which two statements are true?
Refer to the Exhibit.
— Exhibit –
— Exhibit —
An attacker is using a nonstandard port for HTTP for reconnaissance into your network.
Referring to the exhibit, which two statements are true? (Choose two.)
Which traffic will be examined for attacks?
Refer to the Exhibit.
— Exhibit –
— Exhibit —
You have configured an IDP policy as shown in the exhibit. The configuration commits
successfully. Which traffic will be examined for attacks?
what solves the issue?
Refer to the Exhibit.
— Exhibit —
[edit security]
user@srx# show
idp {
idp-policy NewPolicy {
rulebase-exempt {
rule 1 {
description AllowExternalRule;
match {
source-address any;
destination-address
}
}
}
}
}
— Exhibit —
You are performing the initial IDP installation on your new SRX device. You have configured the
IDP exempt rulebase as shown in the exhibit, but the commit is not successful.
Referring to the exhibit, what solves the issue?
What are two reasons for this behavior?
Refer to the Exhibit.
— Exhibit —
[edit security idp]
user@srx# show
security-package {
url https://services.netscreen.com/cgi-bin/index.cgi;
automatic {
start-time “2012-12-11.01:00:00 +0000”;
interval 120;
enable;
}
}
— Exhibit —
You have configured your SRX device to download and install attack signature updates as shown
in the exhibit. You discover that updates are not being downloaded.
What are two reasons for this behavior? (Choose two.)
Which two commands should you use?
Refer to the Exhibit.
— Exhibit —
[edit security idp]
user@srx# show | no-more
idp-policy basic {
rulebase-ips {
rule 1 {
match {
from-zone untrust;
source-address any;
to-zone trust;
destination-address any;
application default;
attacks {
custom-attacks data-inject;
}
}
then {
action {
recommended;
}
notification {
log-attacks;
}
}
}
}
}
active-policy basic;
custom-attack data-inject {
recommended-action close;
severity critical;
attack-type {
signature {
context mssql-query;
pattern “SELECT * FROM accounts”;
direction client-to-server;
}
}
}
— Exhibit —
You have configured the custom attack signature shown in the exhibit. This configuration is valid,
but you want to improve the efficiency and performance of your IDP.
Which two commands should you use? (Choose two.)
How would you configure your SRX device to meet this goal?
Refer to the Exhibit.
— Exhibit –
— Exhibit —
You receive complaints from users that their Web browsing sessions keep dropping prematurely.
Upon investigation, you find that the IDP policy shown in the exhibit is detecting the users’
sessions as HTTP:WIN-CMD:WIN-CMD-EXE attacks, even though their sessions are not actual
attacks. You must allow these sessions but still inspect for all other relevant attacks.
How would you configure your SRX device to meet this goal?
What is causing this behavior?
Refer to the Exhibit.
— Exhibit –
— Exhibit —
In the exhibit, the SRX device has hosts connected to interface ge-0/0/1 and ge-0/0/6. The devices
are not able to ping each other. What is causing this behavior?
Which type of traffic would traverse the secondary SRX3600 (node 1)?
Refer to the Exhibit.
— Exhibit –
— Exhibit —
Referring to the exhibit, a pair of SRX3600s is in an active/passive chassis cluster configured for
transparent mode. Which type of traffic would traverse the secondary SRX3600 (node 1)?
What is causing the problem?
Refer to the Exhibit.
— Exhibit —
user@srx# show security datapath-debug
capture-file pkt-cap-file format pcap size 5m;
action-profile {
pkt-cap-profile {
event np-ingress {
packet-dump;
}
}
}
packet-filter pkt-filter {
action-profile pkt-capture;
source-prefix 1.2.3.4/32;
}
— Exhibit —
You want to capture transit traffic passing through your SRX3600. You add the configuration
shown in the exhibit but do not see entries added to the capture file.
What is causing the problem?
what is the problem?
Refer to the Exhibit.
— Exhibit –
— Exhibit —
Host traffic is traversing through an IPsec tunnel. Users are complaining of intermittent issues with
their connection.
Referring to the exhibit, what is the problem?