You are designing a data center security architecture. The design requires automated scaling of security services according to real-time traffic flows.
Which two design components will accomplish this task? (Choose two.)
A. telemetry with an SDN controller
B. JFlow traffic monitoring with event scripts
C. VNF security devices deployed on x86 servers
D. VRF segmentation on high-capacity physical security appliances
Which solution centralizes the management of security devices in your data center?
A. Juniper Networks Secure Analytics
B. J-Web
C. Junos Space Security Director
D. Junos CLI
You are asked to install a mechanism to protect an ISP network from denial-of-service attacks from a small number of sources.
Which mechanism will satisfy this requirement?
A. RTBH
B. UTM
C. Sky ATP
D. GeoIP
You have multiple SRX chassis clusters on a single broadcast domain. Why must you assign different cluster IDs in this scenario?
A. to avoid MAC address conflicts
B. to avoid control link conflicts
C. to avoid node numbering conflicts
D. to avoid redundancy group conflicts
Your customer needs help designing a single solution to protect their combination of various Junos network devices from unauthorized management access.
Which Junos OS feature will provide this protection?
A. Use a firewall filter applied to the fxp0 interface
B. Use a security policy with the destination of the junos-host zone
C. Use the management zone host-inbound-traffic feature
D. Use a firewall filter applied to the lo0 interface
You are designing a solution to protect a service provider network against volumetric denial-of-service attacks. Your main concern is to protect the network devices. Which two solutions accomplish this task? (Choose two.)
A. next-generation firewall
B. screens
C. intrusion prevention system
D. BGP FlowSpec
What are two benefits of the vSRX in a virtualized private or public cloud multitenant environment? (Choose two.)
A. full logical systems capabilities
B. stateful firewall protection at the tenant edge
C. 100GbE interface support
D. OSPFv3 capabilities
Click the Exhibit button.

Which type of security solution is shown in this exhibit?
A. service chain model
B. centralized model
C. inline security model
D. de-centralized model
Your company has 500 branch sites and the CIO is concerned about minimizing the potential impact of a VPN router being stolen from an enterprise branch site. You want the ability to quickly disable a stolen VPN router while minimizing administrative overhead.
Which solution accomplishes this task?
A. Implement a certificate-based VPN using a public key infrastructure (PKI)
B. Modify your IKE proposals to use Diffie-Hellman group 14 or higher
C. Use firewall filters to block traffic from the stolen VPN router
D. Rotate VPN pre-shared keys every month
Which solution provides a certificate based on user identity for network access?
A. network access control
B. user firewall
C. IP filtering
D. MAC filtering