part of a high available chassis cluster and are configured for IPS. There has been a node failover.
In this scenario, which two statements are true? (Choose two.)

• A. The IP action table is synchronized between the chassis cluster nodes.
• B. Cached SSL session ID information for existing sessions is not synchronized between nodes.
• C. The IP action table is not synchronized between the chassis cluster nodes.
• D. Cached SSL session ID information for existing session is synchronized between nodes.

Answer: CD