JN0-634 Online Practice Questions and Answers

You are scanning files that are being transferred from the Internet to hosts on your internal network with Sky ATP. However, you notice that files that are 1 GB in size are not being scanned by Sky ATP.

In this scenario, which two statements are true? (Choose two.)

A. The Sky ATP failback option is set to permit.

B. The Sky ATP engine or the SRX Series device is too busy.

C. The 1 GB file size is larger than the scan size limit for Sky ATP.

D. The Sky ATP policy on the SRX Series device is misconfigured.

Click the Exhibit button.

You are trying to implement secure wire on your SRX Series device. However, you are receiving the commit error shown in the exhibit.

What must you do to solve the problem?

A. Add the correct logical units to the interfaces in the secure wire.

B. Put the ge-0/0/4 and ge-0/0/5 interfaces in separate secure wires.

C. Change the Ethernet switching mode from access to trunk for the ge-0/0/4 and ge-0/0/5 interfaces.

D. Add the ge-0/0/4 and ge-0/0/5 interfaces to the SV VLAN.

Which AppSecure feature identifies applications that are present in traffic?

A. AppID

B. AppTrack

C. AppFW

D. AppQoS

What are three types of content that are filtered by the Junos UTM feature set? (Choose three.)

A. IMAP

B. HTTP

C. SIP

D. SSL

E. FTP

Using the Policy Controller API, which configuration would post Sky ATP with PE mode to the Policy Enforcer controller configuration?

"configs": {

A. "sdsn": false "cloudonly": true }

B. "configs": { "sdsn": false "cloud": false } "configs": {

C. "sdsn": true "cloudonly": false }

D. "configs": { "sdsn": false "cloud": true }

Click the Exhibit button.

The UTM policy shown in the exhibit has been applied to a security policy on a branch SRX Series device. In this scenario, which statement is true?

A. HTTP downloads of ZIP files will be blocked.

B. FTP downloads of ZIP files will be blocked.

C. E-mail downloads of ZIP files will be blocked.

D. ZIP files can be renamed with a new extension to pass through the filter.

Click the Exhibit button.

According to the policy shown in the exhibit, which application-services traffic will be processed first?

A. the application traffic matchings the IDP rules

B. the application traffic matchings the utm-policy log rule set

C. the application traffic matchings the utm-policy wf-policy_websense-home rules

D. the application traffic matchings the application-firewall rule-set demo-tracking_1 rule

Click the Exhibit button.

Referring to the exhibit, which statement is true?

A. E-mails from the [email protected] address are marked with SPAM in the subject line by the spam block list server.

B. E-mails from the [email protected] address are blocked by the spam list server.

C. E-mails from the [email protected] address are blocked by the reject blacklist.

D. E-mails from the [email protected] address are allowed by the allow whitelist.

SRX Series devices with AppSecure support which three custom signatures? (Choose three.)

A. MAC address-based mapping

B. latency detection mapping

C. IP protocol-based mapping

D. ICMP-based mapping

E. Layer 7-based signatures

Which statement about transparent mode on an SRX340 is true?

A. You must reboot the device after configuring transparent mode.

B. Security policies applied to transparent mode zones require Layer 2 address matching.

C. Screens are not supported in transparent mode security zones.

D. All interfaces on the device must be configured with the ethernet-switching protocol family.

Click the Exhibit button.

Referring to the exhibit, how many AppTrack logs will be generated for an HTTP session lasting 12 minutes?

A. 4

B. 2

C. 1

D. 3

You have implemented APBR on your SRX Series device and are verifying that your changes are working properly. You notice that when you start the application for the first time, it does not follow the expected path.

What are two reasons that would cause this behavior? (Choose two.)

A. The application system cache does not have an entry for the first session.

B. The application system cache has been disabled.

C. The application system cache already has an entry for this application.

D. The advanced policy-based routing is applied to the ingress zone and must be moved to the egress zone.

Click the Exhibit button.

Security Director is reporting the events shown in the exhibit.

If the fallback parameter is set to pass traffic, what would cause the events?

A. The files are too large for the antivirus engine to process.

B. The files are not scanned because they were permitted by a security policy.

C. The files are not scanned because they are the wrong file format.

D. The antivirus engine is unable to re-encrypt the files.

Which interface family is required for Layer 2 transparent mode on SRX Series devices?

A. LLDP

B. Ethernet switching

C. inet

D. VPLS

You are implementing user authentication on your network using an SRX Series device and want to ensure that there are redundant forms of authentication for users to access the network. You have configured the device with the integrated user firewall and user role firewall features. You are testing failover methods using the default priority values.

In this scenario, which two statements are true? (Choose two.)

A. If the user fails local authentication, then the Junos OS will attempt to authenticate the user with a user role firewall.

B. If the user fails user role firewall authentication, then the Junos OS will attempt to authenticate the user with an integrated user firewall.

C. If the user fails integrated user firewall authentication, then the Junos OS will attempt to authenticate with a user role firewall.

D. If the user fails local authentication, then the Junos OS will attempt to authenticate the user with an integrated user firewall.