EMT Practice Test

1. Question Content...


Question List

Question1: Which two sources are used by Juniper Identity Management Service (JIMS) for collecting username and device IP addresses? (Choose two.)

Question2: You are asked to find systems running applications that increase the risks on your network. You must ensure these systems are processed through IPS and Juniper ATP Cloud for malware and virus protection.
Which Juniper Networks solution will accomplish this task?

Question3: Which two statements are correct about a reth LAG? (Choose two.)

Question4: Your manager asks you to provide firewall and NAT services in a private cloud.
Which two solutions will fulfill the minimum requirements for this deployment? (Choose two.)

Question5: On which three Hypervisors is vSRX supported? (Choose three.)

Question6: Click the Exhibit button.

Referring to the exhibit, what will the SRX Series device do in this configuration?

Question7: When a security policy is modified, which statement is correct about the default behavior for active sessions allowed by that policy?

Question8: Which two statements are correct about the cSRX? (Choose two.)

Question9: How does the SSL proxy detect if encryption is being used?

Question10: Click the Exhibit button.

You have implemented SSL client protection proxy. Employees are receiving the error shown in the exhibit.
How do you solve this problem?

Question11: Which two statements are true about Juniper ATP Cloud? (Choose two.)

Question12: Exhibit

Which two statements are correct about the configuration shown in the exhibit? (Choose two.)

Question13: Which two functions does Juniper ATP Cloud perform to reduce delays in the inspection of files? (Choose two.)

Question14: Which two statements about SRX Series device chassis clusters are correct? (Choose two.)

Question15: You administer a JSA host and want to include a rule that sets a threshold for excessive firewall denies and sends an SNMP trap after receiving related syslog messages from an SRX Series firewall.
Which JSA rule type satisfies this requirement?

Question16: You want to be alerted if the wrong password is used more than three times on a single device within five minutes.
Which Juniper Networks solution will accomplish this task?

Question17: Which two statements are true about mixing traditional and unified security policies? (Choose two.)

Question18: Which two types of SSL proxy are available on SRX Series devices? (Choose two.)

Question19: Exhibit

When trying to set up a server protection SSL proxy, you receive the error shown. What are two reasons for this error? (Choose two.)

Question20: Which two statements about SRX Series device chassis clusters are true? (Choose two.)

Question21: Which two statements are correct about Juniper ATP Cloud? (Choose two.)

Question22: Exhibit

You are trying to create a security policy on your SRX Series device that permits HTTP traffic from your private 172 25.11.0/24 subnet to the Internet You create a policy named permit-http between the trust and untrust zones that permits HTTP traffic. When you issue a commit command to apply the configuration changes, the commit fails with the error shown in the exhibit.
Which two actions would correct the error? (Choose two.)

Question23: When a security policy is deleted, which statement is correct about the default behavior of active sessions allowed by that policy?

Question24: Click the Exhibit button.

You are asked to create a security policy that will automatically add infected hosts to the infected hosts feed and block further communication through the SRX Series device.
What needs to be added to this configuration to complete this task?

Question25: Exhibit

Referring to the exhibit, which two statements are true? (Choose two.)

Question26: After JSA receives external events and flows, which two steps occur? (Choose two.)

Question27: You are implementing an SRX Series device at a branch office that has low bandwidth and also uses a cloud-based VoIP solution with an outbound policy that permits all traffic.
Which service would you implement at your edge device to prioritize VoIP traffic in this scenario?

Question28: You are preparing a proposal for a new customer who has submitted the following requirements for a vSRX deployment:
-- globally distributed,
-- rapid provisioning,
-- scale based on demand,
-- and low CapEx.
Which solution satisfies these requirements?

Question29: Click the Exhibit button.

Which two statements describe the output shown in the exhibit? (Choose two.)

Question30: Which two statements about SRX chassis clustering are correct? (Choose two.)

Question31: You want to set up JSA to collect network traffic flows from network devices on your network.
Which two statements are correct when performing this task? (Choose two.)

Question32: You are experiencing excessive packet loss on one of your two WAN links route traffic from the degraded link to the working link Which AppSecure component would you use to accomplish this task?

Question33: You are asked to create an IPS-exempt rule base to eliminate false positives from happening.
Which two configuration parameters are available to exclude traffic from being examined? (Choose two.)

Question34: You want to manually failover the primary Routing Engine in an SRX Series high availability cluster pair.
Which step is necessary to accomplish this task?

Question35: You want to deploy a virtualized SRX in your environment.
In this scenario, why would you use a vSRX instead of a cSRX? (Choose two.)

Question36: Which statement about security policy schedulers is correct?

Question37: A client has attempted communication with a known command-and-control server and it has reached the configured threat level threshold.
Which feed will the clients IP address be automatically added to in this situation?

Question38: You are deploying a new SRX Series device and you need to log denied traffic.
In this scenario, which two policy parameters are required to accomplish this task? (Choose two.)

Question39: You are configuring logging for a security policy.
In this scenario, in which two situations would log entries be generated? (Choose two.)

Question40: You want to use IPS signatures to monitor traffic.
Which module in the AppSecure suite will help in this task?

Question41: Exhibit

You just finished setting up your command-and-control (C&C) category with Juniper ATP Cloud. You notice that all of the feeds have zero objects in them.
Which statement is correct in this scenario?

Question42: Which two features are configurable on Juniper Secure Analytics (JSA) to ensure that alerts are triggered when matching certain criteria? (Choose two.)

Question43: Your company is using the Juniper ATP Cloud free model. The current inspection profile is set at 10 MB You are asked to configure ATP Cloud so that executable files up to 30 MB can be scanned while at the same time minimizing the change in scan time for other file types.
Which configuration should you use in this scenario?