1.
What is a benefit of using a dynamic VPN?
2.
What is a benefit of using a group VPN?
3.
Which statement is true about Layer 2 zones when implementing transparent mode security?
4.
You are working as a security administrator and must configure a solution to protect against distributed botnet attacks on your company's central SRX cluster. How would you accomplish this goal?
5.
You are using the AppDoS feature to control against malicious bot client attacks. The bot clients are using file downloads to attack your server farm. You have configured a context value rate of 10,000 hits in 60 seconds. At which threshold will the bot clients no longer be classified as malicious?
6.
Referring to the following output, which command would you enter in the CLI to produce this result?
Ruleset Application Client-to-server Rate(bps) Server-to-client Rate(bps)
http-App-QoS HTTP ftp-C2S 200 ftp-C2S 200
http-App-QoS HTTP ftp-C2S 200 ftp-C2S 200
ftp-App-QoS FTP ftp-C2S 100 ftp-C2S 100
7.
You are asked to apply individual upload and download bandwidth limits to YouTube traffic. Where in the configuration would you create the necessary bandwidth limits?
8.
You want to verify that all application traffic traversing your SRX device uses standard ports. For example, you need to verify that only DNS traffic runs through port 53, and no other protocols. How would you accomplish this goal?
9.
You have been asked to configure traffic to flow between two virtual routers (VRs) residing on two unique logical systems (LSYSs) on the same SRX5800. How would you accomplish this task?
10.
Your company is providing multi-tenant security services on an SRX5800 cluster. You have been asked to create a new logical system (LSYS) for a customer. The customer must be able to access and manage new resources within their LSYS. How do you accomplish this goal?