Security, Professional (JNCIP-SEC) Exam JN0-635 Updated Dumps

1. Which two VPN features are supported with CoS-based IPsec VPNs? (Choose two.)

2. According to the log shown in the exhibit, you notice the IPsec session is not establishing.

What is the reason for this behavior?

3. Exhibit.

Referring to the exhibit, a spoke member of an ADVPN is not functioning correctly.

Which two commands will solve this problem? (Choose two.)

4. In which two ways are tenant systems different from logical systems? (Choose two.)

5. You must troubleshoot ongoing problems with IPsec tunnels and security policy processing. Your network consists of SRX340s and SRX5600s.

In this scenario, which two statements are true? (Choose two.)

6. Exhibit.

Referring to the exhibit, which two statements are true? (Choose two.)

7. Click the Exhibit button.

A user is trying to reach a company’s website, but the connection errors out. The security policies are configured correctly.

Referring to the exhibit, what is the problem?

8. You are asked to configure an IPsec VPN between two SRX Series devices that allows for processing of CoS on the intermediate routers.

What will satisfy this requirement?

9. You have designed the firewall filter shown in the exhibit to limit SSH control traffic to yours SRX Series device without affecting other traffic.

Which two statement are true in this scenario? (Choose two.)

10. You are asked to configure a new SRX Series CPE device at a remote office. The device must participate in forwarding MPLS and IPsec traffic.

Which two statements are true regarding this implementation? (Choose two.)

11. You have noticed a high number of TCP-based attacks directed toward your primary edge device. You are asked to configure the IDP feature on your SRX Series device to block this attack.

Which two IDP attack objects would you configure to solve this problem? (Choose two.)

12. Click the Exhibit button.

You have configured tenant systems on your SRX Series device.

Referring to the exhibit, which two actions should you take to facilitate inter-TSYS communication? (Choose two.)

13. Click the Exhibit button.

Referring to the exhibit, which three types of traffic would be examined by the IPS policy between Switch-1 and Switch-2? (Choose three.)

14. Click the Exhibit button.

Referring to the exhibit, which two statements are true? (Choose two.)

15. You have configured three logical tunnel interfaces in a tenant system on an SRX1500 device. When committing the configuration, the commit fails.

In this scenario, what would cause this problem?

16. Click the Exhibit button.

Referring to the exhibit, which two statements are true? (Choose two.)

17. You are asked to configure an SRX Series device to bypass all security features for IP traffic from the engineering department.

Which firewall filter will accomplish this task?

A)

B)

C)

D)

18. Click the Exhibit button.

Given the command output shown in the exhibit, which two statements are true? (Choose two.)

19. A user is unable to reach a necessary resource. You discover the path through the SRX Series device includes several security features. The traffic is not being evaluated by any security policies.

In this scenario, which two components within the flow module would affect the traffic? (Choose two.)

20. Click the Exhibit button.

Referring to the exhibit, which two statements are true? (Choose two.)

21. Click the Exhibit button.

When attempting to enroll an SRX Series device to JATP, you receive the error shown in the exhibit .

What is the cause of the error?

22. Click the Exhibit button.

Branch 1 and Branch 2 have an active VPN tunnel configured, but internal hosts cannot communicate with each other.

Referring to the exhibit, which type of configuration should be applied to solve the problem?

23. Your SRX Series device does not see the SYN packet.

What is the default action in this scenario?

24. Click the Exhibit button.

Referring to the exhibit, which two statements are true? (Choose two.)

25. Click the Exhibit button.

You are implementing a new branch site and want to ensure Internet traffic is sent directly to your ISP and other traffic is sent to your company headquarters. You have configured filter-based forwarding to accomplish this objective. You verify proper functionality using the outputs shown in the exhibit.

Which two statements are true in this scenario? (Choose two.)

26. You configured a security policy permitting traffic from the trust zone to the DMZ zone, inserted the new policy at the top of the list, and successfully committed it to the SRX Series device. Upon monitoring, you notice that the hit count does not increase on the newly configured policy.

In this scenario, which two commands would help you to identify the problem? (Choose two.)

27. Which feature of Sky ATP is deployed with Policy Enforcer?

28. You are asked to implement the session cache feature on an SRX5400.

In this scenario, what information does a session cache entry record? (Choose two.)

29. What are two important function of the Juniper Networks ATP appliance solution? (Choose two.).

30. Click the Exhibit button.

The exhibit shows a snippet of a security flow trace. A user cannot open an SSH session to a server .

Which action will solve the problem?