Security policy schedulers are a feature that allows you to activate or deactivate a policy for a specified time period. You can create schedulers for a single or recurrent time slot, and apply them to one or more policies. A policy can only have one scheduler associated with it, but a scheduler can have multiple policies associated with it. When a scheduler is active, the policy is available for policy lookup. When a scheduler is inactive, the policy is unavailable for policy lookup. A policy without a defined scheduler will always be active, unless it is explicitly disabled. References:
Scheduling Security Policies
schedulers (Security Policies)
Security Policy Schedulers
scheduler (Security Policies)
Questions 5
Which two statements about SRX chassis clustering are correct? (Choose two.)
Options:
A.
SRX chassis clustering supports active/passive and active/active for the data plane.
B.
SRX chassis clustering only supports active/passive for the data plane.
C.
SRX chassis clustering supports active/passive for the control plane.
D.
SRX chassis clustering supports active/active for the control plane.
SRX chassis clustering is a high availability feature that allows two SRX Series devices to operate as a single logical device. The two devices are connected by a control link and a fabric link, which are used to synchronize the configuration, state, and traffic between the nodes. The control plane is responsible for managing the cluster configuration, monitoring the health and status of the nodes, and performing failover operations. The data plane is responsible for processing and forwarding the traffic through the cluster. SRX chassis clustering supports two modes for the data plane: active/passive and active/active. In active/passive mode, only one node is active for each redundancy group, which is a logical grouping of interfaces and services. The active node handles all the traffic for the redundancy group, while the passive node acts as a backup. In active/active mode, both nodes are active for different redundancy groups, and they can share the traffic load for the cluster. SRX chassis clustering supports only one mode for the control plane: active/passive. In this mode, only one node is the primary node, which is the master of the cluster configuration and the source of truth for the cluster state. The primary node also initiates the failover process in case of a node or interface failure. The other node is the secondary node, which is the slave of the cluster configuration and the backup of the cluster state. The secondary node takes over the primary role if the primary node fails or is manually disabled. References: Chassis Cluster Overview, SRX Series Chassis Cluster Configuration Overview, Chassis Cluster Overview
Questions 6
What are two requirements for enabling AppQoE? (Choose two.)
Options:
A.
You need two SRX Series device endpoints.
B.
You need two SRX Series or MX Series device endpoints.
Juniper ATP Cloud is a cloud-based threat detection service that protects all hosts in your network against evolving security threats. Juniper ATP Cloud performs the following tasks:
It extracts potentially malicious objects and files from the traffic and sends them to the cloud for analysis.
It uses multiple antivirus software packages to analyze files and identify known malicious files quickly. It also uses other techniques, such as machine learning, sandboxing, and behavioral analysis, to identify new malware and add it to the known list of malware.
It correlates between newly identified malware and known command and control (C&C) sites to aid analysis.
It blocks known malicious file downloads and outbound C&C traffic.
It provides features such as DNS, Encrypted Traffic Insights (ETI) and IoT security if you have ATP Cloud premium license.
Based on this information, we can infer the following:
Option B is correct because Juniper ATP Cloud uses multiple antivirus software packages to analyze files, as well as other techniques, to provide robust coverage against sophisticated, evasive threats.
Option D is correct because Juniper ATP Cloud does not use antivirus software packages to protect against zero-day threats, which are unknown and undetected by traditional antivirus solutions. Instead, it uses other techniques, such as machine learning, sandboxing, and behavioral analysis, to identify and mitigate zero-day threats.
Option A is incorrect because Juniper ATP Cloud does not only use one antivirus software package to analyze files, but multiple ones, as well as other techniques.
Option C is incorrect because Juniper ATP Cloud does not use antivirus software packages to protect against zero-day threats, but other techniques.
References: Juniper Security, Specialist (JNCIS-SEC) Reference Materials and Juniper Security, Professional (JNCIP-SEC) Reference Materials
