You are asked to include anti-malware features into an existing network design. Traffic from the infected machines must be moved to a quarantined VLAN.

Which product will provide this segregation?

A. screens

B. Sky ATP

C. unified threat management

D. Software Defined Secure Network

You are designing a new campus Internet access service that implements dynamic NAT for customer IP addressing. The customer requires services that allow peer-to-peer networking and online gaming.

In this scenario, what will accomplish this task?

A. EVPN over IPsec

B. one-to-one NAT

C. stacked VLAN tagging

D. endpoint independent mapping

Policy Enforcer provides which benefit?

A. log management

B. command and control protection

C. centralized management of security devices

D. IPsec encryption

Your customer needs help designing a single solution to protect their combination of various Junos network devices from unauthorized management access.

Which Junos OS feature will provide this protection?

A. Use a firewall filter applied to the fxp0 interface

B. Use a security policy with the destination of the junos-host zone

C. Use the management zone host-inbound-traffic feature

D. Use a firewall filter applied to the lo0 interface

You must design a small branch office firewall solution that provides application usage statistics.

In this scenario, which feature would accomplish this task?

A. AppFW

B. AppTrack

C. UTM

D. AppQoS

You are designing an SDSN security solution for a new campus network. The network will consist of Juniper Networks Policy Enforcer, Juniper Networks switches, third-party switches, and SRX Series devices. The switches and the SRX Series devices will be used as security enforcement points.

Which component supports the SRX Series devices in this scenario?

A. Security Director

B. RADIUS server

C. certificate server

D. DHCP server

You are concerned about users attacking the publicly accessible servers in your data center through encrypted channels. You want to block these attacks using your SRX Series devices.

In this scenario, which two features should you use? (Choose two.)

A. Sky ATP

B. IPS

C. SSL forward proxy

D. SSL reverse proxy

You are designing a data center interconnect between two sites across a service provider Layer 3 VPN service. The sites require Layer 2 connectivity between hosts, and the connection must be secure.

In this scenario, what will accomplish this task?

A. EVPN over IPsec

B. MACsec encryption

C. SSL VPN encryption

D. stacked VLAN tagging

You are designing a new network for your organization with the characteristics shown below.

All traffic must pass inspection by a security device.

A center-positioned segmentation gateway must provide deep inspection of each packet using 10 Gbps

interfaces.

Policy enforcement must be centrally managed.

Which security model should you choose for your network design?

A. Intrazone Permit

B. trust but verify

C. user-role firewall policies

D. Zero Trust

You are designing an enterprise WAN network that must connect multiple sites. You must provide a design proposal for the security elements needed to encrypt traffic between the remote sites.

Which feature will secure the traffic?

A. BFD

B. OSPF

C. GRE

D. IPsec