JN0-636 Exam Questions

Referring to the exhibit, which two statements are true?

The show network-access aaa radius-servers command has been issued to solve authentication issues. Referring to the exhibit, to which two authentication servers will the SRX Series...

Referring to the exhibit, a spoke member of an ADVPN is not functioning correctly. Which two commands will solve this problem? (Choose two.)

You are using ATP Cloud and notice that there is a host with a high number of ETI and C&C hits sourced from the same investigation and notice that some of the events have not been...

Which two features would be used for DNS doctoring on an SRX Series firewall? (Choose two.)

You want to configure a threat prevention policy. Which three profiles are configurable in this scenario? (Choose three.)

You are asked to download and install the IPS signature database to a device operating in chassis cluster mode. Which statement is correct in this scenario?

You are using traceoptions to verity NAT session information on your SRX Series device. Referring to the exhibit, which two statements are correct? (Choose two.)

Referring to the exhibit. You are asked to establish an IBGP peering between the SRX Series device and the router, but the session is not being established. In the security flow tr...

SRX Series device enrollment with Policy Enforcer fails. To debug further, the user issues the following command show configuration services security-intelligence url https://cloud...

Referring to the exhibit, which three statements are true? (Choose three.)

You have configured the SRX Series device to switch packets for multiple directly connected hosts that are within the same broadcast domain. However, the traffic between two hosts...

You are asked to deploy filter-based forwarding on your SRX Series device for incoming traffic sourced from the 10.10.100.0/24 network. In this scenario, which three statements are...

You are connecting two remote sites to your corporate headquarters site. You must ensure that all traffic is secured and sent directly between sites. In this scenario, which VPN sh...

Your Source NAT implementation uses an address pool that contains multiple IPv4 addresses. Your users report that when they establish more than one session with an external applica...

You are asked to determine if the 203.0.113.5 IP address has been added to the third-party security feed. OS hield, from Juniper Secinte1. You have an SRX Series device that is rec...

You want to use selective stateless packet-based forwarding based on the source address. In this scenario, which command will allow traffic to bypass the SRX Series device flow dae...

You are requested to enroll an SRX Series device with Juniper ATP Cloud. Which statement is correct in this scenario?

Referring to the exhibit, which two statements are true? (Choose two.)

You configure Source NAT using a pool of addresses that are in the same subnet range as the external ge-0/0/0 interface on your vSRX device. Traffic that is exiting the internal ne...

In Juniper ATP Cloud, what are two different actions available in a threat prevention policy to deal with an infected host? (Choose two.)

You want to identify potential threats within SSL-encrypted sessions without requiring SSL proxy to decrypt the session contents. Which security feature achieves this objective?

The highlighted incident (arrow shown in the exhibit) shows a progression level of "Download" in the kill chain. What are two appropriate mitigation actions for the selected incide...

Referring to the exhibit, which three protocols will be allowed on the ge-0/0/0.5 interface? (Choose three.)

Referring to the exhibit, which type of NAT is being performed?

Regarding IPsec CoS-based VPNs, what is the number of IPsec SAs associated with a peer based upon?

Which method does an SRX Series device in transparent mode use to learn about unknown devices in a network?

While troubleshooting security policies, you added the count action. Where do you see the result of this action?

You are asked to detect domain generation algorithms. Which two steps will accomplish this goal on an SRX Series firewall? (Choose two.)

You are validating bidirectional traffic flows through your IPsec tunnel. The 4546 session represents traffic that is sourced from the local network destined to the remote network....

Which two statements are correct about the output shown in the exhibit? (Choose two.)

Referring to the exhibit, which statement explains this problem?

Your manager asks you to show which attacks have been detected on your SRX Series device using the IPS feature. Which command would you use to accomplish this task?

Which statement is correct regarding the outputs shown in the exhibit?

You are using destination NAT to translate the address of your HTTPS server to a private address on your SRX Series device. You have decided to implement IDP SSL decryption. Upon e...

You are asked to ensure that your IPS engine blocks attacks. You must ensure that your system continues to drop additional malicious traffic without additional IPS processing for u...

You must ensure that your Layer 2 traffic is secured on your SRX Series device in transparent mode. What must be considered when accomplishing this task?

What is a secure key management protocol used by IPsec?

As an SRX administrator, you must find all encrypted sessions on an SRX Series device. Which command would you use to accomplish this task?

Which configurable SRX Series device feature allows you to capture transit traffic?

You have already configured a hub-and-spoke VPN with one hub device and two spoke devices. However, the hub device has one neighbor in the Init state and one neighbor in the Full s...

DMZ zone. What are two reasons for this problem? (Choose two.)

Click the Exhibit button. IPv6 to IPv4 addresses are not being translated as shown in the exhibit. Which two configurations would resolve the problem? (Choose two.)

Click the Exhibit button. user@host# run show route inet.0: 4 destinations, 1 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static...

Click the Exhibit button. user@srx> show security mka statistics Interface name: fxpl Received packets: 3 Transmitted packets: 3 Version mismatch packets: 0 CAR mismatch packets: 6...

Click the Exhibit button.

You have recently committed the IPS policy shown in the exhibit. When evaluating the expected scenario, you notice that you have a session that matches all the rules in your IPS po...

Your organization has multiple Active Directory domains to control user access. You must ensure that security policies are passing traffic based upon the users' access rights. What...

You are asked to set up notifications if one of your collector traffic feeds drops below 100 kbps. Which two configuration parameters must be set to accomplish this task? (Choose t...

You have configured static NAT for a webserver in your DMZ. Both internal and external users can reach the webserver using the webserver's IP address. However, only internal users...