Juniper JN0-636 Practice Test - Questions Answers, Page 3

List of questions
Question 21

Which two statements are correct regarding tenant systems on SRX Series devices? (Choose two.)
The following statements are true regarding tenant systems on SRX Series devices:
Each tenant system runs its own instance of the routing protocol process. Each tenant system is isolated, and it has its own routing table, interfaces, and security policies.
A maximum of 500 tenant systems can be configured on a physical SRX device. This allows for a high degree of flexibility and scalability, as each tenant system can be configured with its own set of features and security policies.
A maximum of 32 tenant systems can be configured on a physical SRX device and All tenant systems share a single routing protocol process are not correct statements
Question 22

You are asked to allocate security profile resources to the interconnect logical system for it to work properly.
In this scenario, which statement is correct?
The flow-session resource is needed in order to ensure adequate and secure communication between the two logical systems.
The flow-session resource must be defined in the security profile for the interconnect logical system because the interconnect logical system is responsible for forwarding traffic between other logical systems. The flow-session resource determines the maximum number of sessions that the interconnect logical system can create and maintain. If the flow-session resource is not allocated or is insufficient, the interconnect logical system might drop packets or fail to establish sessions1.
The NAT resources are not needed to be allocated to the interconnect logical system because the interconnect logical system does not perform any NAT operations on the traffic. The NAT resources are only relevant for the logical systems that need to translate the source or destination IP addresses or ports of the traffic1.
No resources are not needed to be allocated to the interconnect logical system is incorrect because the interconnect logical system still requires some resources to function properly, such as the flowsession resource. The interconnect logical system cannot operate without any resources allocated to it1.
The resources must be calculated based on the amount of traffic that will flow between the logical systems is partially correct, but not the best answer. The resources must be calculated based on the amount of traffic and the type of traffic that will flow between the logical systems. For example, the flow-session resource depends on the number and duration of sessions, the security-log-streamnumber resource depends on the number and size of logs, and the NAT resource depends on the number and type of NAT rules1.
Reference:
Security Profiles for Logical Systems | Junos OS | Juniper Networks
Question 23

Exhibit
The exhibit shows a snippet of a security flow trace.
In this scenario, which two statements are correct? (Choose two.)
Question 24

Exhibit
Your company recently acquired a competitor. You want to use using the same IPv4 address space as your company.
Referring to the exhibit, which two actions solve this problem? (Choose two)
Question 25

Exhibit
You have recently configured Adaptive Threat Profiling and notice 20 IP address entries in the monitoring section of the Juniper ATP Cloud portal that do not match the number of entries locally on the SRX Series device, as shown in the exhibit.
What is the correct action to solve this problem on the SRX device?
Question 26

You want to enroll an SRX Series device with Juniper ATP Appliance. There is a firewall device in the path between the devices. In this scenario, which port should be opened in the firewall device?
Question 27

Which two types of source NAT translations are supported in this scenario? (Choose two.)
Question 28

Exhibit
Referring to the exhibit, which statement is true?
Question 29

Exhibit
The show network-access aaa radius-servers command has been issued to solve authentication issues.
Referring to the exhibit, to which two authentication servers will the SRX Series device continue to send requests? (Choose TWO)
Question 30

All interfaces involved in transparent mode are configured with which protocol family?
Question