Which two statements are true?
You are asked to set up a multi-tenant configuration on your SRX Series device. Several remote branch locations are connected to the device. You will connect each remote site to a separate logical interface. You want to implement segmentation between the branch locations using security zones and routing-instances.
Which two statements are true? (Choose two.)
Which VPN technique can you use on your remote office SRX device?
Your company is bringing a remote office online and is using an IPSec VPN lo establishes secure communication between the offices. The remote SRX Series device is receiving its IP address dynamically from the service provider.
Which VPN technique can you use on your remote office SRX device?
which all device certificates will be derived. You have been asked to automate certification enrollment, re-en
Your company plans to increase the security level for VPNs in its network by using certificates instead of preshared keys The company wants to introduce its own centrally administered certificate authority from which all device certificates will be derived. You have been asked to automate certification enrollment, re-enrollment, and revocation.
How can you implement this?
How do you enforce this set of criteria on the SRX Series device?
You want to source NAT all traffic initiated from Host A behind an SRX Series device to Server B. The internal transport address must be mapped to the same external transport address. Also, the external Server B must not communicate with the internal Host A using the NAT IP address/port unless the internal Host A has already communicated with the external Server B.
How do you enforce this set of criteria on the SRX Series device?
Which action will help identify the problem?
You have correctly implemented a SIP Application Layer Gateway (ALG) on your company’s SRX Series device to support SIP traffic on the network. However, after committing the configuration, users report that they are having problems making calls. Other traffic is property flowing through the device, and calls that do not pass through the SRX Series device have no issues.
Which action will help identify the problem?
where should you place it?
You are working at a service provider that offers only residential access to DSL subscribers. Your company has decided to make customer traffic subject to further inspection.
When you install a new IPS machine in the network, where should you place it?
What is causing the interchassis communication issues?
Two High End SRX Series devices are configured in a chassis cluster, but interchassis communication is problematic and intermittent. Node 0 has SPCs located in slots 1, 2, 5, and 10 and has IOCs located in slots 3 and A. Node 1 has SPCs located in slots 13.14,18, and 22 and has IOCs located in slots 15 and 16.
What is causing the interchassis communication issues?
Which two scans should you be concerned about?
You want to limit attacks on TCP ports.
Which two scans should you be concerned about? (Choose two)
Which two parameters must be configured for your application to work properly?
You have a VoIP application that requires external sessions to be initiated into your environment. Your network only has a single public IP address configured on the egress interface.
Which two parameters must be configured for your application to work properly? (Choose two)
Which NAT configuration will correct the problem?
Your new employer has contacted you because the company’s Web servers located at the DM2 (dmz zone) are not reachable from the Internet (untrust zone). After examining the configuration from the previous administrator, you determine that the problem must be with the NAT configuration. The servers have the internal IP addresses 172.14 14 9/24 and 172.14.14 10/24.
Which NAT configuration will correct the problem?