You are asked to look at a configuration that is designed to take all traffic with a specific source ip
address and forward the
traffic to a traffic analysis server for further evaluation. The configuration is no longer working as
intended.
Referring to the exhibit which change must be made to correct the configuration?
B
Exhibit.
Referring to the exhibit, which two statements are true? (Choose two.)
C, D
Explanation:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-profile-logical-system.html
What are two important function of the Juniper Networks ATP appliance solution? (Choose two.).
B, C
Explanation:
https://www.juniper.net/us/en/products-services/security/advanced-threat-prevention/
Which three type of peer devices are supported for Cos-Based IPsec VPN?
A, C, D
You have the NAT rule, shown in the exhibit, applied to allow communication across an IPsec tunnel
between your two sites with identical networks. Which statement is correct in this scenario?
A
You are connecting two remote sites to your corporate headquarters site; you must ensure that all
traffic is secured and
only uses a single Phase 2 SA for both sites.
In this scenario, which VPN should be used?
A
Explanation:
https://www.juniper.net/us/en/local/pdf/app-notes/3500202-en.pdf
Exhibit.
Referring to the exhibit, a spoke member of an ADVPN is not functioning correctly.
Which two commands will solve this problem? (Choose two.)
B, D
Explanation:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-auto-discovery-vpns.html
You are asked to configure a security policy on the SRX Series device. After committing the policy, you
receive the Policy is out of sync between RE and PFE <SPU-name(s)>. error.
Which command would be used to solve the problem?
A
Explanation:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB30443&cat=SRX_SERIES&actp=LIST
Exhibit.
Referring to the exhibit, which two statements are true? (Choose two.)
A, C
Explanation:
https://www.juniper.net/documentation/en_US/junos-space18.1/policy-enforcer/topics/task/configuration/junos-space-policyenforcer-custom-feeds-infected-host-configure.html
You must implement an IPsec VPN on an SRX Series device using PKI certificates for authentication.
As part of the implementation, you are required to ensure that the certificate submission, renewal,
and retrieval processes are handled
automatically from the certificate authority.
In this scenario, which statement is correct.
B
Explanation:
Explanation:
Certificate
Renewal
The renewal of certificates is much the same as initial certificate enrollment except you are just
replacing
an
old
certificate
(about to expire) on the VPN device with a new certificate. As with the initial certificate request, only
manual
renewal
is
supported. SCEP can be used to re-enroll local certificates automatically before they expire. Refer to
Appendix
D
for
more
details.