Free Juniper Security, Professional Exam JN0-635 Exam Practice Test

In which two ways are tenant systems different from logical systems? (Choose two.)

• Tenant systems have higher scalability than logical systems
• Tenant systems have less scalability than logical systems
• Tenant systems have fewer routing features than logical systems
• Tenant systems have more routing features than logical systems

You are asked to implement the session cache feature on an SRX5400.In this scenario, what information does a session cache entry record? (Choose two.)

• The type of processing to do for ingress traffic
• The type of processing to do for egress traffic
• To which SPU the traffic of the session should be forwarded
• To which NPU the traffic of the session should be forwarded

You are connecting two remote sites to your corporate headquarters site; you must ensure that all traffic is secured andonly uses a single Phase 2 SA for both sites.In this scenario, which VPN should be used?

• An IPsec group VPN with the corporate firewall acting as the hub device.
• Full mesh IPsec VPNs with tunnels between all sites.
• A hub-and-spoke IPsec VPN with the corporate firewall acting as the hub device.
• A full mesh Layer 3 VPN with the corporate firewall acting as the hub device.

You have configured static NAT for a webserver in your DMZ. Both internal and external users can reach the webserver using the webserver's IP address. However, only internal users can reach the webserver using the webserver's DNS name. When external users attempt to reach the webserver using the webserver's DNS name, an error message is received.Which action would solve this problem?

• Disable Web filtering
• Use DNS doctoring
• Modify the security policy
• Use destination NAT instead of static NAT

According to the log shown in the exhibit, you notice the IPsec session is not establishing.What is the reason for this behavior?

• Mismatched proxy ID
• Mismatched peer ID
• Mismatched preshared key
• Incorrect peer address.

Which three roles or protocols are required when configuring an ADVPN? (Choose three.)

• OSPF
• shortcut partner
• shortcut suggester
• IKEv1
• BGP

Which two VPN features are supported with CoS-based IPsec VPNs? (Choose two.)

• IKEv2
• VPN monitoring
• dead peer detection
• IKEv1

In a Juniper ATP Appliance, what would be a reason for the mitigation rule to be in the failed-remove state?

• The Juniper ATP Appliance received a commit error message from the SRX Series device
• The Juniper ATP Appliance received an unknown error message from the SRX Series device
• The Juniper ATP Appliance was not able to communicate with the SRX Series device
• The Juniper ATP Appliance was not able to obtain the config lock

When would you use the port-overloading-factor 1 setting?

• to enable the port-overloading
• to disable the port-overloading
• to map ports with 1:1 ratio for port-overloading
• to set the maximum port-overloading capacity to 65,536

Which two modes are supported on Juniper Sky ATP? (Choose two.)

• private mode
• global mode
• tap mode
• secure wire mode