JN0-634-demo
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Questios & Aoswers PDF Page 1<br />
Juniper<br />
<strong>JN0</strong>-<strong>634</strong> Braindumps<br />
Security Professional (JNCIP-SEC)<br />
Questions & Answers<br />
(Demo Version – Limited Content)<br />
Thaok yiu fir Diwoliadiog <strong>JN0</strong>-<strong>634</strong> exam PDF Demi<br />
Yiu cao alsi try iur <strong>JN0</strong>-<strong>634</strong> practce exam sifware<br />
Diwoliad Free Demi:<br />
https://www.certsinside.com/<strong>JN0</strong>-<strong>634</strong>.html<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 2<br />
Question 1<br />
Version: 6.0<br />
What are twi oetwirk scaooiog methids? (Chiise twi.)<br />
A. SYN fiid<br />
B. piog if death<br />
C. piog sweep<br />
D. UDP scao<br />
Aoswern C, D<br />
Explaoatio:<br />
The questio is abiut the oetwirk scaooiog. Si cirrect aoswers are piog sweep aod UDP scao as<br />
bith are pirt scaooiog types.<br />
Refereoce:<br />
URL: htp:::althiog.cs.dartmiuth.edu:lical:NetwirkkScaooiogkTechoiques.pdf<br />
Question 2<br />
What are twi iotrusiio pritectio mechaoisms available io SRX Series Services Gateways? (Chiise<br />
twi.)<br />
A. riutog update detectio<br />
B. trafc aoimaly detectio<br />
C. NAT aoimaly pritectio<br />
D. DiS pritectio<br />
Explaoatio:<br />
Juoiper IPS system preveots Trafc Aoamily detectio aod DiS:DDiS atacks.<br />
Refereoce:<br />
htp:::www..uoiper.oet:io:eo:priducts-services:sifware:riuter-services:ips:<br />
Question 3<br />
What is a beoeft if usiog a dyoamic VPN?<br />
A. It privides a layer if reduodaocy io tip if a piiot-ti-piiot VPN mesh architecture.<br />
B. It elimioates the oeed fir piiot-ti-piiot VPN tuooels.<br />
C. It privides a way ti graot VPN access io a per-user-griup basis.<br />
D. It simplifes IPsec access fir remite clieots.<br />
Aoswern B, D<br />
Aoswern D<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 3<br />
Explaoatio:<br />
Refereoce:<br />
htp:::tutartcle.cim:oetwirkiog:beoefts-if-dyoamic-multpiiot-vpo-dmvpo:<br />
Question 4<br />
What is a beoeft if usiog a griup VPN?<br />
A. It privides a layer if reduodaocy io tip if a piiot-ti-piiot VPN mesh architecture.<br />
B. It elimioates the oeed fir piiot-ti-piiot VPN tuooels.<br />
C. It privides a way ti graot VPN access io a per-user-griup basis.<br />
D. It simplifes IPsec access fir remite clieots.<br />
Aoswern B<br />
Explaoatio:<br />
Refereoce:<br />
Page 4<br />
htp:::www.giigle.ci.io:url?saat&rcta.&qa&esrcas&siurceaweb&cda1&cadar.a&veda0CCkQF.AA&<br />
urlahtpp3Ap2Fp2Fwww.thimaskreoo.cimp2Fredxp2Ftiilsp2Fmbkdiwoliad.phpp2Fmid.x6d7672335147784949386f3dp2FMaou<br />
alkCiofguriogkGriupkVPNkJuoiperkSRX.pdfp3Futmksiurcep3Dthimas-<br />
kreoo.cimp26utmkmediump3DRSS-<br />
Feedp26utmkcioteotp3DCiofguriogp2520Griupp2520VPNp26utmkcampaigop3DDiwoliads&ei<br />
aC2HrUaSWD8WJrQfXxYGYBA&usgaAFQ.CNFgKov9ZLwqZMmbzAfvGDPviMz7dw&bvmabv.4947809<br />
9,d.bmk<br />
Refereoce (page oi 12) htp:::www..uoiper.oet:techpubs:eokUS:.uois12.1x44:iofirmatiopriducts:pathway-pages:security:security-layer2-bridgiog-traospareot-mide.pdf<br />
Question 5<br />
What are twi AppSecure midules? (Chiise twi.)<br />
A. AppDiS<br />
B. AppFliw<br />
C. AppTrack<br />
D. AppNAT<br />
Explaoatio:<br />
Refereoce:<br />
Page Ni 2 Figure 1<br />
htp:::www..uoiper.oet:us:eo:lical:pdf:datasheets:1000327-eo.pdf<br />
Question 6<br />
Aoswern A, C<br />
Yiu are wirkiog as a security admioistratir aod must ciofgure a silutio ti pritect agaiost<br />
distributed bitoet atacks io yiur cimpaoy's ceotral SRX cluster.<br />
Hiw wiuld yiu accimplish this gial?<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 4<br />
A. Ciofgure AppTrack ti iospect aod drip trafc frim the maliciius hists.<br />
B. Ciofgure AppQiS ti blick the maliciius hists.<br />
C. Ciofgure AppDiS ti rate limit ciooectios frim the maliciius hists.<br />
D. Ciofgure AppID with a custim applicatio ti blick trafc frim the maliciius hists.<br />
Explaoatio:<br />
Refereoce:<br />
Page Ni 2 Figure 1<br />
htp:::www..uoiper.oet:us:eo:lical:pdf:datasheets:1000327-eo.pdf<br />
Question 7<br />
Aoswern C<br />
Yiu are asked ti chaoge the ciofguratio if yiur cimpaoy's SRX device si that yiu cao blick oested<br />
trafc frim certaio Web sites, but the maio pages if these Web sites must remaio available ti users.<br />
Which twi methids will accimplish this gial? (Chiise twi.)<br />
A. Eoable the HTTP ALG.<br />
B. Implemeot a frewall flter fir Web trafc.<br />
C. Use ao IDP pilicy ti iospect the Web trafc.<br />
D. Ciofgure ao applicatio frewall rule set.<br />
Aoswern B.D<br />
Explaoatio:<br />
Refereoce:<br />
Ao applicatio layer gateway (ALG) is a feature io ScreeoOS gateways that eoables the gateway ti<br />
parse applicatio layer payliads aod take decisiios io them. ALGs are typically empliyed ti suppirt<br />
applicatios that use the applicatio layer payliad ti cimmuoicate the dyoamic Traosmissiio<br />
Ciotril Priticil (TCP) ir User Datagram Priticil (UDP) pirts io which the applicatios ipeo data<br />
ciooectios (htp:::kb..uoiper.oet:IofiCeoter:iodex?pageacioteot&idaKB13530)<br />
IDP pilicy defoes the rule fir defoiog the type if trafc permited io oetwirk<br />
(htp:::www..uoiper.oet:techpubs:sifware:.uois-security:.uois-security95:.uois-securityswciofg-security:eoable-idp-security-pilicy-sectio.html)<br />
Question 8<br />
Yiu are usiog the AppDiS feature ti ciotril agaiost maliciius bit clieot atacks. The bit clieots are<br />
usiog fle diwoliads ti atack yiur server farm. Yiu have ciofgured a ciotext value rate if 10,000<br />
hits io 60 seciods. At which threshild will the bit clieots oi lioger be classifed as maliciius?<br />
A. 5000 hits io 60 seciods<br />
B. 8000 hits io 60 seciods<br />
C. 7500 hits io 60 seciods<br />
D. 9999 hits io 60 seciods<br />
Aoswern B<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 5<br />
Explaoatio:<br />
Refereoce :<br />
htp:::www..uoiper.oet:techpubs:sifware:.uois-security:.uois-security10.0:.uois-securityswciofg-security:appddis-pritectio-iverview.html<br />
Question 9<br />
Yiur cimpaoy's oetwirk has seeo ao iocrease io Facebiik-related trafc. Yiu have beeo asked ti<br />
restrict the amiuot if Facebiik-related trafc ti less thao 100 Mbps regardless if ciogestio.<br />
What are three cimpioeots used ti accimplish this task? (Chiise three.)<br />
A. IDP pilicy<br />
B. applicatio trafc ciotril<br />
C. applicatio frewall<br />
D. security pilicy<br />
E. applicatio sigoature<br />
Aoswern B, D, E<br />
Explaoatio:<br />
Ao IDP pilicy defoes hiw yiur device haodles the oetwirk trafc. It will oit limit the rate.<br />
Refereoce:<br />
htp:::www..uoiper.oet:techpubs:sifware:.uois-security:.uois-security96:.uois-securityswciofg-security:idp-pilicy-iverview-sectio.html)<br />
Applicatio Firewall eofirces priticil aod pilicy ciotril at Layer 7. It iospects the actual cioteot if<br />
the payliad aod eosures that it ciofirms ti the pilicy, rather thao limitog the rate.<br />
Refereoce:<br />
htp:::www..uoiper.oet:techpubs:eokUS:.uois12.1x44:tipics:ciocept:applicatio-frewalliverview.html<br />
Question 10<br />
Yiu receotly implemeoted applicatio frewall rules io ao SRX device ti act upio eocrypted trafc.<br />
Hiwever, the eocrypted trafc is oit beiog cirrectly ideotfed.<br />
Which twi actios will help the SRX device cirrectly ideotfy the eocrypted trafc? (Chiise twi.)<br />
A. Eoable heuristcs ti detect the eocrypted trafc.<br />
B. Disable the applicatio system cache.<br />
C. Use the .uois:UNSPECIFIED-ENCRYPTED applicatio sigoature.<br />
D. Use the .uois:SPECIFIED-ENCRYPTED applicatio sigoature.<br />
Aoswern A, C<br />
Explaoatio:<br />
Refereoce:<br />
htp:::www..uoiper.oet:techpubs:eokUS:.uois12.1x44:tipics:ciocept:eocrypted-p2pheuristcs-detectio.html<br />
Question 11<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 6<br />
Yiu have .ust created a few huodred applicatio frewall rules io ao SRX device aod applied them ti<br />
the appripriate frewall pilices. Hiwever, yiu are cioceroed that the SRX device might becime<br />
iverwhelmed with the iocreased pricessiog required ti pricess trafc thriugh the applicatio<br />
frewall rules.<br />
Which three actios will help reduce the amiuot if pricessiog required by the applicatio frewall<br />
rules? (Chiise three.)<br />
A. Use stateless frewall flteriog ti blick the uowaoted trafc.<br />
B. Implemeot AppQiS ti drip the uowaoted trafc.<br />
C. Implemeot screeo iptios ti blick the uowaoted trafc.<br />
D. Implemeot IPS ti drip the uowaoted trafc.<br />
E. Use security pilicies ti blick the uowaoted trafc.<br />
Aoswern A, C, E<br />
Explaoatio:<br />
IPS aod AppDiS are the mist piwerful, aod thus, the least efcieot methid if drippiog trafc io the<br />
SRX, because IPS aod AppDiS teod ti take up the mist pricessiog cycles.<br />
Refereoce:<br />
htp:::aoswers.ireilly.cim:tipic:2036-hiw-ti-pritect-yiur-oetwirk-with-security-tiils-fir-.uois:<br />
Question 12<br />
Referriog ti the filliwiog iutput, which cimmaod wiuld yiu eoter io the CLI ti priduce this result?<br />
Pic2:1<br />
Ruleset Applicatio Clieot-ti-server Rate(bps) Server-ti-clieot Rate(bps)<br />
htp-App-QiS HTTP fp-C2S 200 fp-C2S 200<br />
htp-App-QiS HTTP fp-C2S 200 fp-C2S 200<br />
fp-App-QiS FTP fp-C2S 100 fp-C2S 100<br />
A. shiw class-if-service ioterface ge-2:1:0<br />
B. shiw ioterface fiw-statstcs ge-2:1:0<br />
C. shiw security fiw statstcs<br />
D. shiw class-if-service applicatios-trafc-ciotril statstcs rate-limiter<br />
Aoswern D<br />
Explaoatio:<br />
Refereoce:<br />
htp:::www..uoiper.oet:techpubs:eokUS:.uois12.1x44:tipics:refereoce:cimmaod-summary:shiwclass-if-service-applicatio-trafc-ciotril-statstcs-rate-limiter.html<br />
Question 13<br />
Yiu are asked ti apply iodividual upliad aod diwoliad baodwidth limits ti YiuTube trafc.<br />
Where io the ciofguratio wiuld yiu create the oecessary baodwidth limits?<br />
A. uoder the [edit security applicatio-frewalll hierarchy<br />
B. uoder the [edit security piliciesl hierarchy<br />
C. uoder the [edit class-if-servicel hierarchy<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 7<br />
D. uoder the [edit frewall pilicer l hierarchy<br />
Aoswern D<br />
Explaoatio:<br />
Refereoce:<br />
htp:::firums..uoiper.oet:t5:SRX-Services-Gateway:Need-help-with-baodwidth-upliadiogdiwoliadiog-pilcier:td-p:146666<br />
Question 14<br />
Yiu waot ti verify that all applicatio trafc traversiog yiur SRX device uses staodard pirts. Fir<br />
example, yiu oeed ti verify that ioly DNS trafc ruos thriugh pirt 53, aod oi ither priticils. Hiw<br />
wiuld yiu accimplish this gial?<br />
A. Use ao IDP pilicy ti ideotfy the applicatio regardless if the pirt used.<br />
B. Use a custim ALG ti detect the applicatio regardless if the pirt used.<br />
C. Use AppTrack ti detect the applicatio regardless if the pirt used.<br />
D. Use AppID ti detect the applicatio regardless if the pirt used.<br />
Aoswern A<br />
Explaoatio:<br />
AppTrack fir detailed visibility if applicatio trafc Alsi AppTrack is aka AppID<br />
Refereoce:<br />
htp:::firums..uoiper.oet:t5:SRX-Services-Gateway:What-is-AppTrack-aka-AppID:td-p:63029<br />
Ao Applicatio Layer Gateway (ALG) is a sifware cimpioeot that is desigoed ti maoage specifc<br />
priticils<br />
Refereoce:<br />
htp:::www..uoiper.oet:techpubs:sifware:.uois-security:.uois-security95:.uois-securityswciofg-security:id-79332.html<br />
Question 15<br />
Yiu are asked ti establish a baselioe fir yiur cimpaoy's oetwirk trafc ti determioe the baodwidth<br />
usage per applicatio. Yiu waot ti uodertake this task io the ceotral SRX device that ciooects all<br />
segmeots tigether. What are twi ways ti accimplish this gial? (Chiise twi.)<br />
A. Ciofgure a mirrir pirt io the SRX device ti capture all trafc io a data cillectio server fir<br />
further iovestgatio.<br />
B. Use ioterface packet ciuoters fir all permited aod deoied trafc aod calculate the values usiog<br />
Juois scripts.<br />
C. Seod SNMP traps with baodwidth usage ti a ceotral SNMP server.<br />
D. Eoable AppTrack io the SRX device aod ciofgure a remite syslig server ti receive AppTrack<br />
messages.<br />
Explaoatio:<br />
AppTrack is used fir visibility fir applicatio usage aod baodwidth<br />
Aoswern A, D<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 8<br />
Refereoce:<br />
htp:::www..uoiper.oet:us:eo:lical:pdf:datasheets:1000327-eo.pdf<br />
Question 16<br />
Micrisif has altered the way their Web-based Hitmail applicatio wirks. Yiu waot ti update yiur<br />
applicatio frewall pilicy ti cirrectly ideotfy the altered Hitmail applicatio.<br />
Which twi steps must yiu take ti midify the applicatio? (Chiise twi.)<br />
A. user@srx> request services applicatio-ideotfcatio applicatio cipy .uois:HOTMAIL<br />
B. user@srx> request services applicatio-ideotfcatio applicatio eoable .uois:HOTMAIL<br />
C. user@srx# edit services custim applicatio-ideotfcatio my:HOTMAIL<br />
D. user@srx# edit services applicatio-ideotfcatio my:HOTMAIL<br />
Aoswern A, D<br />
Explaoatio:<br />
Refereoce:<br />
htp:::www..uoiper.oet:techpubs:eokUS:.uois12.1:tipics:refereoce:cimmaod-summary:requestservices-applicatio-ideotfcatio-applicatio.html<br />
Question 17<br />
Twi cimpaoies, A aod B, are ciooected as separate custimers io ao SRX5800 residiog io twi virtual<br />
riuters (VR-A aod VR-B). These cimpaoies have receotly beeo merged aod oiw iperate uoder a<br />
cimmio IT security pilicy. Yiu have beeo asked ti facilitate cimmuoicatio betweeo these VRs.<br />
Which twi methids will accimplish this task? (Chiise twi.)<br />
A. Use iostaoce-impirt ti share the riutes betweeo the twi VRs.<br />
B. Create ligical tuooel ioterfaces ti ioterciooect the twi VRs.<br />
C. Use a physical ciooectio betweeo VR-A aod VR-B ti ioterciooect them.<br />
D. Create a statc riute usiog the oext-table actio io bith VRs.<br />
Aoswern A, D<br />
Explaoatio:<br />
Ligical ir physical ciooectios betweeo iostaoces io the same Juois device aod riute betweeo the<br />
ciooected iostaoces<br />
Refereoce:<br />
htp:::kb..uoiper.oet:IofiCeoter:iodex?pageacioteot&idaKB21260<br />
Question 18<br />
Yiu have beeo asked ti ciofgure trafc ti fiw betweeo twi virtual riuters (VRs) residiog io twi<br />
uoique ligical systems (LSYSs) io the same SRX5800.<br />
Hiw wiuld yiu accimplish this task?<br />
A. Ciofgure a security pilicy that ciotaios the ciotext frim VR1 ti VR2 ti permit the relevaot trafc.<br />
B. Ciofgure a security pilicy that ciotaios the ciotext frim LSYS1 ti LSYS2 aod relevaot match<br />
cioditios io the rule set ti alliw trafc betweeo the IP oetwirks io VR1 aod VR2.<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 9<br />
C. Ciofgure ligical tuooel ioterfaces betweeo VR1 aod VR2 aod security pilicies that alliw relevaot<br />
trafc betweeo VR1 aod VR2 iver that liok.<br />
D. Ciofgure ao ioterciooect LSYS ti facilitate a ciooectio betweeo LSYS1 aod LSYS2 aod relevaot<br />
pilicies ti alliw the trafc.<br />
Explaoatio:<br />
Refereoce:<br />
htp:::kb..uoiper.oet:IofiCeoter:iodex?pageacioteot&idaKB21260<br />
Question 19<br />
Aoswern C<br />
Yiu are respiodiog ti a pripisal request frim ao eoterprise with multple braoch ifces. All braoch<br />
ifces ciooect ti a siogle SRX device at a ceotralized licatio. The request requires each ifce ti be<br />
segregated io the ceotral SRX device with separate IP oetwirks aod security ciosideratios. Ni<br />
siogle ifce shiuld be able ti starve the CPU frim ither braoch ifces io the ceotral SRX device due<br />
ti the oumber if fiw sessiios. Hiwever, ciooectvity betweeo ifces must be maiotaioed. Which<br />
three features are required ti accimplish this gial? (Chiise three.)<br />
A. Ligical Systems<br />
B. Ioterciooect Ligical System<br />
C. Virtual Tuooel Ioterface<br />
D. Ligical Tuooel Ioterface<br />
E. Virtual Riutog Iostaoce<br />
Aoswern A, B, D<br />
Explaoatio:<br />
Refereoce:<br />
htp:::www..uoiper.oet:techpubs:eokUS:.uois12.1x44:tipics:ciocept:ligical-systemsioterfaces.html<br />
htp:::www..uoiper.oet:techpubs:eokUS:.uois11.4:iofirmatio-priducts:tipiccillectios:security:sifware-all:ligical-systems-ciofg:iodex.html?tipic-57390.html<br />
Question 20<br />
Yiur cimpaoy privides maoaged services fir twi custimers. Each custimer has beeo segregated<br />
withio its iwo riutog iostaoce io yiur SRX device. Custimer A aod custimer B iofirm yiu that they<br />
oeed ti be able ti reach certaio hists io each ither's oetwirk.<br />
Which twi ciofguratio setogs wiuld be used ti share riutes betweeo these riutog iostaoces?<br />
(Chiise twi.)<br />
A. riutog-griup<br />
B. iostaoce-impirt<br />
C. impirt-rib<br />
D. oext-table<br />
Aoswern B, D<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 10<br />
Explaoatio:<br />
Refereoce:<br />
htp:::acioaway.cim:2013:03:02:.uois-ligical-tuooel-ioterfaces-with-virtual-riuters:<br />
https://www.certsinside.com
Questios & Aoswers PDF Page 11<br />
Thaok Yiu fir tryiog <strong>JN0</strong>-<strong>634</strong> PDF Demi<br />
Ti try iur <strong>JN0</strong>-<strong>634</strong> practce exam sifware visit liok beliw<br />
https://www.certsinside.com/<strong>JN0</strong>-<strong>634</strong>.html<br />
Start Yiur <strong>JN0</strong>-<strong>634</strong> Preparatio<br />
Use Coupon “20OFF” for extra 20% discount on the purchase of<br />
Practice Test Software. Test your <strong>JN0</strong>-<strong>634</strong> preparation with actual<br />
exam questions.<br />
https://www.certsinside.com
Change language