Refer to the Exhibit.
— Exhibit –

— Exhibit —
You are asked to implement NAT to translate addresses between the IPv4 and IPv6 networks
shown in the exhibit.
What are three configuration requirements? (Choose three.)

Refer to the Exhibit.
— Exhibit –

— Exhibit —
Referring to the topology shown in the exhibit, which two configuration tasks will allow Host A to
telnet to the public IP address associated with Server B? (Choose two.)

Refer to the Exhibit.
— Exhibit –

— Exhibit —
You must configure two SRX devices to enable bidirectional communications between the two
networks shown in the exhibit. You have been allocated the 172.16.1.0/24 and 172.16.2.0/24
networks to use for this purpose.
Which configuration will accomplish this task?

Refer to the Exhibit.
— Exhibit –

— Exhibit —
Based on the output shown in the exhibit, what are two results? (Choose two.)

Refer to the Exhibit.

— Exhibit —

security {
nat {
destination {
pool Web-Server {
address 10.0.1.5/32;
}
rule-set From-Internet {
from zone Untrust;
rule To-Web-Server {
match {
source-address 0.0.0.0/0;
destination-address 172.16.1.7/32;
}
then {
destination-nat pool Web-Server;
}
}
}
}
}
zones {
security-zone Untrust {
address-book {
address Web-Server-External 172.16.1.7/32;
address Web-Server-Internal 10.0.1.5/32;
}
interfaces {

ge-0/0/0.0;
}
}
security-zone DMZ {
address-book {
address Web-Server-External 172.16.1.7/32;
address Web-Server-Internal 10.0.1.5/32;
}
interfaces {
ge-0/0/1.0;
}
}
}
}

— Exhibit —
You are migrating from one external address block to a different external address block. You want
to enable a smooth transition to the new address block. You temporarily want to allow external
users to contact the Web server using both the existing external address as well as the new
external address 192.168.1.1.
How do you accomplish this goal?

Refer to the Exhibit.

— Exhibit —
Feb 8 10:39:40 Unable to find phase-1 policy as remote peer:2.2.2.2 is not recognized.
Feb 8 10:39:40 KMD_PM_P1_POLICY_LOOKUP_FAILURE. Policy lookup for Phase-1
[responder] failed for p1_local=ipv4(any:0,[0..3]=1.1.1.2) p1_remote=ipv4(any:0,[0..3]=2.2.2.2)
Feb 8 10:39:40 1.1.1.2:500 (Responder) <-> 2.2.2.2:500 { dbe1d0af – a4d6d829 f9ed3bba [-1] /
0x00000000 } IP; Error = No proposal chosen (14)

— Exhibit —
According to the log shown in the exhibit, you notice that the IPsec session is not establishing.
What are two reasons for this behavior? (Choose two.)

Refer to the Exhibit.

— Exhibit –

— Exhibit —
An attacker is using a nonstandard port for HTTP for reconnaissance into your network.
Referring to the exhibit, which two statements are true? (Choose two.)

Refer to the Exhibit.
— Exhibit –

— Exhibit —
You have configured an IDP policy as shown in the exhibit. The configuration commits
successfully. Which traffic will be examined for attacks?

Refer to the Exhibit.

— Exhibit —
[edit security]
user@srx# show
idp {
idp-policy NewPolicy {
rulebase-exempt {
rule 1 {
description AllowExternalRule;
match {
source-address any;
destination-address
}
}
}
}
}

— Exhibit —
You are performing the initial IDP installation on your new SRX device. You have configured the
IDP exempt rulebase as shown in the exhibit, but the commit is not successful.
Referring to the exhibit, what solves the issue?

Refer to the Exhibit.

— Exhibit —
[edit security idp]
user@srx# show
security-package {
url https://services.netscreen.com/cgi-bin/index.cgi;
automatic {
start-time “2012-12-11.01:00:00 +0000”;
interval 120;
enable;
}
}

— Exhibit —
You have configured your SRX device to download and install attack signature updates as shown
in the exhibit. You discover that updates are not being downloaded.
What are two reasons for this behavior? (Choose two.)