A client wants to deploy a vSRX chassis cluster across two existing ESXi hosts without changing the external switch configuration. Which two actions must you perform to meet this requirement? (Choose two.)
A. Use a distributed virtual switch.
B. Use an overlay network to transport cluster heartbeats over Layer 3.
C. Configure private VLANs on the virtual switch for the control and fabric links.
D. Use a standard virtual switch.
Your company is establishing a BYOD policy and you are asked to create the appropriate security infrastructure. In the policy, Internet access should only be provided to the BYOD wired and wireless devices. Which two security features meet these requirements? (Choose two.)
C. guest VLAN
Spotlight Secure provides which benefit?
A. log management
B. botnet protection
C. centralized management of security devices
D. IPsec encryption
What is one way to increase the security of a site-to-site IPsec VPN tunnel?
A. Implement a stronger Diffie-Hellman group.
B. Change IKE Phase 1 from main mode to aggressive mode.
C. Implement traffic selectors.
D. Implement a policy-based VPN.
Which statements about IPsec tunnels is true?
A. They are used to provide in-depth packet inspection for traffic leaving your network.
B. They are used to prevent routing loops in a Layer 2 environment.
C. They are used to secure and encrypt traffic between tunnel endpoints.
D. They are used to combine multiple interfaces into a single bundle.
Which three actions are part of an in-depth network defense strategy? (Choose three.)
A. providing data modeling
B. auditing for suspicious events
C. providing security awareness training
D. providing least privileged network access
E. installing multiple antivirus solutions on desktop computers
You are asked to design a Virtual Chassis Fabric architecture.
Which three combinations are valid? (Choose three.)
A. two spine nodes and sixteen leaf nodes
B. five spine nodes and twenty leaf nodes
C. four spine nodes with sixteen leaf nodes
D. four spine nodes and twenty-eight leaf nodes
E. five spine nodes and twenty-eight leaf nodes
You are asked to provide a design proposal for a campus network. As part of the design, the customer requires that all end user devices must be authenticated before being granted access to their Layer 2 network. Which feature meets this requirement?
Question : 12
In the data center, what are two characteristics of access tier VLAN termination at the firewall? (Choose two)
A. Inter-VLAN traffic can bypass firewall services.
B. Intra-VLAN traffic is secured through firewall services.
C. Inter-VLAN traffic is secured through firewall services.
D. Intra-VLAN traffic can bypass firewall services.
You are asked to provide user-based network access through an SRX Series device. The implementation must use Active Directory credentials for user account validation. Which two solutions satisfy these requirements? (Choose two.)
A. TACACS+ authentication
B. Unified Access Control
C. firewall authentication
D. integrated user firewall