Juniper JN0-696 - Juniper Networks Certified Support Professional Security (JNCSP-SEC) Exam
Page: 2 / 15
Total 71 questions
Question #6 (Topic: Topic 1)
Users at a branch office report that they cannot reach an internal Web server. The users connect through a single SRX Series device to reach the Web server. A
security policy has been configured on the device that allows traffic to flow between interfaces in the Trust zone.
What is causing this problem?
security policy has been configured on the device that allows traffic to flow between interfaces in the Trust zone.
What is causing this problem?
A. The interface on the device that connects to the Web server is not in the Trust zone.
B. The IPsec VPN connection between the users and the Web server is down.
C. There is a host inbound traffic configuration problem.
D. There is an antispam configuration problem.
Answer: A
Question #7 (Topic: Topic 1)
You are asked to troubleshoot a user communication problem. Users connected to the Trust zone cannot communicate with other devices connected to the same
zone. These users are able to communicate with other devices in all other zones.
How should you resolve this problem?
zone. These users are able to communicate with other devices in all other zones.
How should you resolve this problem?
A. You must put each device in a separate subzone to allow internal communication.
B. You must configure a security policy to allow intrazone communication.
C. You must enable the allow-internal parameter under the Trust security zone.
D. You must enable the all parameter for host inbound traffic for the zone.
Answer: B
Question #8 (Topic: Topic 1)
You have implemented AppTrack on your SRX Series device to track YouTube streaming video usage in your network. However, many of the YouTube videos
that your users are watching are shorter than five minutes. You notice that the statistics for starting these short YouTube videos are not being recorded by
AppTrack.
Which two actions would allow AppTrack to record the statistics for these sessions? (Choose two.)
that your users are watching are shorter than five minutes. You notice that the statistics for starting these short YouTube videos are not being recorded by
AppTrack.
Which two actions would allow AppTrack to record the statistics for these sessions? (Choose two.)
A. Change AppTrack to collect session information during shorter intervals.
B. Change AppTrack to collect session information when the session is first created.
C. Change AppTrack to collect session information for nested applications only.
D. Change AppTrack to collect session information for applications only.
Answer: AB
Question #9 (Topic: Topic 1)
While attempting to set up IDP on an SRX Series device, the IDP attack database fails to download.
What is one reason for this behavior?
What is one reason for this behavior?
A. The device's Untrust zone to Trust zone security policy does not allow this traffic.
B. The device's configuration does not include the URL from which to retrieve the attack database.
C. A firewall filter applied to the loopback interface is preventing the download of the attack database.
D. The host inbound traffic has not been configured correctly.
Answer: B
Question #10 (Topic: Topic 1)
When attempting to delete IDP policies and configurations from an SRX Series device, a user enters these configuration commands:
Delete security idp
Commit
However, after the commit has completed, the configuration is still present under the [edit security idp] hierarchy.
What should the user do to permanently remove the configuration?
Delete security idp
Commit
However, after the commit has completed, the configuration is still present under the [edit security idp] hierarchy.
What should the user do to permanently remove the configuration?
A. Delete the /var/db/scripts/commit/templates.xsl file and reboot the device.
B. Delete the [edit security idp] hierarchy, commit the change, and immediately reboot the device.
C. Stop the idpd process using the set system processes idp-policy disable configuration command, commit the change, delete the [edit security idp] hierarchy, and then commit that change.
D. Delete the IDP templates commit script from the [edit system scripts commit] hierarchy, delete the [edit security idp] hierarchy, and then commit the change.
Answer: D
