Juniper JN0-634 Security, Professional (JNCIP-SEC) Online Training
Juniper JN0-634 Online Training
The questions for JN0-634 were last updated at Dec 24,2024.
- Exam Code: JN0-634
- Exam Name: Security, Professional (JNCIP-SEC)
- Certification Provider: Juniper
- Latest update: Dec 24,2024
You have been notified by your colocation provider that your infrastructure racks will no longer be adjacent to each other.
In this scenario, which technology would you use to secure all Layer 2 and Layer 3 traffic between racks?
- A . IPsec
- B . GRE
- C . 802.1BR
- D . MACsec
You need to add all of the sites in the domain example.com to urllist2. You decide to use wildcards to account for any changes made to the domain in the future.
In this scenario, which two commands would you use to meet this requirement? (Choose two.)
- A . set custom-objects url-pattern urllist2 value http://*.example.com
- B . set custom-objects url-pattern urllist2 value http://*example.com
- C . set custom-objects url-pattern urllist2 value http://*.example.???
- D . set custom-objects url-pattern urllist2 value http://*.example.*
What is a function of UTM?
- A . AppFW
- B . IPsec
- C . content filtering
- D . bridge mode
You are configuring transparent mode on an SRX Series device. You must permit IP-based traffic only, and BPDUs must be restarted to the VLANs from which they originate.
Which configuration accomplishes these objectives?
- A . bridge {block-non-ip-all;bpdu-vlan-flooding;}
- B . bridge {block-non-ip-all;bypass-non-ip-unicast;no-packet-flooding;}
- C . bridge {bypass-non-ip-unicast;bpdu-vlan-flooding;}
- D . bridge {block-non-ip-all;bypass-non-ip-unicast;bpdu-vlan-flooding;}
You have configured a log collector VM and Security Director. System logging is enabled on a branch SRX Series device, but security logs do not appear in the monitor charts.
How would you solve this problem?
- A . Configure a security policy to forward logs to the collector.
- B . Configure application identification on the SRX Series device.
- C . Configure security logging on the SRX Series device.
- D . Configure J-Flow on the SRX Series device.
Click the Exhibit button.
Referring to the configuration shown in the exhibit, which statement explains why traffic matching the IDP signature DNS:OVERFLOW:TOO-LONG-TCP-MSG is not being stopped by the SRX Series device?
- A . The security policy dmz-pol1 has an action of permit.
- B . The IDP policy idp-pol1 is not configured as active.
- C . The IDP rule r2 has an ip-action value of notify.
- D . The IDP rule r1 has an action of ignore-connection.
Click the Exhibit button.
Which statement explains the current state value of the command output shown in the exhibit?
- A . A valid response was received from a domain PC probe, and the user is a valid domain user programmed in the PFE.
- B . An invalid response was received from a domain PC probe, and the user is an invalid domain user.
- C . A probe event generated an entry in the authentication table, but no probe response has been received from the domain PC.
- D . The user-to-address mapping was successfully read from the domain controller event logs, and an entry was added to the authentication table witch currently resides on the Routing Engine.
What are three types of content that are filtered by the Junos UTM feature set? (Choose three.)
- A . IMAP
- B . HTTP
- C . SIP
- D . SSL
- E . FTP
You are using IDP on your SRX Series device and are asked to ensure that the SRX Series device has the latest IDP database, as well as the latest application signature database.
In this scenario, which statement is true?
- A . The application signature database cannot be updated on a device with the IDP database installed.
- B . You must download each database separately.
- C . The IDP database includes the latest application signature database.
- D . You must download the application signature database before installing the IDP database.
Using the Policy Controller API, which configuration would post Sky ATP with PE mode to the Policy Enforcer controller configuration?
- A . “configs”: {“sdsn”: false“cloudonly”: true}
- B . “configs”: {“sdsn”: false“cloud”: false}
- C . “configs”: {“sdsn”: true“cloudonly”: false}
- D . “configs”: {“sdsn”: false“cloud”: true}
