Juniper JN0-634 - Security, Professional (JNCIP-SEC) Exam
Page: 2 / 13
Total 65 questions
Question #6 (Topic: )
SRX Series devices with AppSecure support which three custom signatures? (Choose
three.)
three.)
A. MAC address-based mapping
B. latency detection mapping
C. IP protocol-based mapping
D. ICMP-based mapping
E. Layer 7-based signatures
Answer: C,D,E
Question #7 (Topic: )
Click the Exhibit button.
[Juniper-JN0-634-7.0/Juniper-JN0-634-5_2.png]
Referring to the configuration shown in the exhibit, which statement explains why traffic
matching the IDP signature DNS:OVERFLOW:TOO-LONG-TCP-MSG is not being stopped
by the SRX Series device?
[Juniper-JN0-634-7.0/Juniper-JN0-634-5_2.png]
Referring to the configuration shown in the exhibit, which statement explains why traffic
matching the IDP signature DNS:OVERFLOW:TOO-LONG-TCP-MSG is not being stopped
by the SRX Series device?
A. The security policy dmz-pol1 has an action of permit.
B. The IDP policy idp-pol1 is not configured as active.
C. The IDP rule r2 has an ip-action value of notify.
D. The IDP rule r1 has an action of ignore-connection.
Answer: B
Question #8 (Topic: )
Click the Exhibit button.
[Juniper-JN0-634-7.0/Juniper-JN0-634-6_2.png]
Referring to the exhibit, the host has been automatically blocked from communicating on
the network because a malicious file was downloaded. You cleaned the infected host and
changed the investigation status to Resolved Fixed.
What does Sky ATP do if the host then attempts to download a malicious file that would
result in a threat score of 10?
[Juniper-JN0-634-7.0/Juniper-JN0-634-6_2.png]
Referring to the exhibit, the host has been automatically blocked from communicating on
the network because a malicious file was downloaded. You cleaned the infected host and
changed the investigation status to Resolved Fixed.
What does Sky ATP do if the host then attempts to download a malicious file that would
result in a threat score of 10?
A. Sky ATP does not log the connection attempt and an SRX Series device does not allow the host to communicate on the network.
B. Sky ATP logs the connection attempt and an SRX Series device does not allow the host to communicate on the network.
C. Sky ATP logs the connection attempt and an SRX Series device allows the host to communicate on the network.
D. Sky ATP does not log the connection attempt and an SRX Series device allows the host to communicate on the network.
Answer: C
Question #9 (Topic: )
Click the Exhibit button.
[Juniper-JN0-634-7.0/Juniper-JN0-634-7_2.png]
Security Director is reporting the events shown in the exhibit.
If the fallback parameter is set to pass traffic, what would cause the events?
[Juniper-JN0-634-7.0/Juniper-JN0-634-7_2.png]
Security Director is reporting the events shown in the exhibit.
If the fallback parameter is set to pass traffic, what would cause the events?
A. The files are too large for the antivirus engine to process.
B. The files are not scanned because they were permitted by a security policy.
C. The files are not scanned because they are the wrong file format.
D. The antivirus engine is unable to re-encrypt the files.
Answer: A
Question #10 (Topic: )
Which AppSecure feature identifies applications that are present in traffic?
A. AppIDB. AppTrack
B. AppFW
C. AppQoS
Answer: A