What must be modified to correct the problem?
Click the Exhibit button.
You have been asked to block YouTube video streaming for internal users. You have implemented the
configuration shown in the exhibit, however users are still able to stream videos.
What must be modified to correct the problem?
What is causing this behavior?
Click the Exhibit button.
Referring to the exhibit, AppTrack is only logging the session closure messages for sessions that last 1 to 3
minutes.
What is causing this behavior?
What are two reasons for this behavior?
— Exhibit —
[edit security]
user@srx# show idp
…
application-ddos Webserver {
service http;
connection-rate-threshold 1000;
context http-get-url {
hit-rate-threshold 60000;
value-hit-rate-threshold 30000;
time-binding-count 10;
time-binding-period 25;
}
}
— Exhibit —
You are using AppDoS to protect your network against a bot attack, but noticed an approved application has
falsely triggered the configured IDP action of drop. You adjusted your AppDoS configuration as shown in the
exhibit. However, the approved traffic is still dropped.
What are two reasons for this behavior? (Choose two.)
Which two commands allow you to view these associations?
Somebody has inadvertently configured several security policies with application firewall rule sets on an SRX
device. These security policies are now dropping traffic that should be allowed. You must find and remove the
application firewall rule sets that are associated with these policies. Which two commands allow you to view
these associations? (Choose two.)
Which three tools would you use to troubleshoot the issue?
You are troubleshooting an SRX240 acting as a NAT translator for transit traffic. Traffic is dropping at the
SRX240 in your network. Which three tools would you use to troubleshoot the issue? (Choose three.)
Which configuration would you use to enable this capture?
HostA (1.1.1.1) is sending TCP traffic to HostB (2.2.2.2). You need to capture the TCP packets locally on the
SRX240. Which configuration would you use to enable this capture?
What are two reasons for this behavior?
You are troubleshooting an IPsec session and see the following IPsec security associations:
ID Gateway Port Algorithm SPI Life:sec/kb Mon vsys
< 192.168.224.1 500 ESP:aes-256/sha1 d6393645 26/ unlim – 0
> 192.168.224.1 500 ESP:aes-256/sha1 153ec235 26/ unlim – 0
< 192.168.224.1 500 ESP:aes-256/sha1 f9a2db9a 3011/ unlim – 0
> 192.168.224.1 500 ESP:aes-256/sha1 153ec236 3011/ unlim – 0
What are two reasons for this behavior? (Choose two.)
which two statements are true?
You are asked to troubleshoot ongoing problems with IPsec tunnels and security policy processing. Your
network consists of SRX240s and SRX5600s. Regarding this scenario, which two statements are true?
(Choose two.)
Which action would resolve this issue?
A security administrator has configured an IPsec tunnel between two SRX devices. The devices are configured
with OSPF on the st0 interface and an external interface destined to the IPsec endpoint. The adminstrator
notes that the IPsec tunnel and OSPF adjacency keep going up and down. Which action would resolve this
issue?
Which command would you use?
You are asked to configure class of service (CoS) on an SRX device running in transparent mode. Which
command would you use?