JN0-634 Exam Dumps - Real Exam Questions

Practice Our JN0-634 Exam Dumps Exam Questions and Pass Your Exam Easily.


JN0-634 Exam Dumps

JN0-634 Exam Dumps

Prepare these JN0-634 dumps and pass your exam. JN0-634 practice exam questions answers are collected from real paper. Keep visiting for JN0-634 study material or JN0-634 dumps


JN0-634 Dumps


Which IDP rule configuration will send an RST to any new session that meets the action criteria?

A. ip-action block
B. action close-client-and-server
C. ip-action close
D. action drop-connection

Answer: C

 

A customer has recently deployed a next-generation firewall, sandboxing software, cloud access security brokers (CASB), and endpoint protection. In this scenario, which tool would provide the customer with additional attack prevention?

A. Junos Space Cross Provisioning Platform
B. Contrail
C. Security Director Policy Enforcer
D. Network Director Inventory Manager

Answer: C


Which statement about transparent mode on an SRX340 is true?

A. You must reboot the device after configuring transparent mode.
B. Security policies applied to transparent mode zones require Layer 2 address matching.
C. Screens are not supported in transparent mode security zones.
D. All interfaces on the device must be configured with the ethernet-switching protocol family.

Answer: A

 

While reviewing the Log and Reporting portion of Security Director, you find that multiple objects reference the same address. You want to use a standardized name for all of the objects. In this scenario, how would you create a standardized object name without searching the entire policy?

A. Remove the duplicate objects.
B. Merge the duplicate objects.
C. Rename the duplicate objects.
D. Replace the duplicate objects.

Answer: B

 

Your network includes SRX Series devices at the headquarters location. The SRX Series devices at this location are part of a high available chassis cluster and are configured for IPS. There has been a node failover. In this scenario, which two statements are true? (Choose two.)

A. The IP action table is synchronized between the chassis cluster nodes.
B. Cached SSL session ID information for existing sessions is not synchronized between nodes.
C. The IP action table is not synchronized between the chassis cluster nodes.
D. Cached SSL session ID information for existing session is synchronized between nodes.

Answer: C, D

 

You are scanning files that are being transferred from the Internet to hosts on your internal network with Sky ATP. However, you notice that files that are 1 GB in size are not being scanned by Sky ATP. In this scenario, which two statements are true? (Choose two.)

A. The Sky ATP failback option is set to permit.
B. The Sky ATP engine or the SRX Series device is too busy.
C. The 1 GB file size is larger than the scan size limit for Sky ATP.
D. The Sky ATP policy on the SRX Series device is misconfigured.

Answer: C, D


Your network includes SRX Series devices at the headquarters location. The SRX Series devices at this location are part of a high availability chassis cluster and are configured for IPS. There has been a node failover. In this scenario, which statement is true?

A. Existing sessions continue to be processed by IPS because of table synchronization.
B. Existing sessions are no longer processed by IPS and become firewall sessions.
C. Existing session continue to be processed by IPS as long as GRES is configured.
D. Existing sessions are dropped and must be reestablished so IPS processing can occur.

Answer: A


After using Security Director to add a new firewall policy rule on an SRX Series device, you notice that the hit count on the policy is not increasing. Upon further investigation, you find that the devices listed in the new rule are able to communicate as expected. Your firewall policy consists of hundreds of rules. Using only Security Director, how do you find the rule that is allowing the communication to occur in this scenario?

A. Generate a Top Firewall Rules report.
B. Generate a Policy Analysis report.
C. Generate a Top Source IPs report.
D. Generate a Top Firewall Events report.

Answer: D


Using content filtering on an SRX Series device, which three types of HTTP content are able to be blocked? (Choose three.)

A. PDF files
B. ZIP files
C. Java applets
D. Active X
E. Flash

Answer: B, C, D


Which Junos security feature is used for signature-based attack prevention?

A. RADIUS
B. AppQoS
C. IPS
D. PIM

Answer: C


« prev page page 2 from 2

Recent Post