EMT Practice Test

1. Question Content...


Question List

Question1: You must implement an IPsec VPN on an SRX Series device using PKI certificates for authentication.
As part of the implementation, you are required to ensure that the certificate submission, renewal, and retrieval processes are handled automatically from the certificate authority.
In this scenario, which statement is correct.

Question2: you are connecting two remote sites to your corporate headquarters site. You must ensure that traffic passes corporate headquarter.

Question3: Exhibit

You are validating bidirectional traffic flows through your IPsec tunnel. The 4546 session represents traffic being sourced from the remote end of the IPsec tunnel. The 4547 session represents traffic that is sourced from the local network destined to the remote network.
Which statement is correct regarding the output shown in the exhibit?

Question4: You are asked to control access to network resources based on the identity of an authenticated device.
Which three steps will accomplish this goal on the SRX Series firewalls? (Choose three)

Question5: You are asked to look at a configuration that is designed to take all traffic with a specific source ip address and forward the traffic to a traffic analysis server for further evaluation. The configuration is no longer working as intended.
Referring to the exhibit which change must be made to correct the configuration?

Question6: You issue the command shown in the exhibit.
Which policy will be active for the identified traffic?

Question7: You want to enforce I DP policies on HTTP traffic.
In this scenario, which two actions must be performed on your SRX Series device? (Choose two)

Question8: Exhibit

Referring to the exhibit, which two statements are true about the CAK status for the CAK named
"FFFP"? (Choose two.)

Question9: You have the NAT rule, shown in the exhibit, applied to allow communication across an IPsec tunnel between your two sites with identical networks.
Which statement is correct in this scenario?

Question10: Exhibit

You are using ATP Cloud and notice that there is a host with a high number of ETI and C&C hits sourced from the same investigation and notice that some of the events have not been automatically mitigated.
Referring to the exhibit, what is a reason for this behavior?

Question11: You are asked to provide single sign-on (SSO) to Juniper ATP Cloud.
Which two steps accomplish this goal? (Choose two.)

Question12: You are asked to download and install the IPS signature database to a device operating in chassis cluster mode.
Which statement is correct in this scenario?

Question13: Exhibit

You are implementing filter-based forwarding to send traffic from the 172.25.0.0/24 network through ISP-
1 while sending all other traffic through your connection to ISP-2. Your ge-0/0/1 interface connects to two networks, including the 172.25.0.0/24 network. You have implemented the configuration shown in the exhibit. The traffic from the 172.25.0.0/24 network is being forwarded as expected to 172.20.0.2, however traffic from the other network (172.25.1.0/24) is not being forwarded to the upstream 172.21.0.2 neighbor.
In this scenario, which action will solve this problem?

Question14: You want to configure a threat prevention policy.
Which three profiles are configurable in this scenario? (Choose three.)

Question15: Exhibit

You areasked to establish an IBGP peering between the SRX Series device and the router, but the session is not being established. In the security flow trace on the SRX device, packet drops are observed as shown in the exhibit.
What is the correct action to solve the problem on the SRX device?

Question16: Exhibit

You configure Source NAT using a pool of addresses that are in the same subnet range as the external ge-0/0/0 interface on your vSRX device. Traffic that is exiting the internal network can reach external destinations, but the return traffic is being dropped by the service provider router.
Referring to the exhibit, what must be enabled on the vSRX device to solve this problem?

Question17: A company wants to paron their physical SRX series firewall into multiple logical units and assign each unit (tenant) to a department within the organization. You are the primary administrator of firewall and a colleague is the administrator for one of the departments.
Which two statements are correct about your colleague? (Choose two)

Question18: Exhibit

Which statement is true about the output shown in the exhibit?

Question19: Exhibit

You have recently configured Adaptive Threat Profiling and notice 20 IP address entries in the monitoring section of the Juniper ATP Cloud portal that do not match the number of entries locally on the SRX Series device, as shown in the exhibit.
What is the correct action to solve this problem on the SRX device?

Question20: You want to enable inter-tenant communicaon with tenant system.
In this Scenario, which two solutions will accomplish this task?

Question21: Your company wants to use the Juniper Seclntel feeds to block access to known command and control servers, but they do not want to use Security Director to manage the feeds.
Which two Juniper devices work in this situation? (Choose two)

Question22: You are not able to activate the SSH honeypot on the all-in-one Juniper ATP appliance.
What would be a cause of this problem?

Question23: you configured a security policy permitting traffic from the trust zone to the untrust zone but your traffic not hitting the policy.
In this scenario, which cli command allows you to troubleshoot traffic problem using the match criteria?

Question24: Exhibit:

The security trace options configuration shown in the exhibit is committed to your SRX series firewall.
Which two statements are correct in this Scenario? (Choose Two)

Question25: Exhibit

The exhibit shows a snippet of a security flow trace.
In this scenario, which two statements are correct? (Choose two.)

Question26: You have a webserver and a DNS server residing in the same internal DMZ subnet. The public Static NAT addresses for the servers are in the same subnet as the SRX Series devices internet-facing interface. You implement DNS doctoring to ensure remote users can access the webserver.
Which two statements are true in this scenario? (Choose two.)

Question27: Exhibit:

Referring to the exhibit, your company's infrastructure team implemented new printers. To make sure that the policy enforcer pushes the updated Ip address list to the SRX.
Which three actions are required to complete the requirement? (Choose three)

Question28: You have noticed a high number of TCP-based attacks directed toward your primary edge device.
You are asked to configure the IDP feature on your SRX Series device to block this attack.
Which two IDP attack objects would you configure to solve this problem? (Choose two.)

Question29: Exhibit

Which two statements are correct about the output shown in the exhibit? (Choose two.)

Question30: You are asked to allocate security profile resources to the interconnect logical system for it to work properly.
In this scenario, which statement is correct?

Question31: Exhibit.

A hub member of an ADVPN is not functioning correctly.
Referring the exhibit, which action should you take to solve the problem?

Question32: Which three type of peer devices are supported for Cos-Based IPsec VPN?

Question33: Which method does an SRX Series device in transparent mode use to learn about unknown devices in a network?

Question34: Exhibit

The highlighted incident (arrow) shown in the exhibit shows a progression level of "Download" in the kill chain.
What are two appropriate mitigation actions for the selected incident? (Choose two.)

Question35: Exhibit.

Referring to the exhibit, which two statements are true? (Choose two.)

Question36: Exhibit

The show network-access aaa radius-servers command has been issued to solve authentication issues.
Referring to the exhibit, to which two authentication servers will the SRX Series device continue to send requests? (Choose TWO)

Question37: What is the purpose of the Switch Microservice of Policy Enforcer?

Question38: While troubleshooting security policies, you added the count action.
Where do you see the result of this action?

Question39: Which two features would be used for DNS doctoring on an SRX Series firewall? (Choose two.)

Question40: You must setup a Ddos solution for your ISP. The solution must be agile and not block legitimate traffic.
Which two products will accomplish this task? (Choose two.)

Question41: Exhibit

Your company recently acquired a competitor. You want to use using the same IPv4 address space as your company.
Referring to the exhibit, which two actions solve this problem? (Choose two)

Question42: Your IPsec VPN configuration uses two CoS forwarding classes to separate voice and data traffic.
How many IKE security associations are required between the IPsec peers in this scenario?

Question43: You want traffic to avoid the flow daemon for administrative task.
In this scenario which two stateless service are available with selective stateless packet based service. (Choose Two)

Question44: You want to enroll an SRX Series device with Juniper ATP Appliance. There is a firewall device in the path between the devices.
In this scenario, which port should be opened in the firewall device?

Question45: Exhibit:


You are troubleshooting a firewall filter shown in the exhibit that is intended to log all traffic and block only inbound telnet traffic on interface ge-0/0/3.
How should you modify the configuration to fulfill the requirements?

Question46: Which two log format types are supported by the JATP appliance? (Choose two.)

Question47: All interfaces involved in transparent mode are configured with which protocol family?

Question48: Your organization has multiple Active Directory domain to control user access. You must ensure that security polices are passing traffic based upon the user's access rights.
What would you use to assist your SRX series devices to accomplish this task?

Question49: Your Source NAT implementation uses an address pool that contains multiple IPv4 addresses Your users report that when they establish more than one session with an external application, they are prompted to authenticate multiple times External hosts must not be able to establish sessions with internal network hosts What will solve this problem?

Question50: You want to identify potential threats within SSL-encrypted sessions without requiring SSL proxy to decrypt the session contents.
Which security feature achieves this objective?

Question51: Exhibit

You are trying to configure an IPsec tunnel between SRX Series devices in the corporate office and branch1. You have committed the configuration shown in the exhibit, but the IPsec tunnel is not establishing.
In this scenario, what would solve this problem.

Question52: Exhibit

Referring to the exhibit, an internal host is sending traffic to an Internet host using the 203.0.113.1 reflexive address with source port 54311.
Which statement is correct in this situation?

Question53: Exhibit.

Referring to the exhibit, which two statements are true? (Choose two.)

Question54: You are required to secure a network against malware. You must ensure that in the event that a compromised host is identified within the network.
In this scenario after a threat has been identified, which two components are responsible for enforcing MAC-level infected host?

Question55: Refer to the exhibit,

which two potential violations will generate alarm ? (Choose Two)

Question56: According to the log shown in the exhibit, you notice the IPsec session is not establishing.
What is the reason for this behavior?

Question57: Exhibit

Referring to the exhibit, which two statements are true? (Choose two.)