Your SRX Series device does not see the SYN packet.
What is the default action in this scenario?
Answer : C
Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-tcp-session-checks.html
Click the Exhibit button.
Answer : C
Reference:
https://www.juniper.net/documentation//en_US/junos/topics/reference/configuration-statement/security-flow-power-mode-ipsec.html
Click the Exhibit button.
Answer : B
In a Juniper ATP Appliance, what would be a reason for the mitigation rule to be in the failed-remove state?
Answer : D
Reference:
https://www.juniper.net/documentation/en_US/release-independent/jatp/topics/topic-map/jatp-mitigation-and-reporting.html
An administrator wants to implement persistent NAT for an internal resource so that external hosts are able to initiate communications to the resource, with the internal resource having previously sent packets to the external hosts.
Which configuration setting is used to accomplish this goal?
Answer : A
How does secure wire mode differ from transparent mode?
Answer : A
Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-secure-wire.html
What are two important functions of the Juniper Networks ATP Appliance solution? (Choose two.)
Answer : BD
Reference:
https://www.juniper.net/us/en/products-services/security/advanced-threat-prevention/
Click the Exhibit button.
Answer : AD
You have downloaded and initiated the installation of the application package for the JATP Appliance on an SRX1500. You must confirm that the installation of the application package has completed successfully.
In this scenario, which command would you use to accomplish this task?
Answer : A
Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-predefined-signatures.html
You have a remote access VPN where the remote users are using the NCP client. The remote users can access the internal corporate resources as intended; however, traffic that is destined to all other Internet sites is going through the remote access VPN. You want to ensure that only traffic that is destined to the internal corporate resources use the remote access VPN.
Which two actions should you take to accomplish this task? (Choose two.)
Answer : CD
Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-remote-access-vpns-with-ncp-exclusive-remote-access-client.html
Click the Exhibit button.
Answer : AB
Reference:
https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/concept/sky-atp-integrated-feeds.html
Click the Exhibit button.
Answer : AD
Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-auto-discovery-vpns.html
Which two modes are supported on Juniper Sky ATP? (Choose two.)
Answer : CD
Reference:
https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/concept/sky-atp-about.html
You configured a security policy permitting traffic from the trust zone to the DMZ zone, inserted the new policy at the top of the list, and successfully committed it to the SRX Series device. Upon monitoring, you notice that the hit count does not increase on the newly configured policy.
In this scenario, which two commands would help you to identify the problem? (Choose two.)
Answer : BD
Reference:
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/monitoring-troubleshooting-security-policy.html
A user is unable to reach a necessary resource. You discover the path through the SRX Series device includes several security features. The traffic is not being evaluated by any security policies.
In this scenario, which two components within the flow module would affect the traffic? (Choose two.)
Answer : AC