Exam Details

  • Exam Code
    :JN0-636
  • Exam Name
    :Service Provider Routing and Switching Professional (JNCIP-SP)
  • Certification
    :JNCIP-SEC
  • Vendor
    :Juniper
  • Total Questions
    :92 Q&As
  • Last Updated
    :Oct 25, 2024

Juniper JNCIP-SEC JN0-636 Questions & Answers

  • Question 71:

    Exhibit You have recently configured Adaptive Threat Profiling and notice 20 IP address entries in the monitoring section of the Juniper ATP Cloud portal that do not match the number of entries locally on the SRX Series device, as shown in the exhibit.

    What is the correct action to solve this problem on the SRX device?

    A. You must configure the DAE in a security policy on the SRX device.

    B. Refresh the feed in ATP Cloud.

    C. Force a manual download of the Proxy__Nodes feed.

    D. Flush the DNS cache on the SRX device.

  • Question 72:

    Exhibit

    You are using traceoptions to verify NAT session information on your SRX Series device. Referring to the exhibit, which two statements are correct? (Choose two.)

    A. This is the last packet in the session.

    B. The SRX Series device is performing both source and destination NAT on this session.

    C. This is the first packet in the session.

    D. The SRX Series device is performing only source NAT on this session.

  • Question 73:

    Which two types of source NAT translations are supported in this scenario? (Choose two.)

    A. translation of IPv4 hosts to IPv6 hosts with or without port address translation

    B. translation of one IPv4 subnet to one IPv6 subnet with port address translation

    C. translation of one IPv6 subnet to another IPv6 subnet without port address translation

    D. translation of one IPv6 subnet to another IPv6 subnet with port address translation

  • Question 74:

    All interfaces involved in transparent mode are configured with which protocol family?

    A. mpls

    B. bridge

    C. inet

    D. ethernet -- switching

  • Question 75:

    Your IPsec VPN configuration uses two CoS forwarding classes to separate voice and data traffic. How many IKE security associations are required between the IPsec peers in this scenario?

    B. 3

    C. 4

    D. 2

  • Question 76:

    You want to enroll an SRX Series device with Juniper ATP Appliance. There is a firewall device in the path between the devices. In this scenario, which port should be opened in the firewall device?

    A. 8080

    B. 443

    C. 80

    D. 22

  • Question 77:

    Exhibit You have configured the SRX Series device to switch packets for multiple directly connected hosts that are within the same broadcast domain However, the traffic between two hosts in the same broadcast domain are not matching any security policies

    Referring to the exhibit, what should you do to solve this problem?

    A. You must change the global mode to security switching mode.

    B. You must change the global mode to security bridging mode

    C. You must change the global mode to transparent bridge mode.

    D. You must change the global mode to switching mode.

  • Question 78:

    While troubleshooting security policies, you added the count action. Where do you see the result of this action?

    A. In the show security policies hit-count command output.

    B. In the show security flow statistics command output.

    C. In the show security policies detail command output.

    D. In the show firewall log command output.

  • Question 79:

    Exhibit

    Referring to the exhibit, which statement is true?

    A. This custom block list feed will be used before the Juniper Seclntel

    B. This custom block list feed cannot be saved if the Juniper Seclntel block list feed is configured.

    C. This custom block list feed will be used instead of the Juniper Seclntel block list feed

    D. This custom block list feed will be used after the Juniper Seclntel block list feed.

  • Question 80:

    The monitor traffic interface command is being used to capture the packets destined to and the from the SRX Series device. In this scenario, which two statements related to the feature are true? (Choose two.)

    A. This feature does not capture transit traffic.

    B. This feature captures ICMP traffic to and from the SRX Series device.

    C. This feature is supported on high-end SRX Series devices only.

    D. This feature is supported on both branch and high-end SRX Series devices.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-636 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.