Click the Exhibit button.

Referring to the exhibit, which three actions do you need to take to isolate the hosts at the switch port level if they become infected with malware? (Choose three.)

1. A. Enroll the SRX Series device with Juniper ATP Cloud.
2. B. Use a third-party connector.
3. C. Deploy Security Director with Policy Enforcer.
4. D. Configure AppTrack on the SRX Series device.
5. E. Deploy Juniper Secure Analytics.

Correct Answer: ABC
✑ A. Enroll the SRX Series device with Juniper ATP Cloud. This is essential for the SRX to receive threat intelligence from ATP Cloud, enabling it to identify infected hosts and take action.
✑ B. Use a third-party connector. In this specific scenario, a third-party connector is required to integrate the SRX with the third-party switch. While Juniper has native integration for its EX switches, a connector is necessary to communicate with and manage the third-party switch.
✑ C. Deploy Security Director with Policy Enforcer. Security Director orchestrates the automated response, and Policy Enforcer translates the policies into device- specific commands for the SRX and the third-party switch (via the connector).
==========

You want to deploy two vSRX instances in different public cloud providers to provide redundant security services for your network. Layer 2 connectivity between the two vSRX instances is not possible.
What would you configure on the vSRX instances to accomplish this task?

1. A. Chassis cluster
2. B. Secure wire
3. C. Multinode HA
4. D. Virtual chassis

Correct Answer: C

Which two statements about transparent mode and Ethernet switching mode on an SRX series
device are correct.

1. A. In Ethernet switching mode, Layer 2 interfaces must be placed in a security zone.
2. B. In Ethernet switching mode, IRB interfaces must be placed in a security zone.
3. C. In transparent mode, Layer 2 interfaces must be placed in a security zone.
4. D. In transparent mode, IRB interfaces must be placed in a security zone.

Correct Answer: BC

You are asked to establish IBGP between two nodes, but the session is not established. To troubleshoot this problem, you configured trace options to monitor BGP protocol message exchanges.


Referring to the exhibit, which action would solve the problem?

1. A. Add the junos-host zone policy to permit the BGP packets.
2. B. Add a firewall filter to lo0 that permits the BGP packets.
3. C. Modify the security policy to permit the BGP packets.
4. D. Add BGP to the lo0 host-inbound-traffic configuration.

Correct Answer: D

You have deployed two SRX Series devices in an active/passive multimode HA scenario. In this scenario, which two statements are correct? (Choose two.)

1. A. Services redundancy group 1 (SRG1) is used for services that do not have a control plane state.
2. B. Services redundancy group 0 (SRG0) is used for services that have a control plane state.
3. C. Services redundancy group 0 (SRG0) is used for services that do not have a control plane state.
4. D. Services redundancy group 1 (SRG1) is used for services that have a control plane state.

Correct Answer: CD