JN0-634 Online Practice Questions and Answers

Click the Exhibit button.

You are trying to implement secure wire on your SRX Series device. However, you are receiving the commit error shown in the exhibit.

What must you do to solve the problem?

A. Add the correct logical units to the interfaces in the secure wire.

B. Put the ge-0/0/4 and ge-0/0/5 interfaces in separate secure wires.

C. Change the Ethernet switching mode from access to trunk for the ge-0/0/4 and ge-0/0/5 interfaces.

D. Add the ge-0/0/4 and ge-0/0/5 interfaces to the SV VLAN.

Click the Exhibit button.

Your organization requests that you direct Facebook traffic out a different link to ensure that the bandwidth for critical applications is protected.

Referring to the exhibit, which forwarding instance will be used on your SRX Series device?

A. R3

B. R1

C. R2

D. inet.0

Which IDP rule configuration will send an RST to any new session that meets the action criteria?

A. ip-action block

B. action close-client-and-server

C. ip-action close

D. action drop-connection

After downloading the new IPS attack database, the installation of the new database fails. What caused this condition?

A. The new attack database no longer contained an attack entry that was in use.

B. The new attack database was revoked between the time it was downloaded and installed.

C. The new attack database was too large for the device on which it was being installed.

D. Some of the new attack entries were already in use and had to be deactivated before installation.

Which two statements about the integrated user firewall feature of the Junos OS are true? (Choose two.)

A. The maximum number of supported active directory servers is ten.

B. IPv6 addresses are not supported.

C. The maximum number of supported active directory servers is five.

D. IPv6 addresses are supported.

Click the Exhibit button.

Referring to the exhibit, a user with IP address 10.1.1.85 generates a request that triggers the HTTP:EXT:DOT-LNK IDP signature that is a member of the "HTTP ?All" predefined attack group.

In this scenario, which statement is true?

A. The session will be closed and a reset sent to the client and server.

B. A Differentiated Services code point value of 8 will be applied.

C. No action will be taken and the attack information will be logged.

D. The session will be dropped with no reset sent to the client or server.

You have implemented APBR on your SRX Series device and are verifying that your changes are working properly. You notice that when you start the application for the first time, it does not follow the expected path.

What are two reasons that would cause this behavior? (Choose two.)

A. The application system cache does not have an entry for the first session.

B. The application system cache has been disabled.

C. The application system cache already has an entry for this application.

D. The advanced policy-based routing is applied to the ingress zone and must be moved to the egress zone.

Click the Exhibit button.

Referring to the exhibit, the host has been automatically blocked from communicating on the network because a malicious file was downloaded. You cleaned the infected host and changed the investigation status to Resolved ?Fixed.

What does Sky ATP do if the host then attempts to download a malicious file that would result in a threat score of 10?

A. Sky ATP does not log the connection attempt and an SRX Series device does not allow the host to communicate on the network.

B. Sky ATP logs the connection attempt and an SRX Series device does not allow the host to communicate on the network.

C. Sky ATP logs the connection attempt and an SRX Series device allows the host to communicate on the network.

D. Sky ATP does not log the connection attempt and an SRX Series device allows the host to communicate on the network.

You are using the integrated user firewall feature on an SRX Series device.

Which three parameters are stored in the Active Directory authentication table? (Choose three.)

A. IP address

B. MAC address

C. group mapping

D. username

E. password

Click the Exhibit button.

You have configured integrated user firewall on the SRX Series devices in your network. However, you noticed that no users can access the servers that are behind the SRX Series devices.

Referring to the exhibit, what is the problem?

A. The Kerberos service is not configured correctly on the Active Directory server.

B. There are no authentication entries in the SRX Series device for the users.

C. The security policy on the SRX Series device is configured incorrectly.

D. The SAML service is not configured correctly on the Active Directory server.