Juniper JN0-637 - Security, Professional (JNCIP-SEC) Exam
Page: 1 / 19
Total 93 questions
Question #1 (Topic: Exam A)
Click the Exhibit button.

You can use SSH from SRX-1 to R-1 but not telnet. Both telnet and SSH services are enabled on R-1.
Referring to the exhibit, which configuration on SRX-1 is denying the access?

You can use SSH from SRX-1 to R-1 but not telnet. Both telnet and SSH services are enabled on R-1.
Referring to the exhibit, which configuration on SRX-1 is denying the access?
A. The security policy from the junos-host zone to the TRUST zone is denying port 22.
B. The security policy from the TRUST zone to the junos-host zone is denying port 22.
C. The security policy from the junos-host zone to the TRUST zone is denying port 23.
D. The security policy from the TRUST zone to the junos-host zone is denying port 23.
Answer: D
Question #2 (Topic: Exam A)
In a multimode HA environment, which service must be configured to synchronize between nodes?
A. PKI certificated
B. IDP
C. IPsec VPN
D. advanced policy-based routing
Answer: B
Question #3 (Topic: Exam A)
Click the Exhibit button.

Referring to the exhibit, which statement about TLS 1.2 traffic is correct?

Referring to the exhibit, which statement about TLS 1.2 traffic is correct?
A. TLS 1.2 traffic will be sent to routing instance R2 but not forwarded to the next hop.
B. TLS 1.2 traffic will be sent to routing instance R2 and forwarded to next hop 10.2.0.1.
C. TLS 1.2 traffic will be sent to routing instance R1 and forwarded to next hop 10.1.0.1.
D. TLS 1.2 traffic will be sent to routing instance R1 but not forwarded to the next hop.
Answer: C
Question #4 (Topic: Exam A)
You are deploying threat remediation to endpoints connected through third-party devices.
In this scenario, which three statements are correct? (Choose three.)
In this scenario, which three statements are correct? (Choose three.)
A. All third-party switches must support AAA/RADIUS and Dynamic Authorization Extensions to the RADIUS protocol.
B. The connector uses an API to gather endpoint MAC address information from the RADIUS server.
C. All third-party switches in the specified network are automatically mapped and registered with the RADIUS server.
D. The connector queries the RADIUS server for the infected host endpoint details and initiates a change of authorization (CoA) for the infected host.
D. The RADUIS server sends Status-Server messages to update infected host information to the connector.
D. The RADUIS server sends Status-Server messages to update infected host information to the connector.
Answer: ABD
Question #5 (Topic: Exam A)
Click the Exhibit button.

Referring to the exhibit, which three statements about the multinode HA environment are true? (Choose three.)

Referring to the exhibit, which three statements about the multinode HA environment are true? (Choose three.)
A. Session state is synchronized on both nodes.
B. IP monitoring has failed for the services redundancy group.
C. Node 1 will host services redundancy group 1 unless it is unavailable.
D. Node 2 will process transit traffic that it receives for services redundancy group 1.
E. Two services redundancy groups are available.
Answer: ACE