NEW QUESTION 1
What are two characteristic of static NAT SRX Series devices? (Choose two.)

• A. Source and destination NAT rules take precedence over static NAT rules.
• B. A reverse mapping rule is automatically created for the source translation.
• C. Static NAT rule take precedence over source and destination NAT rules.
• D. Static rules cannot coexist with destination NAT rules on the same SRX Series device configuration.

Answer: BC

NEW QUESTION 2
Which three actions would be performed on traffic traversing an IPsec VPAN? (Choose three.)

• A. Port forwarding
• B. Authentication
• C. Encryption
• D. Deep inspection
• E. Payload verification

Answer: BCE

NEW QUESTION 3
You are designing a new security policy on an SRX Series device. You must block an application and log all occurrence of the application access attempts.
In this scenario, which two actions must be enabled in the security policy? (Choose two.)

• A. Log the session initiations
• B. Enable a reject action
• C. Log the session closures
• D. Enable a deny action

Answer: AD

NEW QUESTION 4
Your company uses SRX Series devices to secure the edge of the network. You are asked protect the company from ransom ware attacks.
Which solution will satisfy this requirement?

• A. Sky ATP
• B. AppSecure
• C. Unified security policies
• D. screens

Answer: A

NEW QUESTION 5
Which two statements are true about the null zone? (Choose two.)

• A. All interface belong to the bull zone by default.
• B. All traffic to the null zone is dropped.
• C. All traffic to the null zone is allowed
• D. The null zone is a user-defined zone

Answer: AB

NEW QUESTION 6
Which two notifications are available when the antivirus engine detects and infected file? (Choose two.)

• A. e-mail notifications
• B. SNMP notifications
• C. SMS notifications
• D. Protocol-only notification

Answer: AD

NEW QUESTION 7
The Sky ATP premium or basic-Threat Feed license is needed fort which two features? (Choose two.)

• A. Outbound protection
• B. C&C feeds
• C. Executable inspection
• D. Custom feeds

Answer: BD

NEW QUESTION 8
You configure and applied several global policies and some of the policies have overlapping match criteria.

• A. In this scenario, how are these global policies applies?
• B. The first matched policy is the only policy applied.
• C. The most restrictive that matches is applied.
• D. The least restrictive policy that matches is applied.

Answer: A

NEW QUESTION 9
Which statement about IPsec is correct?

• A. IPsec can provide encryption but not data integrity.
• B. IPsec support packet fragmentation by intermediary devices.
• C. IPsec support both tunnel and transport modes.
• D. IPsec must use certificates to provide data encryption

Answer: C

NEW QUESTION 10
Which two feature on the SRX Series device are common across all Junos devices? (Choose two.)

• A. Stateless firewall filters
• B. UTM services
• C. The separation of control and forwarding planes
• D. screens

Answer: AC

NEW QUESTION 11
You want to integrate an SRX Series device with SKY ATP. What is the first action to accomplish task?

• A. Issue the commit script to register the SRX Series device.
• B. Copy the operational script from the Sky ATP Web UI.
• C. Create an account with the Sky ATP Web UI.
• D. Create the SSL VPN tunnel between the SRX Series device and Sky ATP.

Answer: C

NEW QUESTION 12
Which two statements are true about UTM on an SRX340? (Choose two.)

• A. A default UTM policy is created.
• B. No default profile is created.
• C. No default UTM policy is created
• D. A default UTM profile is created

Answer: BC

NEW QUESTION 13
Your company has been assigned one public IP address. You want to enable internet traffic to reach multiple servers in your DMZ that are configured with private address.
In this scenario, which type of NAT would be used to accomplish this tasks?

• A. Static NAT
• B. Destination NAT
• C. Source NAT
• D. NAT without PAT

Answer: B

NEW QUESTION 14
Which UTM feature should you use to protect users from visiting certain blacklisted websites?

• A. Content filtering
• B. Web filtering
• C. Antivirus
• D. antispam

Answer: B

NEW QUESTION 15
Which security feature is applied to traffic on an SRX Series device when the device is running n packet mode?

• A. Sky ATP
• B. ALGs
• C. Firewall filters
• D. Unified policies

Answer: C

NEW QUESTION 16
You have created a zones-based security policy that permits traffic to a specific webserver for the marketing team. Other groups in the company are not permitted to access the webserver. When marketing users attempt to access the server they are unable to do so.
What are two reasons for this access failure? (Choose two.)

• A. You failed to change the source zone to include any source zone.
• B. You failed to position the policy after the policy that denies access to the webserver.
• C. You failed to commit the policy change.
• D. You failed to position the policy before the policy that denies access the webserver

Answer: CD

NEW QUESTION 17
Which two elements are needed on an SRX Series device to set up a remote syslog server? (Choose two.)

• A. Data type
• B. Data throughput
• C. IP address
• D. Data size

Answer: AC

NEW QUESTION 18
Users in your network are downloading files with file extensions that you consider to be unsafe for your network. You must prevent files with specific file extensions from entering your network.
Which UTM feature should be enable on an SRX Series device to accomplish this task?

• A. Content filtering
• B. Web filtering
• C. Antispam
• D. URL filtering

Answer: A

NEW QUESTION 19
Which type of security policy protect restricted services from running on non-standard ports?

• A. Application firewall
• B. IDP
• C. Sky ATP
• D. antivirus

Answer: B

NEW QUESTION 20
Exhibit.

Which two statements are true? (Choose two.)

• A. Logs for this security policy are generated.
• B. Logs for this security policy are not generated.
• C. Traffic static for this security policy are not generated.
• D. Traffic statistics for this security policy are generated.

Answer: AD

NEW QUESTION 21
Which actions would be applied for the pre-ID default policy unified policies?

• A. Redirect the session
• B. Reject the session
• C. Log the session
• D. Silently drop the session

Answer: C

NEW QUESTION 22
......