Which statement is true about high availability (HA) chassis clusters for the SRX Series device?

A. Cluster nodes require an upgrade to HA compliant Routing Engines.

B. Cluster nodes must be connected through a Layer 2 switch.

C. There can be active/passive or active/active clusters.

D. HA clusters must use NAT to prevent overlapping subnets between the nodes.

You are asked to improve resiliency for individual redundancy groups in an SRX4600 chassis cluster. Which two features would accomplish this task? (Choose two.)

A. IP address monitoring

B. control link recovery

C. interface monitoring

D. dual fabric links

Click the Exhibit button.

Which two statements describe the output shown in the exhibit? (Choose two.)

A. Node 0 is passing traffic for redundancy group 1.

B. Redundancy group 1 experienced an operational failure.

C. Redundancy group 1 was administratively failed over.

D. Node 1 is passing traffic for redundancy group1.

You want to deploy vSRX in Amazon Web Services (AWS) virtual private clouds (VPCs). Which two statements are true in this scenario? (Choose two.)

A. The vSRX devices serving as local enforcement points for VPCs can be managed by a centralized Junos Space Network Director instance.

B. MPLS LSPs can be used to connect vSRXs in different VPCs.

C. IPsec tunnels can be used to connect vSRX in different VPCs.

D. The vSRX devices serving as local enforcement points for VPCs can be managed by a centralized Junos Space Security Director instance.

Click the Exhibit button.

Which two statements are true about the configuration shown in the exhibit? (Choose two.)

A. The session is removed from the session table after 10 seconds of inactivity.

B. The session is removed from the session table after 10 milliseconds of inactivity.

C. Aggressive aging is triggered if the session table reaches 95% capacity.

D. Aggressive aging is triggered if the session table reaches 80% capacity.

Which solution should you use if you want to detect known attacks using signature-based methods?

A. SSL proxy

B. JIMS

C. IPS

D. ALGs

The AppQoE module of AppSecure provides which function?

A. The AppQoE module provides application-based routing.

B. The AppQoE module prioritizes important applications.

C. The AppQoE module provides routing, based on network conditions.

D. The AppQoE module blocks access to risky applications.

Which two solutions provide a sandboxing feature for finding zero-day malware threats? (Choose two.)

A. Sky ATP

B. UTM

C. JATP

D. IPS

You have deployed JSA and you need to view events and network activity that match rule criteria. You must view this data using a single interface.

Which JSA feature should you use in this scenario?

A. Log Collector

B. Assets

C. Network Activity

D. Offense Manager

Click the Exhibit button.

You have deployed Sky ATP to protect your network from attacks so that users are unable to download malicious files. However, after a user attempts to download a malicious file, they are still able to communicate through the SRX Series device.

Referring to the exhibit, which statement is correct?

A. Change the security policy from a standard security policy to a unified security policy.

B. Remove the fallback options in the advanced anti-malware policy.

C. Configure a security intelligence policy and apply it to the security policy.

D. Lower the verdict threshold in the advanced anti-malware policy.