You are asked to design a security solution for your client’s new two-tier data center. The client has a need for some flows to bypass firewall inspection entirely. Where should the firewall be deployed in this data center?

You are working with a customer to create a design proposal using SRX Series devices. As part of the design, you must consider the requirements shown below: You must ensure that every packet entering your device is independently inspected against a set of rules. You must provide a way to protect the device from undesired access attempts. You must ensure that you can apply a different set of rules for traffic leaving the device than are in use for traffic entering the device. In this scenario, what do you re

You are designing a data center security solution for a customer. The customer asks that you provide a DDoS solution. Several IPsec tunnels will be terminated at the data center gateway. Which type of security is your customer asking you to implement?

You are deploying Security Director with the logging and reporting functionality for VMs that use SSDs. You expect to have approximately 20,000 events per second of logging in your network. In this scenario, what is the minimum number of log receiver devices that you should use?

Your company has 500 branch sites and the CIO is concerned about minimizing the potential impact of a VPN router being stolen from an enterprise branch site. You want the ability to quickly disable a stolen VPN router while minimizing administrative overhead. Which solution accomplishes this task?

You are asked to include anti-malware features into an existing network design. Traffic from the infected machines must be moved to a quarantined VLAN. Which product will provide this segregation?

You have a campus location with multiple WAN links. You want to specify the primary link used for your VoIP traffic. In this scenario, which type of WAN load balancing would you use?

You are designing a DDoS solution for an ISP using BGP FlowSpec. You want to ensure that BGP FlowSpec does not overwhelm the ISP’s edge routers. Which two requirements should be included in your design? (Choose two.)

You are designing a data center security architecture. The design requires automated scaling of security services according to real-time traffic flows. Which two design components will accomplish this task? (Choose two.)

You have a site that has two Internet connections but no switch on the outside of the firewall. You want to use ISP-A over ISP-B during normal operations. Which type of chassis cluster design would you propose to satisfy this requirement?

You are asked to design a secure enterprise WAN where all payload data is encrypted and branch sites communicate directly without routing all traffic through a central hub. Which two technologies would accomplish this task? (Choose two.)

You are asked to deploy a security solution in your data center that ensures all traffic flows through the SRX Series devices. Which firewall deployment method meets this requirement?

You are designing an SDSN security solution for a new campus network. The network will consist of Juniper Networks Policy Enforcer, Juniper Networks switches, third-party switches, and SRX Series devices. The switches and the SRX Series devices will be used as security enforcement points. The design must be able to change the VLAN mapping of the switch port of a user that is already authenticated to the network in the event that the end user device becomes compromised. Which component satisfies this require