Logical interfaces can only be added to user-defined security zones
A security zone must contain at least one interface
An interface can belong to multiple security zones
A security zone can only contain one interface
Correct answer: A
Explanation:
A security zone can contain multiple interfaces. A security zone may contain no interfaces. An interface can only belong to one security zone. Logical interfaces cannot be added to system-defined security zones, they must be added to userdefined security zones. Further reading - https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-zone-configuration.html
A security zone can contain multiple interfaces.
A security zone may contain no interfaces.
An interface can only belong to one security zone.
Logical interfaces cannot be added to system-defined security zones, they must be added to userdefined security zones.
SSH service has been correctly configured on an SRX device. However, administrators are unable to connect using SSH on the revenue ports.
Which of these can be configured to solve this problem?
Allow SSH traffic as host inbound traffic on the incoming security zone
Configure an IDP policy to allow SSH traffic
Configure a global policy to allow SSH traffic
Configure a security policy to allow SSH traffic
Correct answer: A
Explanation:
Host inbound traffic controls traffic that is destined for the Junos device itself. SSH traffic terminates on the device itself and must be allowed as host inbound traffic. Further reading - https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/security-edit-host-inbound-traffic.html
Host inbound traffic controls traffic that is destined for the Junos device itself. SSH traffic terminates on the device itself and must be allowed as host inbound traffic.
Which of these is a common designation for management interfaces on the Junos platform?
lo0
mgmt-0/0/0
ge-0/0/0
fxp0
Correct answer: D
Explanation:
Management interfaces are the primary interfaces for accessing the device remotely. Typically, a management interface is not connected to the in-band network, but is connected instead to the device's internal network. Through a management interface you can access the device over the network using utilities such as ssh and telnet and configure the device from anywhere, regardless of its physical location. Most of SRX Series devices contain an fxp0 interface. Further reading - https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-chassis-cluster-management-interfaces.html
Management interfaces are the primary interfaces for accessing the device remotely. Typically, a management interface is not connected to the in-band network, but is connected instead to the device's internal network. Through a management interface you can access the device over the network using utilities such as ssh and telnet and configure the device from anywhere, regardless of its physical location.
Most of SRX Series devices contain an fxp0 interface.