Free Juniper Security, Professional Exam JN0-635 Exam Practice Test

You opened a support ticket with JTAC for your Juniper ATP appliance. JTAC asks you to set up access to the deviceusing the reverse SSH connection.Which three setting must be configured to satisfy this request? (Choose three.)

• Enable JTAC remote access
• Create a temporary root account.
• Enable a JATP support account.
• Create a temporary admin account.
• Enable remote support.

You are asked to set up notifications if one of your collector traffic feeds drops below 100 kbps.Which two configuration parameters must be set to accomplish this task? (Choose two.)

• Set a traffic SNMP trap on the JATP appliance
• Set a logging notification on the JATP appliance
• Set a general triggered notification on the JATP appliance
• Set a traffic system alert on the JATP appliance

You must troubleshoot ongoing problems with IPsec tunnels and security policy processing. Your network consists of SRX340s and SRX5600s.In this scenario, which two statements are true? (Choose two.)

• IPsec logs are written to the kmd log file by default
• IKE logs are written to the messages log file by default
• You must enable data plane logging on the SRX340 devices to generate security policy logs
• You must enable data plane logging on the SRX5600 devices to generate security policy logs

Malware that is detonated by the JATP sandbox must be able to communicate with the Internet without being able to harm your local network resources.Which statement is correct in this scenario?

• The management interface must be connected to the Internet zone
• The exhaust interface must be connected to the Internet zone
• The honeypot interface must be connected to the Internet zone
• The monitoring interface must be connected to the Internet zone

In which two ways are tenant systems different from logical systems? (Choose two.)

• Tenant systems have higher scalability than logical systems
• Tenant systems have less scalability than logical systems
• Tenant systems have fewer routing features than logical systems
• Tenant systems have more routing features than logical systems

You have a remote access VPN where the remote users are using the NCP client. The remote users can access the internal corporate resources as intended; however, traffic that is destined to all other Internet sites is going through the remote access VPN. You want to ensure that only traffic that is destined to the internal corporate resources use the remote access VPN.Which two actions should you take to accomplish this task? (Choose two.)

• Enable the split tunneling feature within the VPN configuration on the SRX Series device
• Enable IKEv2 within the VPN configuration on the SRX Series device
• Configure the necessary traffic selectors within the VPN configuration on the SRX Series device
• Configure split tunneling on the NCP profile on the remote client

You must implement an IPsec VPN on an SRX Series device using PKI certificates for authentication. As part of the implementation, you are required to ensure that the certificate submission, renewal, and retrieval processes are handledautomatically from the certificate authority.In this scenario, which statement is correct.

• You can use CRL to accomplish this behavior.
• You can use SCEP to accomplish this behavior.
• You can use OCSP to accomplish this behavior.
• You can use SPKI to accomplish this behavior.

Which Junos security feature is used for signature-based attack prevention?

• RADIUS
• AppQoS
• IPS
• PIM

Which two VPN features are supported with CoS-based IPsec VPNs? (Choose two.)

• IKEv2
• VPN monitoring
• dead peer detection
• IKEv1

You are trying to get a SSH honeypot set up on a Juniper ATP Appliance collector. The collector is running on hardware with two physical interfaces and two physical CPU cores. The honeypot feature is not working.Which statement is true in this scenario?

• The collector must have at least three physical interfaces
• The collector must have at least four physical cores
• The collector must have at least four physical interfaces
• The collector must have at least six physical cores