which two statements are true?
— Exhibit —
[edit security nat source]
user@srx# show
pool A {
address {
172.16.52.94/32;
}
}
rule-set 1A {
from zone trust;
to zone untrust;
rule 1 {
match {
source-address 192.168.233.0/24;
}
then {
source-nat {
pool {
A;
}
}
}
}
}
— Exhibit —
Click the Exhibit button.
Referring to the exhibit, which two statements are true? (Choose two.)
Which change is needed to correct this problem?
— Exhibit —
[edit security nat]
user@host# show source
pool pool-one {
address {
68.183.13.0/24;
}
}
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule pool-nat {
match {
source-address 10.10.10.1/24;
}
then {
source-nat {
pool {
pool-one;
}
}
}
}
rule no-nat {
match {
destination-address 192.150.2.140/32;
}
then {
source-nat {
off;
}
}
}
}
— Exhibit —
Click the Exhibit button.
You have implemented source NAT using a source pool for address translation. However, traffic destined for
192.150.2.140 should not have NAT applied to it. The configuration shown in the exhibit is not working
correctly.
Which change is needed to correct this problem?
which type of NAT is configured?
Click the Exhibit button.
A PC in the trust zone is trying to ping a host in the untrust zone.
Referring to the exhibit, which type of NAT is configured?
which statement is correct about the alarm?
— Exhibit —
[edit security nat source]
user@host# show
pool snat-pool {
address {
10.10.10.10/32;
10.10.10.11/32;
}
}
pool-utilization-alarm raise-threshold 50 clear-threshold 40;
rule-set user-nat {
from zone trust;
to zone untrust;
rule snat {
match {
source-address 0.0.0.0/0;
}
then {
source-nat {
pool {
snat-pool;
}
}
}
}
}
— Exhibit —
Click the Exhibit button.
Your network management station has generated an alarm regarding NAT utilization based on an SNMP trap
received from an SRX Series device.
Referring to the exhibit, which statement is correct about the alarm?
which three statements are correct?
Click the Exhibit button.
Referring to the exhibit, which three statements are correct? (Choose three.)
What is the problem?
Click the Exhibit button.
You are troubleshooting an IPsec VPN connection between a local SRX Series device using IP address
192.168.1.100 and a remote SRX device using IP address 192.168.2.100. A VPN connection cannot be
established. Referring to the exhibit, you examine the kmd log file.
What is the problem?
which statement is correct about the IPsec configuration?
Click the Exhibit button.
Referring to the exhibit, which statement is correct about the IPsec configuration?
which statement is correct about the IPsec configuration?
Click the Exhibit button.
Referring to the exhibit, which statement is correct about the IPsec configuration?
Which configuration parameter is missing at the hub to complete the configuration?
Click the Exhibit button.
Referring to the exhibit, you are setting up the hub in a hub-and-spoke IPsec VPN. You have verified that all
configured parameters are correct at all sites, but your IPsec VPN is not establishing to both sites.
Which configuration parameter is missing at the hub to complete the configuration?
What needs to be modified in the configuration shown in the exhibit?
— Exhibit —
security {
ike {
policy IKE-STANDARD {
mode aggressive;
proposal-set standard;
pre-shared-key ascii-text “XXXXXX”;
}
gateway GW-HUB {
ike-policy IKE-STANDARD;
dynamic hostname site1.company.com;
external-interface ge-0/0/0.0;
}
}
ipsec {
policy IPSEC-STANDARD {
proposal-set standard;
}
vpn VPN-HUB {
bind-interface st0.0;
ike {
gateway GW-HUB;
ipsec-policy IPSEC-STANDARD;
}
}
}
zones {
security-zone untrust {
host-inbound-traffic {
system-services {
ping;
ike;
}
}
interfaces {
ge-0/0/0.0;
}
}
security-zone trust {
system-services {
ping;
}
interfaces {
ge-0/0/1.0;
}
}
}
}
— Exhibit —
Click the Exhibit button.
You are implementing a new route-based IPsec VPN on an SRX Series device and the tunnel will not establish.
What needs to be modified in the configuration shown in the exhibit?