Which statements is correct about Junos security zones?
A. User-defined security must contain at least one interface.
B. Security policies are referenced within a user-defined security zone.
C. Logical interface are added to user defined security zones
D. User-defined security must contains the key word `'zone''
What should you configure if you want to translate private source IP address to a single public IP address?
A. Source NAT
B. Destination NAT
C. Content filtering
D. Security Director
You are configuring an IPsec VPN tunnel between two location on your network. Each packet must be
encrypted and authenticated.
Which protocol would satisfy these requirements?
A. MD5
B. ESP
C. AH
D. SHA
You have created a zones-based security policy that permits traffic to a specific webserver for the marketing team. Other groups in the company are not permitted to access the webserver. When marketing users attempt to access the server they are unable to do so. What are two reasons for this access failure? (Choose two.)
A. You failed to change the source zone to include any source zone.
B. You failed to position the policy after the policy that denies access to the webserver.
C. You failed to commit the policy change.
D. You failed to position the policy before the policy that denies access the webserver
Users on the network are restricted from accessing Facebook, however, a recent examination of the logs
show that users are accessing Facebook.
Referring to the exhibit,

Why is this problem happening?
A. Global rules are honored before zone-based rules.
B. The internet-Access rule has a higher precedence value
C. The internet-Access rule is listed first
D. Zone-based rules are honored before global rules
On an SRX Series device, how should you configure your IKE gateway if the remote endpoint is a branch office-using a dynamic IP address?
A. Configure the IPsec policy to use MDS authentication.
B. Configure the IKE policy to use aggressive mode.
C. Configure the IPsec policy to use aggressive mode.
D. Configure the IKE policy to use a static IP address
Which statements is correct about global security policies?
A. Global policies allow you to regulate traffic with addresses and applications, regardless of their security zones.
B. Traffic matching global is not added to the session table.
C. Global policies eliminate the need to assign interface to security zones.
D. Global security require you to identify a source and destination zone.
Which actions would be applied for the pre-ID default policy unified policies?
A. Redirect the session
B. Reject the session
C. Log the session
D. Silently drop the session
You have configured antispam to allow e-mail from example.com, however the logs you see that jcart@example.com is blocked Referring to the exhibit.

What are two ways to solve this problem?
A. Verify connectivity with the SBL server.
B. Add jcart@exmple.com to the profile antispam address whitelist.
C. Delete jcart@example.com from the profile antispam address blacklist
D. Delete jcart@example.com from the profile antispam address whitelist
Referring to the exhibit.

Which type of NAT is being performed?
A. Source NAT with PAT
B. Source NAT without PAT
C. Destination NAT without PAT
D. Destination NAT with PAT