Juniper JN0-636 Certification Exam Sample Questions and Answers

JNCIP Security Dumps, JN0-636 Dumps, Juniper JNCIP-SEC PDF, JN0-636 PDF, JNCIP Security VCE, Juniper JNCIP Security Questions PDF, Juniper Exam VCE, Juniper JN0-636 VCE, JNCIP Security Cheat SheetBefore you write the Juniper JNCIP Security (JN0-636) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Juniper Networks Certified Professional Security (JNCIP-SEC) sample questions and demo exam help you in removing these doubts and prepare you to take the test.

The best approach to pass your Juniper JN0-636 exam is to challenge and improve your knowledge. To test your learning and identify improvement areas with actual exam format, we suggest you practice with Premium Juniper JN0-636 Certification Practice Exam. The practice test is one of the most important elements of your Juniper Security Professional (JNCIP-SEC) exam study strategy to discover your strengths and weaknesses, to improve your time management skills and to get an idea of the score you can expect.

Juniper JN0-636 (JNCIP-SEC) Sample Questions:

01. Your company wants to scale to 200 branches across the globe. Dynamic routing over the VPNs is required and you want to minimize the chance of compromising the keys.
Which type of VPN implementation should you use?
a) policy-based VPN with preshared key authentication
b) route-based VPN with preshared key authentication
c) policy-based VPN with certificate-based authentication
d) route-based VPN with certificate-based authentication
02. You installed the IPS license on the SRX Series device and need to download the IPS signature database. What must you do?
a) Run the request security idp security-package install command; the signature database will be downloaded from Juniper Networks and installed.
b) Run the request security idp security-package download command followed by the request security idp security-package install command.
c) Run the request security idp security-package download command; the signature database will be downloaded from Juniper Networks and installed.
d) Download the signature database from Juniper Networks and run the request security idp security-package download <IP address> to use TFTP to transfer the file from your laptop and install it on the SRX Series device.
03. A large company with different partners wants to establish a VPN among the various sites using certificates. One partner receives a certificate from a different CA server than does corporate headquarters.
Which type of certificate format is used on the SRX Series device to establish this VPN?
a) PKCS10
b) PKCS7
d) PKCS12
04. You want to configure system security resources for logical systems on SRX devices. Which statement is true regarding the system behavior of security profiles?
a) They are defined by user administrators within an LSYS.
b) Up to 512 profiles can be configured.
c) One security profile can be applied to multiple LSYSs.
d) Configured limitations of type maximum guarantees system resources.
05. You have configured DNS doctoring on your SRX device to allow your internal Web server traffic to respond to You now want to verify proper DNS doctoring behavior.
Which action allows you to perform this task?
a) Initiate a ping from an internal host to
b) Initiate a ping from an external host to
c) Initiate a ping from the internal Web server to an external host.
d) Verify that the DNS ALG is enabled.
06. A security administrator wants to establish a certificate-based VPN between SRXA and SRXB. SRXA receives a certificate from certificate authority CA-A and SRXB receives a certificate from certificate authority CA-B.
Which type of certificates are needed on SRXA to establish the VPN tunnel?
a) SRXA's local certificate, and SRXA's CA certificate issued by CA-A
b) SRXA's local certificate, and SRXB's CA certificate issued by CA-B
c) SRXA's local certificate, and SRXB's local certificate
d) SRXB's local certificate, SRXA's CA certificate issued by CA-A, and SRXB's CA certificate issued by CA-B
07. You want to add the IDP attack database to your SRX device. Which two tasks are required to complete this goal?
(Choose two.)
a) Download the IDP security package.
b) Download the IDP sensor database.
c) Install the IDP sensor database.
d) Install the IDP security package.
08. You are asked to separate several remote branch locations by attaching them to separate SRX Series devices.
You have only one SRX Series device and must accomplish this objective virtually. You are required to have separate routing tables, and each interface must be in different logical devices.
Which type of routing-instance must you use to accomplish this objective?
a) virtual-router
b) non-forwarding
c) policy-based
d) forwarding
09. Your enterprise requires a remote access solution and wants the installation of the VPN client software to be automated and linked to users as they log in to the VPN server.
Which client VPN feature meets this requirement?
a) Purchase SSL VPN feature licenses and add them to the SRX Series device
b) Install the Junos Pulse client on the Windows devices at login
c) Deploy the group VPN SRX Series device feature 1
d) Deploy the dynamic VPN on the SRX Series device
10. Which two methods can be categorized under the reconnaissance phase?
(Choose two.)
a) using information from the target company website
b) Xmas attack
c) ping of death
d) war dialing scan


Question: 01

Answer: d

Question: 02

Answer: b

Question: 03

Answer: b

Question: 04

Answer: c

Question: 05

Answer: b

Question: 06

Answer: b

Question: 07

Answer: a, d

Question: 08

Answer: a

Question: 09

Answer: d

Question: 10

Answer: a, d

Note: If you find any error in these Juniper Security Professional (JNCIP-SEC) sample questions, you can update us by write an email on

Rating: 4.9 / 5 (113 votes)