Which traffic will be examined for attacks?
Click the Exhibit button.
You have configured an IDP policy as shown in the exhibit. The configuration commits successfully. Which
traffic will be examined for attacks?
which two statements are true?
Click the Exhibit button.
An attacker is using a nonstandard port for HTTP for reconnaissance into your network. Referring to the exhibit,
which two statements are true? (Choose two.)
What are two reasons for this behavior?
Click the Exhibit button.
According to the log shown in the exhibit, you notice that the IPsec session is not establishing.
What are two reasons for this behavior? (Choose two.)
How do you accomplish this goal?
— Exhibit —
security {
nat {
destination {
pool Web-Server {
address 10.0.1.5/32;
}
rule-set From-Internet {
from zone Untrust;
rule To-Web-Server {
match {
source-address 0.0.0.0/0;
destination-address 172.16.1.7/32;
}
then {
destination-nat pool Web-Server;
}}
}
}
}
zones {
security-zone Untrust {
address-book {
address Web-Server-External 172.16.1.7/32;
address Web-Server-Internal 10.0.1.5/32;
}
interfaces {
ge-0/0/0.0;
}
}
security-zone DMZ {
address-book {
address Web-Server-External 172.16.1.7/32;
address Web-Server-Internal 10.0.1.5/32;
}
interfaces {
ge-0/0/1.0;
}
}
}
}
— Exhibit —
You are migrating from one external address block to a different external address block. You want to enable a
smooth transition to the new address block. You temporarily want to allow external users to contact the Web
server using both the existing external address as well as the new external address 192.168.1.1.
How do you accomplish this goal?
what are two results?
Click the Exhibit button.
Based on the output shown in the exhibit, what are two results? (Choose two.)
Which configuration will accomplish this task?
Click the Exhibit button.
You must configure two SRX devices to enable bidirectional communications between the two networks shown
in the exhibit. You have been allocated the 172.16.1.0/24 and 172.16.2.0/24 networks to use for this purpose.
Which configuration will accomplish this task?
which two configuration tasks will allow Host A to teln…
Click the Exhibit button.
Referring to the topology shown in the exhibit, which two configuration tasks will allow Host A to telnet to the
public IP address associated with Server B? (Choose two.)
What are three configuration requirements?
Click the Exhibit button.
You are asked to implement NAT to translate addresses between the IPv4 and IPv6 networks shown in the
exhibit.
What are three configuration requirements? (Choose three.)
What would cause this behavior on the SRX device in Com…
Click the Exhibit button.
Host A cannot resolve the www.target.host.com Web page when using its configured DNS server. As shown in
the exhibit, Host A’s configured DNS server and the Web server hosting the www.target.host.com Web page
are in the same subnet. You have verified bidirectional reachability between Host A and the Web server hosting
the Web page.
What would cause this behavior on the SRX device in Company B’s network?
What is the reason for this behavior?
Click the Exhibit button.
— Exhibit —
[edit]
user@srx# run show route
inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
0.0.0.0/0 *[Static/5] 01:09:08
> to 172.18.1.1 via ge-0/0/3.010.210.14.128/27 *[Direct/0] 8w6d 15:43:09
> via ge-0/0/0.0
10.210.14.135/32 *[Local/0] 11w0d 06:43:04
Local via ge-0/0/0.0
172.18.1.0/30 *[Direct/0] 8w6d 15:43:01
> via ge-0/0/3.0
172.18.1.2/32 *[Local/0] 11w0d 06:43:03
Local via ge-0/0/3.0
172.19.1.0/24 *[Direct/0] 03:46:56
> via ge-0/0/1.0
172.19.1.1/32 *[Local/0] 03:46:56
Local via ge-0/0/1.0
172.20.105.0/24 *[Direct/0] 03:46:56
> via ge-0/0/4.105
172.20.105.1/32 *[Local/0] 03:46:56
Local via ge-0/0/4.105
192.168.30.1/32 *[Direct/0] 4d 03:44:41
> via lo0.0
fbf.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
0.0.0.0/0 *[Static/5] 00:00:11
> to 172.19.1.2 via ge-0/0/1.0
172.19.1.0/24 *[Direct/0] 00:00:11
> via ge-0/0/1.0
[edit]
user@srx# show routing-instances
fbf {
routing-options {
static {
route 0.0.0.0/0 next-hop 172.19.1.2;
}
}
}
[edit]
user@srx# show routing-options
interface-routes {
rib-group inet fbf-int;
}
static {
route 0.0.0.0/0 next-hop 172.18.1.1;
}
rib-groups {
fbf-int {
import-rib [ inet.0 fbf.inet.0 ];
import-policy fbf-pol;
}
}
[edit]
user@srx# show policy-options policy-statement fbf-pol
term 1 {
from interface ge-0/0/1.0;
to rib fbf.inet.0;
then accept;
}
term 2 {
then reject;}
— Exhibit —
Referring to the exhibit, you notice that filter-based forwarding is not working.
What is the reason for this behavior?