Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

JN0-635 Questions and Answers

Note! Following JN0-635 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is JN0-636

JN0-635 Questions and Answers

Question # 6

You opened a support ticket with JTAC for your Juniper ATP appliance. JTAC asks you to set up access to the device

using the reverse SSH connection.Which three setting must be configured to satisfy this request? (Choose three.)

A.

Enable JTAC remote access

B.

Create a temporary root account.

C.

Enable a JATP support account.

D.

Create a temporary admin account.

E.

Enable remote support.

Full Access
Question # 7

You are connecting two remote sites to your corporate headquarters site; you must ensure that all traffic is secured and

only uses a single Phase 2 SA for both sites.

In this scenario, which VPN should be used?

A.

An IPsec group VPN with the corporate firewall acting as the hub device.

B.

Full mesh IPsec VPNs with tunnels between all sites.

C.

A hub-and-spoke IPsec VPN with the corporate firewall acting as the hub device.

D.

A full mesh Layer 3 VPN with the corporate firewall acting as the hub device.

Full Access
Question # 8

You have downloaded and initiated the installation of the application package for the JATP Appliance on an SRX1500. You must confirm that the installation of the application package has completed successfully.

In this scenario, which command would you use to accomplish this task?

A.

show services application-identification version

B.

show services application-identification application detail

C.

show services application-identification application version

D.

show services application-identification status

Full Access
Question # 9

Click the Exhibit button.

A user reports trouble when using SSH to a server outside your organization. The traffic traverses an SRX Series device that is performing NAT and applying security policies.

Referring to the exhibit, which configuration will allow you to see the bidirectional flow through the SRX Series device?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 10

Click the Exhibit button.

Your company has purchased a competitor and now must connect the new network to the existing one. The competitor’s gateway device is receiving its ISP address using DHCP. Communication between the two sites must be secured; however, obtaining a static public IP address for the new site gateway is not an option at this time. The company has several requirements for this solution:

  • A site-to-site IPsec VPN must be used to secure traffic between the two sites;
  • The IKE identity on the new site gateway device must use the hostname option; and
  • Internet traffic from each site should exit through its local Internet connection.

The configuration shown in the exhibit has been applied to the new site’s SRX, but the secure tunnel is not working.

In this scenario, what configuration change is needed for the tunnel to come up?

A.

Remove the quotes around the hostname

B.

Bind interface st0 to the gateway

C.

Change the IKE policy mode to aggressive

D.

Apply a static address to ge-0/0/2

Full Access
Question # 11

Which Junos security feature is used for signature-based attack prevention?

A.

RADIUS

B.

AppQoS

C.

IPS

D.

PIM

Full Access
Question # 12

Click the Exhibit button.

You are asked to look at a configuration that is designed to take all traffic with a specific source IP address and forward the traffic to a traffic analysis server for further evaluation. The configuration is not working as intended.

Referring to the exhibit, which change must be made to correct the configuration?

A.

Apply the filter as an input filter on interface xe-0/2/1.0

B.

Create a routing instance named default

C.

Apply the filter as an input filter on interface xe-0/0/1.0

D.

Apply the filter as an output filter on interface xe-0/1/0.0

Full Access
Question # 13

Your SRX Series device does not see the SYN packet.

What is the default action in this scenario?

A.

The device will forward the subsequent packets and the session will be established

B.

The device will forward the subsequent packets and the session will not be established

C.

The device will drop the subsequent packets and the session will not be established

D.

The device will drop the subsequent packets and the session will be established

Full Access