Which feature is used when you want to permit traffic on an SRX Series device only at specific times?
Correct Answer: D
Question 27
Which two statements are true about Juniper ATP Cloud? (Choose two.)
Correct Answer: C,D
Dynamic analysis is not always necessary to determine if a file contains malware, as the ATP Cloud uses a cache lookup to quickly identify known malicious files. If the cache lookup determines that a file contains malware, static analysis is not performed to verify the results. This information can be found on the Juniper website here: https://www.juniper.net/documentation/en_US/release-independent/security/jnpr-security-srx-series/information-products/topic-collection/jnpr-security-srx-resources.html#id-jnpr-security-srx-resources-atp-cloud.
Question 28
How does the SSL proxy detect if encryption is being used?
Correct Answer: D
The SSL proxy can detect if encryption is being used by looking at the destination port number of the packet. If the port number is 443, then the proxy can assume that the packet is being sent over an encrypted connection. If the port number is different, then the proxy can assume that the packet is not encrypted. For more information, please refer to the Juniper Networks JNCIS-SEC Study Guide. Reference: The SSL proxy is a security feature that provides visibility and control over SSL/TLS encrypted traffic. When SSL proxy is enabled, it intercepts SSL/TLS traffic and decrypts it to allow visibility into the content of the encrypted traffic. However, before decrypting the traffic, the SSL proxy must first determine if the traffic is encrypted. To detect if encryption is being used, the SSL proxy looks at the destination port number. If the destination port number is a known SSL/TLS port (e.g., TCP port 443), the SSL proxy assumes that encryption is being used and intercepts the traffic. If the destination port is not a known SSL/TLS port, the SSL proxy does not intercept the traffic and allows it to pass through the device unmodified.
Question 29
Exhibit When trying to set up a server protection SSL proxy, you receive the error shown. What are two reasons for this error? (Choose two.)
Correct Answer: A,D
Two possible reasons for this error are that the SSL proxy certificate ID does not exist, or the SSL proxy certificate ID is part of a blocklist. If the SSL proxy certificate ID does not exist, you will need to generate a new certificate. If the SSL proxy certificate ID is part of a blocklist, you will need to contact the source of the blocklist to remove it. Additionally, you may need to check that the SSL proxy certificate ID has the correct renegotiation option set, as this is necessary for proper server protection. For more information, you can refer to the Juniper Security documentation at https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/security-ssl-proxy-configuration.html.
Question 30
Which two statements are true about the vSRX? (Choose two.)
Correct Answer: B,D
Reference: The vSRX is a virtual security appliance that runs on a virtual machine. It provides firewall, VPN, and other security services in a virtualized environment. The vSRX is based on a version of Junos OS that is optimized for virtualization. It runs on a Linux kernel and uses a KVM hypervisor. It supports VMware ESXi and KVM hypervisors. The vSRX has support for VMXNET3 vNICs, which are high-performance virtual network interfaces provided by VMware. These interfaces can provide higher throughput and lower CPU utilization than other virtual NIC types.
