You are required to deploy a security policy on an SRX Series device that blocks all known Tor network IP addresses. Which two steps will fulfill this requirement? (Choose two.)
A. Enroll the devices with Juniper ATP Appliance.
B. Enroll the devices with Juniper ATP Cloud.
C. Enable a third-party Tor feed.
D. Create a custom feed containing all current known MAC addresses.
Exhibit

You are asked to establish an IBGP peering between the SRX Series device and the router, but the session is not being established. In the security flow trace on the SRX device, packet drops are observed as shown in the exhibit. What is the correct action to solve the problem on the SRX device?
A. Create a firewall filter to accept the BGP traffic
B. Configure destination NAT for BGP traffic.
C. Add BGP to the Allowed host-inbound-traffic for the interface
D. Modify the security policy to allow the BGP traffic.
Click the Exhibit button.

When attempting to enroll an SRX Series device to JATP, you receive the error shown in the exhibit. What is the cause of the error?
A. The fxp0 IP address is not routable
B. The SRX Series device certificate does not match the JATP certificate
C. The SRX Series device does not have an IP address assigned to the interface that accesses JATP
D. A firewall is blocking HTTPS on fxp0
You are asked to detect domain generation algorithms
Which two steps will accomplish this goal on an SRX Series firewall? (Choose two.)
A. Define an advanced-anti-malware policy under [edit services].
B. Attach the security-metadata-streaming policy to a security
C. Define a security-metadata-streaming policy under [edit
D. Attach the advanced-anti-malware policy to a security policy.
You want to enforce I DP policies on HTTP traffic.
In this scenario, which two actions must be performed on your SRX Series device? (Choose two )
A. Choose an attacks type in the predefined-attacks-group HTTP-All.
B. Disable screen options on the Untrust zone.
C. Specify an action of None.
D. Match on application junos-http.
Exhibit.

A hub member of an ADVPN is not functioning correctly.
Referring the exhibit, which action should you take to solve the problem?
A. [edit interfaces] root@vSRX-1# delete st0.0 multipoint
B. [edit interfaces] user@hub-1# delete ipsec vpn advpn-vpn traffic-selector
C. [edit security] user@hub-1# set ike gateway advpn-gateway advpn suggester disable
D. [edit security] user@hub-1# delete ike gateway advpn-gateway advpn partner
Which two modes are supported on Juniper ATP Cloud? (Choose two.)
A. global mode
B. transparent mode
C. private mode
D. Layer 3 mode
Exhibit

Which two statements are correct about the output shown in the exhibit? (Choose two.)
A. The packet is silently discarded.
B. The packet is part of an existing session.
C. The packet is part of a new session.
D. The packet is explicitly rejected.
Exhibit

Referring to the exhibit, a spoke member of an ADVPN is not functioning correctly. Which two commands will solve this problem? (Choose two.)

A. Option A
B. Option B
C. Option C
D. Option D
Click the Exhibit button.

Referring to the exhibit, which three topologies are supported by Policy Enforcer? (Choose three.)
A. Topology 3
B. Topology 5
C. Topology 2
D. Topology 4
E. Topology 1