1. Home
  2. Juniper
  3. JN0-636

Service Provider Routing and Switching Professional (JNCIP-SP)

Exam Details

  • Exam Code
    :JN0-636
  • Exam Name
    :Service Provider Routing and Switching Professional (JNCIP-SP)
  • Certification
    :JNCIP-SEC
  • Vendor
    :Juniper
  • Total Questions
    :92 Q&As
  • Last Updated
    :Apr 20, 2024

Juniper JNCIP-SEC JN0-636 Questions & Answers

  • Question 1:

    Which two additional configuration actions are necessary for the third-party feed shown in the exhibit to work properly? (Choose two.)

    A. You must create a dynamic address entry with the IP filter category and the ipfilter_office365 value.

    B. You must create a dynamic address entry with the CandC category and the cc_offic365 value.

    C. You must apply the dynamic address entry in a security policy.

    D. You must apply the dynamic address entry in a security intelligence policy.

  • Question 2:

    Which two log format types are supported by the JATP appliance? (Choose two.)

    A. YAML

    B. XML

    C. CSV

    D. YANG

  • Question 3:

    You want to identify potential threats within SSL-encrypted sessions without requiring SSL proxy to decrypt the session contents. Which security feature achieves this objective?

    A. infected host feeds

    B. encrypted traffic insights

    C. DNS security

    D. Secure Web Proxy

  • Question 4:

    Your company uses non-Juniper firewalls and you are asked to provide a Juniper solution for zero-day malware protection. Which solution would work in this scenario?

    A. Juniper ATP Cloud

    B. Juniper Secure Analytics

    C. Juniper ATP Appliance

    D. Juniper Security Director

  • Question 5:

    You want to use selective stateless packet-based forwarding based on the source address.

    In this scenario, which command will allow traffic to bypass the SRX Series device flow daemon?

    A. set firewall family inet filter bypaa3_flowd term t1 then skip--services accept

    B. set firewall family inet filter bypass_flowd term t1 then routing-instance stateless

    C. set firewall family inet filter bypas3_flowd term t1 then virtual-channel stateless

    D. set firewall family inet filter bypass__f lowd term t1 then packet--mode

  • Question 6:

    You are configuring transparent mode on an SRX Series device. You must permit IP-based traffic only, and BPDUs must be restricted to the VLANs from which they originate.

    Which configuration accomplishes these objectives?

    A. Option A

    B. Option B

    C. Option C

    D. Option D

  • Question 7:

    You are asked to deploy filter-based forwarding on your SRX Series device for incoming traffic sourced from the 10.10 100 0/24 network in this scenario, which three statements are correct? (Choose three.)

    A. You must create a forwarding-type routing instance.

    B. You must create and apply a firewall filter that matches on the source address 10.10.100.0/24 and then sends this traffic to your routing

    C. You must create and apply a firewall filter that matches on the destination address 10 10.100.0/24 and then sends this traffic to your routing instance.

    D. You must create a RIB group that adds interface routes to your routing instance.

    E. You must create a VRF-type routing instance.

  • Question 8:

    You are requested to enroll an SRX Series device with Juniper ATP Cloud.

    Which statement is correct in this scenario?

    A. If a device is already enrolled in a realm and you enroll it in a new realm, the device data or configuration information is propagated to the new realm.

    B. The only way to enroll an SRX Series device is to interact with the Juniper ATP Cloud Web portal.

    C. When the license expires, the SRX Series device is disenrolled from Juniper ATP Cloud without a grace period

    D. Juniper ATP Cloud uses a Junos OS op script to help you configure your SRX Series device to connect to the Juniper ATP Cloud service.

  • Question 9:

    Exhibit Referring to the exhibit, which three statements are true? (Choose three.)

    A. The packet's destination is to an interface on the SRX Series device.

    B. The packet's destination is to a server in the DMZ zone.

    C. The packet originated within the Trust zone.

    D. The packet is dropped before making an SSH connection.

    E. The packet is allowed to make an SSH connection.

  • Question 10:

    Your company wants to use the Juniper Seclntel feeds to block access to known command and control servers, but they do not want to use Security Director to manage the feeds. Which two Juniper devices work in this situation? (Choose two)

    A. EX Series devices

    B. MX Series devices

    C. SRX Series devices

    D. QFX Series devices

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-636 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.