1. Home
  2. Juniper
  3. JN0-636

Juniper JN0-636 Online Practice Questions and Exam Preparation

JN0-636 Exam Details

  • Exam Code
    :JN0-636
  • Exam Name
    :Service Provider Routing and Switching Professional (JNCIP-SP)
  • Certification
    :Juniper Certifications
  • Vendor
    :Juniper
  • Total Questions
    :92 Q&As
  • Last Updated
    :May 29, 2026

Juniper JN0-636 Online Questions & Answers

  • Question 71:

    Exhibit

    You are using traceoptions to verify NAT session information on your SRX Series device. Referring to the exhibit, which two statements are correct? (Choose two.)

    A. This is the last packet in the session.
    B. The SRX Series device is performing both source and destination NAT on this session.
    C. This is the first packet in the session.
    D. The SRX Series device is performing only source NAT on this session.

  • Question 72:

    You are connecting two remote sites to your corporate headquarters site. You must ensure that all traffic is secured and sent directly between sites In this scenario, which VPN should be used?

    A. IPsec ADVPN
    B. hub-and-spoke IPsec VPN
    C. Layer 2 VPN
    D. full mesh Layer 3 VPN with EBGP

  • Question 73:

    Exhibit.

    Referring to the exhibit, which two statements are true? (Choose two.)

    A. Juniper Networks will not investigate false positives generated by this custom feed.
    B. The custom infected hosts feed will not overwrite the Sky ATP infected host's feed.
    C. The custom infected hosts feed will overwrite the Sky ATP infected host's feed.
    D. Juniper Networks will investigate false positives generated by this custom feed.

  • Question 74:

    You have noticed a high number of TCP-based attacks directed toward your primary edge device. You are asked to configure the IDP feature on your SRX Series device to block this attack. Which two IDP attack objects would you configure to solve this problem? (Choose two.)

    A. Network
    B. Signature
    C. Protocol anomaly
    D. host

  • Question 75:

    Exhibit

    Referring to the exhibit, which two statements are true? (Choose two.)

    A. The 3uspicious_Endpoint3 feed is only usable by the SRX-1 device.
    B. You must manually create the suspicious_Endpoint3 feed in the Juniper ATP Cloud interface.
    C. The 3uspiciou3_Endpoint3 feed is usable by any SRX Series device that is a part of the same realm as SRX-1
    D. Juniper ATP Cloud automatically creates the 3uopi'cioua_Endpoints feed after you commit the security policy.

  • Question 76:

    In Juniper ATP Cloud, what are two different actions available in a threat prevention policy to deal with an infected host? (Choose two.)

    A. Send a custom message
    B. Close the connection.
    C. Drop the connection silently.
    D. Quarantine the host.

  • Question 77:

    Exhibit

    You are asked to establish an IBGP peering between the SRX Series device and the router, but the session is not being established. In the security flow trace on the SRX device, packet drops are observed as shown in the exhibit. What is the correct action to solve the problem on the SRX device?

    A. Create a firewall filter to accept the BGP traffic
    B. Configure destination NAT for BGP traffic.
    C. Add BGP to the Allowed host-inbound-traffic for the interface
    D. Modify the security policy to allow the BGP traffic.

  • Question 78:

    Exhibit

    Referring to the exhibit, a spoke member of an ADVPN is not functioning correctly. Which two commands will solve this problem? (Choose two.)

    A. Option A
    B. Option B
    C. Option C
    D. Option D

  • Question 79:

    You are connecting two remote sites to your corporate headquarters site; you must ensure that all traffic is secured and only uses a single Phase 2 SA for both sites.

    In this scenario, which VPN should be used?

    A. An IPsec group VPN with the corporate firewall acting as the hub device.
    B. Full mesh IPsec VPNs with tunnels between all sites.
    C. A hub-and-spoke IPsec VPN with the corporate firewall acting as the hub device.
    D. A full mesh Layer 3 VPN with the corporate firewall acting as the hub device.

  • Question 80:

    You have a webserver and a DNS server residing in the same internal DMZ subnet. The public Static NAT addresses for the servers are in the same subnet as the SRX Series devices internet-facing interface.

    You implement DNS doctoring to ensure remote users can access the webserver.

    Which two statements are true in this scenario? (Choose two.)

    A. The DNS doctoring ALG is not enabled by default.
    B. The Proxy ARP feature must be configured.
    C. The DNS doctoring ALG is enabled by default.
    D. The DNS CNAME record is translated.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-636 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.