JN0-632 Exam Questions

An IPSec tunnel has just gone down in your network and you have been asked to troubleshoot and resolve the issue. Which three reasons might be the cause of this issue? (Choose thre...

Bandwidth utilization has significant increased recently on the SRX3600 connecting your company to the Internet. You have decided to enable the Application Tracking feature on the...

You have been asked to troubleshoot a VoIP connectivity problem that occurs every time the IPSec VPN tunnel drops. The SRX Series device has a default route to the Internet and rec...

You need to establish a new point-to-point IPSec VPN to a recently acquired remote site. The remote site is currently using the same network space with many overlapping IP addresse...

Click the Exhibit button. Host A and Server B must each be able to initiate traffic to each other. Server B does not have a route to the 1.1.1 0/24 network; it can send traffic onl...

You notice an unusual increase in activity in your network. You investigate by reviewing logs and analyzing traffic flows. In your analysis, you identify a remote host is sending t...

Your company is bringing a remote office online and will use VPN connectivity for access to resources between offices. The remote SRX Series device has an IP address, which it obta...

Click the Exhibit button. The client is downloading a file from the FTP server. The FTP control channel is established using a security policy named trust-to-untrust. Referring to...

Click the Exhibit button. You created the IPS policy displayed in the exhibit and find that the policy is not being used to inspect traffic. What must you do to activate the policy...

You have a branch location connected to a virtual-router type of routing-instance. To provide Internet access, one requirement is to provide connectivity to an interface and its di...

You have configured your SRX Series device with two route-based VPNs for the same destination network Remote SRX Series device A's route has a preference of 5 and remote SRX Series...

In the sequence of IPS inspection steps, protocol anomaly detection is performed after which step?

You have configured persistent NAT in your NAT rule base. You create a security policy in the direction of external to internal. Which persistent NAT parameter should you configure...

You have implemented a chassis cluster that spans a Layer 2 network between two office campuses. You are using dual fabric links. Some of the RTOs are getting lost. What are two re...

Your company recently acquired another company. During a site visit and network audit, you recognize that the acquired company's private network address space overlaps with yours....

Click the Exhibit button. You have been asked to configure a virtual-router routing-instance (or a group of internal users. To grant the internal users Internet access, you create...

What is a NULL scan attack and how can you minimize its effects? Juniper JN0-632 Exam

Which two make up the context of an IPS attack signature? (Choose two.)

Which component can you use to find an attack for traffic that uses a nonstandard service?

Click the Exhibit button. You are asked to help troubleshoot new connectivity to a server on your network. The system administrator is receiving user requests and confirms that the...

You loaded the attack database on your SRX device, but it must be installed. Which command statement installs the attack database?

A user residing in the trust zone of the SRX Series device cannot access a Web page hosted on a server in the DMZ zone. You verity that an active security policy exists on the SRX...

You have configured persistent NAT with the default inactivity timeout. All of the sessions of a persistent NAT binding have expired. How long will the binding remain in the SRX Se...

Click the Exhibit button. Referring to the exhibit, which type of NAT is implemented?

You are configuring a hub-and-spoke VPN topology between an SRX Series device deployed at the hub site and several devices at spoke sites. You have configured all the settings to e...

Your company has decided to enable IPv6 in its corporate network. All core network elements are already enabled. You have completed the configuration of the SRX Series cluster. All...

You have set up a chassis cluster in an active-active state. While monitoring the fabric link during a failover scenario, you noticed the utilization is higher than expected. What...

Your network engineering department has decided another SRX cluster is needed for additional capacity and DMZ segments. After installing the new cluster on the same VLANs, network...

When fragmented traffic is processed by the IPS engine, two steps are performed. First, the IPS engine identifies IP fragments. What is the second step?

You administer an SRX5600 to which several customer networks are attached. Each customer network terminates in a virtual routing-instance. You have been asked to direct traffic sou...

You have many security policies configured using the predefined junos-ftp application. You create a new application named my-ftp for FTP traffic, but you do not want the FTP ALG to...

Which feature would you use to bypass the flow-based forwarding capability of an SRX Series branch device for a specific application?

While configuring your SRX device, you notice problems with the configuration. You suspect that someone made an undocumented change to your device. You want to determine who made t...

Your SRX Series device must have the IPS signature database installed for use in IPS policy development. How do you install the IPS signature database onto the SRX Series device?

You have an SRX650 that supports many customers who are each assigned to their own virtual router and do not normally communicate with each other. However, a request has been made...

Click the Exhibit button. You are troubleshooting a new IPsec VPN tunnel that is failing to establish an IKE security association between SRX Series devices. What is a possible cau...

While performing routine monitoring of your network, you notice an unusual increase in activity. You check the logs and notice a specific set of flows from a single source IP addre...

In a group VPN, the members rekey with the server using the Unicast PuLL method. This rekey mechanism is protected by which secure channel?

Click the Exhibit button. Which two commands are required to generate the results shown in the exhibit? (Choose two.) Juniper JN0-632 Exam

Which IPS inspection step is completed last?

Click the Exhibit button. You have configured an SRX Series device to act as the hub in a hub-and-spoke environment. After configuring two of your spoke sites, you notice that only...

Click the Exhibit button. Your company uses a custom-built FTP application. You have configured an application definition to support it on your SRX Series device as shown in the ex...

Two High End SRX Series devices are configured in a chassis cluster, but interchassis communication is problematic and intermittent. Node 0 has SPCs located in slots 1, 2, 5, and 1...

You have an internal application that requires the same IP address to be used for multiple concurrent sessions. Which NAT parameter would you enable to provide this functionality?

Juniper JN0-632 Exam Click the Exhibit button. High availability chassis clustering has been configured. The SRX 5800-A is in passive mode, while the SRX 5800-B is in active mode....

You have been asked to change the authentication mechanism on one of your VPNs to use public- key certificates to authenticate the peer SRX devices at each end. Which part of the V...

You have two SRX3400s running in active/passive mode. The primary SRX device has an NPC fail and goes offline. What happens to the SRX cluster? Juniper JN0-632 Exam

What are two protection methods employed on SRX Series devices? (Choose two.)

You are using certificates for IPsec VPNs and want the SRX Series device to verify that the certificates are valid. When configuring the SRX device, which protocol is supported for...

You initiated the installation of the attack database. The system indicates that it will run asynchronously and returns you to a command prompt in the CLI. You want to know if the...