Which two statements are true with regard to policy ordering? (Choose two.)

A. The last policy is the default policy, which allows all traffic.

B. The order of policies is not important.

C. New policies are placed at the end of the policy list.

D. The insert command can be used to change the order.

What are two TCP flag settings that are considered suspicious? (Choose two.)

A. Do-Not-Fragment flag is set.

B. Both SYN and FIN flags are set.

C. Both ACK and PSH flags are set.

D. FIN flag is set and ACK flag is not set.

How does the antivirus feature operate once the antivirus license has expired?

A. Any traffic matching a UTM policy will be dropped.

B. Any traffic matching a UTM policy will be permitted.

C. Any traffic matching a UTM policy will be correctly evaluated with the existing set of antivirus signatures.

D. Any traffic matching a UTM policy will be permitted with a log message of no inspection.

Which configuration allows direct access to the 10.10.10.0/24 network without NAT, but uses NAT for all other traffic from the untrust zone to the egress interface?

A. [edit security nat source rule-set internal] user@host# show from zone trust; to zone untrust; rule internet-access {

match {

source-address 0.0.0.0/0;

}

then {

source-nat interface;

}

}

rule server-access {

match {

destination-address 10.10.10.0/24;

}

then {

source-nat off;

}

}

B. [edit security nat source rule-set internal] user@host# show from zone trust; to zone untrust; rule internet-access { match { source-address 0.0.0.0/0; } then { source-nat interface; } } rule server-access { match { source-address 10.10.10.0/24; } then { source-nat off; } }

C. [edit security nat source rule-set internal] user@host# show from zone trust; to zone untrust; rule server-access { match { destination-address 10.10.10.0/24; } then { source-nat off; } } rule internet-access { match { source-address 0.0.0.0/0; } then { source-nat interface; } }

D. [edit security nat source rule-set internal] user@host# show from zone trust; to zone untrust; rule internet-access { match { source-address 0.0.0.0/0; } then {

accept;

}

}

rule server-access {

match {

destination-address 10.10.10.0/24;

}

then {

reject;

}

}

-- Exhibit -security {

policies {

from-zone TRUST to-zone UNTRUST {

policy hosts-allow {

match {

source-address hosts;

destination-address any;

application any;

}

then {

permit;

}

scheduler-name block-hosts;

}

policy allow {

match {

source-address any;

destination-address any;

application junos-http;

}

then {

permit;

}

}

policy deny {

match {

source-address any;

destination-address any;

application any;

}

then {

deny;

}

}

}

}

}

schedulers {

scheduler block-hosts {

daily {

start-time 10:00:00 stop-time 18:00:00;

}

}

}

-- Exhibit -

Click the Exhibit button.

Referring to the exhibit, you have configured a scheduler to allow hosts access to the Internet during

specific times. You notice that hosts are still accessing the Internet during times outside of the scheduler's

parameters.

What is allowing hosts to access the Internet?

A. The policy allow is allowing hosts access during unscheduled hours.

B. The policy hosts-allow should have a then statement of deny.

C. The policy hosts-allow should have an application of junos-http.

D. The policy deny should have the scheduler applied.

-- Exhibit

-- Exhibit -Click the Exhibit button.

You have configured antispam on your SRX Series device as shown in the exhibit.

Assuming the antispam profile has been properly applied, what happens when an e-mail message arrives

at the SRX device from [email protected] at IP address 150.10.10.10?

A. The message matches the whitelist and is forwarded to the destination.

B. The message matches the blacklist and is blocked.

C. The message matches the blacklist and is forwarded to the destination with "SPAM:" automatically appended to the beginning of the e-mail subject line.

D. The message matches both lists and is blocked because the SRX device defaults to the more restrictive setting.

You want to configure a security policy that allows traffic to a particular host.

Which step must you perform before committing a configuration with the policy?

A. Define a static route to the host

B. Ensure that the router can ping the host

C. Define an address book entry for the host

D. Ensure that the router has an ARP entry for the host

You issued a factory reset to your SRX210 and ping the vlan 0 interface from hosts in both the trust and untrust zones.

Which two results do you expect? (Choose two)

A. Pings from the untrust zone fail

B. Pings from the untrust zone receive a reply

C. Pings from the trust zone receive a reply

D. Pings from the trust zone fail

You want to form a chassis cluster.

What are two requirements to accomplish this task? (Choose two.)

A. Devices must be the same hardware model.

B. The fabric link must use factory dedicated interfaces.

C. The same number and type of SPCs must be installed in each chassis.

D. There can be a maximum of three member nodes

Which two types of attacks does the SRX Series device identify using screens? (Choose two)

A. Cross site scripting

B. Reconnaissance

C. Phishing

D. Suspicious packets