which two statements are correct?
Click the Exhibit button.
Traffic is flowing between the Host-1 and Host-2 devices through a hub-and-spoke IPsec VPN. All devices are
SRX Series devices.
Referring to the exhibit, which two statements are correct? (Choose two.)
user@host> show interfaces routing-instance all …
user@host> show interfaces routing-instance all ge* terse
Interface Admin Link Proto Local Instance
ge-0/0/0.0 up up inet 172.16.12.205/24 default
ge-0/0/1.0 up up inet 5.0.0.5/24
iso A
ge-0/0/2.0 up up inet 25.0.0.5/24
iso B
user@host> show security flow sessionSession ID: 82274, Policy name: default-policy-00/2, Timeout: 1770, Valid
In: 5.0.0.25/61935 –> 25.0.0.25/23;tcp, If: ge-0/0/1.0, Pkts: 31, Bytes: 1781
Out: 25.0.0.25/23 –> 5.0.0.25/61935;tcp, If: ge-0/0/2.0, Pkts: 23, Bytes: 1452
Total sessions: 3
user@host> show route
inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, + = Both
0.0.0.0/0 *[Static/5] 04:08:52
> to 172.16.12.1 via ge-0/0/0.0
172.16.12.0/24 *[Direct/0] 04:08:52
via ge-0/0/0.0
172.16.12.205/32 *[Local/0] 4w4d 23:04:29
Loca1 via ge-0/0/0.0
224.0.0.5/32 *[OSPF/10] 14:37:35, metric 1
MultiRecv
A:
inet.0: 4 destinations, 4 routes {4 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
5.0.0.0/24 5 *[Direct/0] 00:05:04
> via ge-0/0/1.0
5.0.0.5/32 *[Local/0] 00:05:04
Local via ge-0/0/1.0
25.0.0.0/24 *[Direct/0] 00:02:37
> via ge-0/0/2.0
B:
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
5.0.0.25/32 *[Static/5] 00:02:38
to table A.inet.0
25.0.0.0/24 *[Direct/0] 00:02:37
> via ge-0/0/2.0
25.0.0.5/32 *[Local/0] 00:02:37
Local via ge-0/0/2.0
Which two statements are true regarding the output show…
[edit]
useu@host# run show log debug
Feb 3 22:04:32 22:04:31.983991:CID-0:RT: ge-0/0/1.0:5.0.0.25/59028-
>25.0.0.25/23, tcp, flag 18
Feb 3 22:04:32 22:04:31.983997:CID-0:RT: find flow: table 0x582738c0, hash
53561(0xffff), sa 5.0.0.25, da 5.0.0.25, sp 59028, dp 23, proto 6, tok 20489
Feb 3 22:04:32 22:04:31.984004:CID-0:RT:Found: session id 0x14f98. sess tok
20489
Feb 3 22:04:32 22:04:31.984005:CID-0:RT: flow got session.
Feb 3 22:04:32 22:04:31.984006:CID-0:RT: flow session id 85912
Feb 3 22:04:32 22:04:31.984009:CID-0:RT: vector bits 0x2 vector 0x53a949e8
Feb 3 22:04:32 22:04:31.984012:CID-0:RT: tcp sec check.
Feb 3 22:04:32 22:04:31.984015:CID-0:RT:mbuf 0x4a82cd80, exit nh 0xa0010
Which two statements are true regarding the output shown in the exhibit? (Choose two.)
How many security policies are needed to connect from t…
A branch SRX Series device in flow mode is forwarding between two virtual routers using a paired set of logical
tunnel interfaces. You have a server connected to one virtual router and the client is on the other virtual router.
How many security policies are needed to connect from the client to the server across the logical tunnel link?
Which Junos feature meets this objective?
You are asked to allow access to an external application for an internal host subject to address translation. The
application requires multiple sessions initiated from the internal host and expects all the sessions to originate
from the same source IP address.
Which Junos feature meets this objective?
Which two statements about AppQoS are true?
Which two statements about AppQoS are true? (Choose two.)
which two actions are required for an administrator to …
When configuring AutoVPN, which two actions are required for an administrator to establish communication
from the hub site to the spoke sites? (Choose two.)
what is the cause of the problem?
Click the Exhibit button.
user@host> monitor traffic interface ge-0/0/3
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on ge-0/0/3, capture size 96 bytes
Reverse lookup for 172.168.3.254 failed (check DNS reachability). Other reverse lookup failures will not be
reported.
Use <no-resolve> to avoid reverse lockups on IP addresses.
19:24:16.320907 In arp who-has 172.168.3.254 tell 172.168.3.1
19.24:17.322751 In arp who has 172.168.3.254 tell 172.168.3.1
19.24:18.328895 In arp who-has 172.168.3.254 tell 172.168.3.1
19.24:18.332956 In arn who has 172.168.3.254 tell 172.168.3.1
A new server has been set up in your environment. The administrator suspects that the firewall is blocking the
traffic from the new server. Previously existing servers in the VLAN are working correctly. After reviewing the
logs, you do not see any traffic for the new server.
Referring to the exhibit, what is the cause of the problem?
What must you do to correct the problem?
Click the Exhibit button.
user@host> show services application-identification application-system—cache
Application System Cache Configurations:
Application-cache: off
nested-application-cache: on
cache-unknown-result: on
cache-entry-timeout: 3600 seconds
You are using the application identification feature on your SRX Series device. The help desk reports that users
are complaining about slow Internet connectivity. You issue the command shown in the exhibit.
What must you do to correct the problem?
Which two statements are true about an interconnect log…
Which two statements are true about an interconnect logical system on an SRX Series device? (Choose two.)