JN0-335 Exam Dumps : Security, Specialist (JNCIS-SEC)

The infected host cloud feed is a list of IP addresses that have been identified as compromised or infected by malware. The feed is updated by Juniper ATP Cloud based on the detection of malicious activity from the hosts, such as contacting known command-and-control servers. When a host on the network reaches the configured threat level threshold, its IP address is automatically added to the infected host cloud feed and blocked from communicating with any other hosts on the Internet. The other feeds are not relevant for this situation. The command-and-control cloud feed is a list of IP addresses that are known to be used by malware for remote control and communication. The allowlist and blocklist feed is a user-defined list of IP addresses that are either allowed or denied by the SRX Series device. The custom cloud feed is a user-defined list of IP addresses that are associated with a specific category or threat level. References:

• Infected Hosts: More Information
• Juniper’s Attacker IP feed bolsters threat protection with SecIntel
• ATP Appliance and SRX Series Threat Level Comparison Chart

SRX Series device chassis clusters are created by physically connecting two identical cluster-supported SRX Series devices using a pair of the same type of Ethernet connections. The connection is made for both a control link and a fabric (data) link between the two devices. The chassis cluster data plane is connected with revenue ports, which are the ports that carry user traffic. The chassis cluster can contain a maximum of two devices, as only two nodes can form a cluster. The chassis cluster data plane is not connected with SPC ports, which are the ports that provide services processing. The chassis cluster cannot contain more than two devices, as this would violate the cluster design. References: Chassis Cluster Overview, Connecting SRX Series Firewalls to Create a Chassis Cluster

 The error occurred because the “http” application is not defined in this context of Juniper SRX Series device configuration. One solution is to create a custom application named “http” at the [edit applications] hierarchy level (Option C). Another solution is to modify the security policy to use the built-in “junos-http” application which is predefined and doesn’t need an explicit definition (Option D). Options A and B are not correct because they do not address the root cause of the error, which is the undefined application “http”. References: The answers can be verified from Juniper’s official documentation on security policies and applications available on their website. Here are some relevant links:

• Security Policies Feature Guide for Security Devices
• Understanding Applications and Application Sets for SRX Series Devices
• Configuring Custom Applications for SRX Series Devices
• Predefined Applications for SRX Series Devices