After using Security Director to add a new firewall policy rule on an SRX Series device, you notice that the hit count on the policy is not increasing. Upon further investigation, you find that the devices listed in the new rule are able to communicate as expected. Your firewall policy consists of hundreds of rules.

Using only Security Director, how do you find the rule that is allowing the communication to occur in this scenario?

A. Generate a Top Firewall Rules report.

B. Generate a Policy Analysis report.

C. Generate a Top Source IPs report.

D. Generate a Top Firewall Events report.

You are scanning files that are being transferred from the Internet to hosts on your internal network with Sky ATP. However, you notice that files that are 1 GB in size are not being scanned by Sky ATP.

In this scenario, which two statements are true? (Choose two.)

A. The Sky ATP failback option is set to permit.

B. The Sky ATP engine or the SRX Series device is too busy.

C. The 1 GB file size is larger than the scan size limit for Sky ATP.

D. The Sky ATP policy on the SRX Series device is misconfigured.

What is the correct application mapping sequence when a user goes to Facebook for the first time through an SRX Series device?

A. first packet > process packet > check application system cache > classify application > process packet > match and identify application

B. first packet > check application system cache > process packet > classify application > match and identify application

C. first packet > check application system cache > classify application > process packet > match and identify application

D. first packet > process packet > check application system cache > classify application > match and identify application

You have configured a log collector VM and Security Director. System logging is enabled on a branch SRX Series device, but security logs do not appear in the monitor charts.

How would you solve this problem?

A. Configure a security policy to forward logs to the collector.

B. Configure application identification on the SRX Series device.

C. Configure security logging on the SRX Series device.

D. Configure J-Flow on the SRX Series device.

You are using IDP on your SRX Series device and are asked to ensure that the SRX Series device has the latest IDP database, as well as the latest application signature database.

In this scenario, which statement is true?

A. The application signature database cannot be updated on a device with the IDP database installed.

B. You must download each database separately.

C. The IDP database includes the latest application signature database.

D. You must download the application signature database before installing the IDP database.

You are creating an IPS policy with multiple rules. You want traffic that matches rule 5 to silently be dropped, along with any future packets that match the appropriate attributes of the incoming traffic.

In this scenario, which ip-action parameter should you use?

A. ip-block

B. ip-close

C. log-create

D. timeout

Click the Exhibit button.

You have recently committed the IPS policy shown in the exhibit. When evaluating the expected behavior, you notice that you have a session that matches all of the rules in your IPS policy.

In this scenario, which action would be taken?

A. ignore-connection

B. drop packet

C. no-action

D. close-client-and-server

Which three components are part of the AppSecure services suite? (Choose three.)

A. IDP

B. Sky ATP

C. AppQoS

D. AppFW

E. Web filtering

A customer has recently deployed a next-generation firewall, sandboxing software, cloud access security brokers (CASB), and endpoint protection.

In this scenario, which tool would provide the customer with additional attack prevention?

A. Junos Space Cross Provisioning Platform

B. Contrail

C. Security Director Policy Enforcer

D. Network Director Inventory Manager

Click the Exhibit button.

Referring to the exhibit, you have configured a Sky ATP policy to inspect user traffic. However, you have noticed that encrypted traffic is not being inspected.

In this scenario, what must you do to solve this issue?

A. Change the policy to inspect HTTPS traffic.

B. Configure the PKI feature.

C. Configure the SSL forward proxy feature.

D. Change the policy to inspect TLS traffic.