— Exhibit –Apr 27 19:11:09 company-fw init: low_mem_signal_processes: send signal 16 to routing
Apr 27 19:11:09 company-fw /kernel: KERNEL_MEMORY_CRITICAL: System low on free
memory, notifying init (#4).
Apr 27 19:11:09 company-fw rpd[1268]: Processing low memory signal
Apr 27 19:11:09 company-fw init: low_mem_signal_processes: send signal 16 to idp-policy
Apr 27 19:11:09 company-fw idpd[1295]: Processing low memory signal
Apr 27 19:11:10 company-fw idpd[1987]: IDP_SECURITY_INSTALL_RESULT: security package
install result
Done;Install aborted due to system reaching low memory condition!)
— Exhibit –Click the Exhibit button.
You are troubleshooting a problem where the IDP signature database update on your Junos
device has failed.
Referring to the exhibit, which action will resolve this problem?

— Exhibit –[edit security utm]
user@host# show
custom-objects {
url-pattern {
blocklist {
value [ http://badsite.com http://blocksite.com ];
}
acceptlist {
value http://juniper.net;
}
}
custom-url-category {
blacklist {
value blocklist;
}
whitelist {
value acceptlist;
}
}
}
feature-profile {
web-filtering {
url-whitelist whitelist;
url-blacklist blacklist;
type juniper-local;
juniper-local {

profile web-filter {
custom-block-message “Site is not allowed”;
fallback-settings {
default log-and-permit;
}
}
}
}
}
utm-policy utm1 {
web-filtering {
http-profile web-filter;
}
}
— Exhibit –Click the Exhibit button.
You set up Web filtering to allow employees to only access your internal website. You notice that
employees are still able to reach websites outside of the blacklists.
Referring the exhibit, which parameter must be changed?

— Exhibit –user@host> show configuration security utm
custom-objects {
url-pattern {
block-juniper {
value *.spammer.com;
}
}
custom-url-category {
blacklist {
value block-juniper;
}
}
}
feature-profile {
anti-spam {
address-blacklist block-juniper;
sbl {
profile myprofile {
no-sbl-default-server;
spam-action block;
}
}
}
}
utm-policy wildcard-policy {

anti-spam {
smtp-profile myprofile;
}
}
— Exhibit –Click the Exhibit button.
You added a blacklist to your antispam policy to block any e-mails from the spammer.com domain.
However, your users are complaining that they are still receiving spam e-mails from that domain.
You run the utm test-string test and confirm that the blacklist is not working.
Referring to the exhibit, what is causing this problem?

— Exhibit –{hold:node0}
user@host1> show chassis cluster status
Cluster ID. 1
Node Priority Status Preempt Manual failover
Redundancy group: 0 , Failover count: 0
node0 1 hold no no
node1 0 lost n/a n/a

{hold:node0}
user@host1> show configuration | no-more
system {
host-name host1;
root-authentication {
encrypted-password “$1$KI99zGk6$MbYFuBbpLffu9tn2.sI7l1”; ## SECRET-DATA
}
name-server {
172.16.10.100;
}
services {
ssh;
telnet;
web-management {
http;
}
}
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {

interactive-commands any;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.210.14.131/26;
}
}
}
ge-0/0/8 {
unit 0 {
family inet {
address 172.16.1.1/24;
}
}
}
ge-0/0/9 {
unit 0 {
family inet {
address 172.16.10.1/24;
}
}
}
}

security {
policies {
default-policy {
permit-all;
}
}
zones {
functional-zone management {
interfaces {
ge-0/0/0.0;
}
host-inbound-traffic {
system-services {
ssh;
telnet;
ping;
traceroute;
http;
snmp;
}
}
}
security-zone Trust {
host-inbound-traffic {
system-services {
any-service;
}

}
interfaces {
ge-0/0/9.0;
}
}
security-zone Untrust {
host-inbound-traffic {
system-services {
any-service;
}
}
interfaces {
ge-0/0/8.0;
}
}
}
}
—————-{hold:node1}
user@host2> show chassis cluster status
Cluster ID. 1
Node Priority Status Preempt Manual failover
Redundancy group: 0 , Failover count: 0
node0 0 lost n/a n/a

node1 1 hold no no
{hold:node1}
user@host2> show configuration | no-more
system {
host-name host2;
root-authentication {
encrypted-password “$1$KI99zGk6$MbYFuBbpLffu9tn2.sI7l1”; ## SECRET-DATA
}
name-server {
172.16.10.100;
}
services {
ssh;
telnet;
web-management {
http;
}
}
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}

file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.210.14.132/26;
}
}
}
ge-0/0/8 {
unit 0 {
family inet {
address 172.16.1.1/24;
}
}
}
ge-0/0/9 {
unit 0 {
family inet {
address 172.16.10.1/24;
}
}
}

}
security {
policies {
default-policy {
permit-all;
}
}
zones {
functional-zone management {
interfaces {
ge-0/0/0.0;
}
host-inbound-traffic {
system-services {
ssh;
telnet;
ping;
traceroute;
http;
snmp;
}
}
}
security-zone Trust {
host-inbound-traffic {
system-services {
any-service;

}
}
interfaces {
ge-0/0/9.0;
}
}
security-zone Untrust {
host-inbound-traffic {
system-services {
any-service;
}
}
interfaces {
ge-0/0/8.0;
}
}
}
}
— Exhibit –Click the Exhibit button.
A user attempted to form a chassis cluster on an SRX240; however, the cluster did not form. While
investigating the problem, you see the output shown in the exhibit.
What is causing the problem?

— Exhibit –

— Exhibit —

Click the Exhibit button.
There is an existing chassis cluster connected to the corporate network 192.168.1.0/24. You are
asked to connect another department to this VLAN. To achieve this, you add a new chassis cluster
to the network. After connecting to the network, the cluster experiences traffic problems. You have
verified that the addresses and VLAN IDs are configured correctly.
Referring to the exhibit, which configuration would resolve this problem?

— Exhibit –{primary:node0}
user@host> show configuration chassis | display inheritance
cluster {
redundancy-group 1 {
node 0 priority 200;
node 1 priority 100;
interface-monitor {
ge-0/0/12 weight 255;
ge-5/0/12 weight 255;
}
}
}
— Exhibit –Click the Exhibit button.
A customer reports that their SRX failover is not working as expected. They expected node1 to
become the primary node for the control plane when interface ge-0/0/12 failed. However, when ge-0/0/12 failed, node0 remained the primary node. They send you the output shown in the exhibit.

What is causing this problem?