You are asked to deploy a security solution in your data center that ensures all traffic flows through the SRX Series devices.

Which firewall deployment method meets this requirement?

A. one-arm

B. two-arm

C. transparent

D. inline

You are asked to include anti-malware features into an existing network design. Traffic from the infected machines must be moved to a quarantined VLAN.

Which product will provide this segregation?

A. screens

B. Sky ATP

C. unified threat management

D. Software Defined Secure Network

What are two reasons for using cSRX over vSRX? (Choose two.)

A. cSRX loads faster

B. cSRX uses less memory

C. cSRX supports the BGP protocol

D. cSRX supports IPsec

Your customer needs help designing a single solution to protect their combination of various Junos network devices from unauthorized management access.

Which Junos OS feature will provide this protection?

A. Use a firewall filter applied to the fxp0 interface

B. Use a security policy with the destination of the junos-host zone

C. Use the management zone host-inbound-traffic feature

D. Use a firewall filter applied to the lo0 interface

You must design a small branch office firewall solution that provides application usage statistics.

In this scenario, which feature would accomplish this task?

A. AppFW

B. AppTrack

C. UTM

D. AppQoS

You are designing an SDSN security solution for a new campus network. The network will consist of Juniper Networks Policy Enforcer, Juniper Networks switches, third-party switches, and SRX Series devices. The switches and the SRX Series devices will be used as security enforcement points.

Which component supports the SRX Series devices in this scenario?

A. Security Director

B. RADIUS server

C. certificate server

D. DHCP server

You have a site that has two Internet connections but no switch on the outside of the firewall. You want to use ISP-A over ISP-B during normal operations.

Which type of chassis cluster design would you propose to satisfy this requirement?

A. Propose active/active cluster deployment with separate redundancy groups

B. Propose active/passive cluster deployment with separate redundancy groups

C. Propose active/active cluster deployment without separate redundancy groups

D. Propose active/passive cluster deployment without separate redundancy groups

Which statement about IPsec tunnels is true?

A. They are used to provide in-depth packet inspection for traffic leaving your network

B. They are used to prevent routing loops in a Layer 2 environment

C. They are used to secure and encrypt traffic between tunnel endpoints

D. They are used to combine multiple interfaces into a single bundle

You are asked to design a VPN solution between 25 branches of a company. The company wants to have the sites talk directly to each other in the event of a hub device failure. The solution should follow industry standards.

Which solution would you choose in this scenario?

A. AutoVPN

B. Auto Discovery VPN

C. Group VPN

D. full mesh VPN

You are using SRX Series devices to secure your network and you require sandboxing for malicious file detonation. However, per company policy, you cannot send potentially malicious files outside your network for sandboxing.

Which feature should you use in this situation?

A. Sky ATP

B. UTM antivirus

C. IPS

D. JATP