Question 21

The firewall throughput for vSRX using two vCPUs is currently 17 Gbps.

True

False
Exam Questions : Question 1 of 45
0% % Complete

Question 1
True or false: The commit and-quit command allows you to commit the configuration and exit configuration mode.
True
False

Question 2
What web filtering solution intercepts HTTP requests and sends them to an external URL filtering server?
Local
Redirect
Integrated
Internal
Question 3
True or false: Multiple Junos Space appliances can be clustered together to form a single management fabric.
True
False

Question 4
True or false: Routing, NAT support, and VPN support are all available on the cSRX.
True
False

Question 5
If a user trys to move their quarantined device to another part of the network, Policy Enforcer tracks the blocked device
through the device's _____.
User login
Host name
MAC address
IP address

Question 6
True or false: The boot-up time for cSRX is less than 1 second.
True
False

Question 7
True or false: NGFW services are available across the full line of SRX Series Services Gateways.
True
False

Question 8
What type of web filtering performed on the SRX Series branch device makes decisions based on a whitelist or
blacklist?
Redirect
Internal
Integrated
Local

Question 9
What is the name of Juniper’s network management platform?
Junos SDK
Junosphere
Junos Pulse
Junos Space

Question 10
What are three ways to connect to and configure a branch SRX Series device? (Choose three.)
Mini-USB console port
J-Web user interface
RJ-45 console port
Dedicated DB28 port

Question 11
True or false: Juniper recommends the use of route-based VPN when configuring a VPN between multiple remote sites.
True
False

Question 12
Which two statements are true of a default security policy on a branch SRX Series device? (Choose two.)
It permits all traffic from the trust zone to the untrust zone.
It denies all traffic from the trust zone to the untrust zone.
It denies all traffic from the untrust zone to the trust zone.
It permits all traffic from the untrust zone to the trust zone.

Question 13
True or false: The loopback interface (lo0) is a virtual interface and is not associated with any hardware or network.
True
False

Question 14
Which SRX Series device provides a maximum of 2 Tbps firewall throughput?
SRX4100
SRX5600
SRX4200
SRX5800

Question 15
Under which hierarchy level does a security policy get created in the Junos OS?
[edit security zones]
[edit security services]
[edit security interfaces]
[edit security policies]

Question 16
Which Junos OS security feature secures a zone by inspecting, then allowing or denying, all connection attempts that
require crossing an interface bound to that zone?
IPsec VPN
Static NAT
Screen options
Port address translation

Question 17
The SRX1500 is typically used for deployments with up to how many users?
200
1500
2000
100

Question 18
Which three statements are true regarding static NAT? (Choose three.)
Static NAT defines a one-to-one mapping from one IP subnet to another IP subnet.
Address pools must be used when using static NAT.
For each private address, a public address must be allocated.
Static NAT allows connections to be originated from either side of the network.

Question 19
Which three of the following are true regarding cSRX? (Choose three.)
Provides advanced Layer 4 to Layer 7 services
Supports Contrail and OpenContrail
Uses Docker as a container management system
Takes several minutes to boot up

Question 20
SRX Series cluster nodes are connected together using which two types of links? (Choose two.)
Fabric link
Node link
Control link
Multi link

Question 21
The firewall throughput for vSRX using two vCPUs is currently 17 Gbps.
True
False

Question 22
By default, the Junos OS places all interfaces in which zone?
Security
Null
Management
Policy

Question 23
An example of configurable elements under an address family in a Layer 3 configuration includes which three of the
following? (Choose three.)
Interface policers
Encapsulation types
Stateless packet filters
Addresses
Question 24
SRX Series chassis cluster node IDs can only use which values?
1 or 2
0 or 1
1 to 255
1 to 15

Question 25
Which three hypervisors are supported for the Junos Space virtual appliance? (Choose three.)
VMware ESXi
KVM
Hyper-V
VMware ESX

Question 26
True or false: NAT can include the translation of port numbers as well as IP addresses.
True
False

Question 27
True or false: The SRX550 can support up to 52 Ethernet ports (including SFP ports).
True
False

Question 28
True or false: In a NAT rule, if traffic matches two rules within the same rule set, the first rule listed in the configuration is
the only rule applied.
True
False

Which three products does AppSecure work with? (Choose three.)

SRX Series Services Gateways
vSRX
cSRX
EX Series Ethernet Switches

Question 30
What is a logical interface called in the Junos OS?
A policy
A sub-interface
A zone
A unit

Question 31
What is the maximum firewall throughput when using 17 vCPUs with vSRX?
17 Gbps
100 Gbps
5 Gbps
64 Gbps

How is port scalability provided on the SRX1500?

One MPIM slot
One SPC slot
Two PIM slots
Two MIC slots

Question 33
In what order is each NAT rule within a rule set evaluated?
Top to bottom
Left to right
Least significant to most significant
High priority to low priority

Question 34
What is the name of the virtual version of Juniper’s SRX Series Services Gateways?
NGFW
Security Director
Spotlight Secure
vSRX

Question 35
Which three statements are true of the antispam feature on a branch SRX Series device? (Choose three.)
It uses a spam block list that is updated and maintained by Sophos.
It is a viable replacement for an antispam server.
It examines e-mail messages to identify e-mail spam.
A license is required.

Question 36
What are the three services you can enable with AppSecure? (Choose three.)
AppFW
AppEngine
AppTrack
AppQos

Question 37
Which command is used to get details about a specific interface in the Junos OS?
show interfaces interface-name
show interfaces interface-statistics
get interface interface-name
get interface interface-statistics

Question 38
What element of Spotlight Secure can block traffic from specified countries?
Spotlight GeoIP
Spotlight Secure Connector
Spotlight CC
Spotlight Cloud

Question 39
Which AppSecure service is used for prioritization and metering of application traffic?
AppQoS
AppFW
AppTrack
AppDoS

Question 40
The two dedicated 1-Gigabit Ethernet ports on the SRX1500 are used for which two functions? (Choose two.)
Out-of-band management
Junos Space connectivity
High availability
Power over Ethernet

Question 41
The control plane in an SRX Series device provides which three of the following functions? (Choose three.)
Pushing down configuration elements to the data plane
Provides forwarding and security processing of traffic
Hosting the management sessions
Pulls statistics and counters from the data plane