PrepAway - Latest Free Exam Questions & Answers

What is causing this behavior?

Your SRX Series device has the following configuration:
user@host> show security policies

Policy: my-policy, State: enabled, Index: 5, Sequence number: 1
Source addresses: any

Destination addresses: any
Applications: snmp
Action: reject
From zone: trust, To zone: untrust

When traffic matches my-policy, you want the device to silently drop the traffic; however, you
notice that the device is replying with ICMP unreachable messages instead.
What is causing this behavior?

PrepAway - Latest Free Exam Questions & Answers

A.
the snmp application

B.
the reject action

C.
the trust zone

D.
the untrust zone

Explanation:

7 Comments on “What is causing this behavior?

  1. James Malen says:

    New JN0-696 Exam Questions and Answers Updated Recently (28/Apr/2016):

    NEW QUESTION 41
    Click the Exhibit button. You are implementing a high availability chassis cluster on an SRX Series device. You would like to manage both devices through the J-Web utility. However, when you try to log in to the second device using SSL HTTP, you receive a message from your Web browser indicating that the message has timed out.
    IMAGE URL: examgod.com/plimages/d2ef7e726601_E9DD/411_thumb.jpg
    Why you are receiving this message?

    A. There is a firewall policy blocking traffic to the control plane.
    B. HTTP is not configured as host inbound traffic.
    C. The incoming traffic is not being allowed on the correct port.
    D. The rdp daemon is on standby on the secondary device.

    Answer: A

    NEW QUESTION 42
    A customer downloaded and installed the IDP policy template. After copying the recommended templates and creating the needed policy, the customer deleted the templates. After the commit, the templates return. Which command will prevent the templates from appearing again?

    A. user@srx# deactivate security idp active-policy Recommended
    B. user@srx# delete security idp idp-policy Recommended
    C. user@srx# set security idp security-package automatic
    D. user@srx# deactivate system scripts commit file templates.xsl

    Answer: D
    Explanation:
    Delete or deactivate the commit script file. By deleting the commit script file, you avoid the risk of overwriting modifications to the template when you commit the configuration. Run one of the following commands:
    user@host# delete system scripts commit file templates.xsl
    user@host# deactivate system scripts commit file templates.xsl
    juniper.net/documentation/en_US/junos12.1×47/topics/task/configuration/idp-predefined-policytemplate-downloading-and-using-cli.html

    NEW QUESTION 43
    You have an SRX branch device with two ISP connections. During analysis of the traffic, you notice that traffic from internal users to ISP 1 are replied to by ISP 2. Which two configurations will correct the asymmetric problem? (Choose two.)

    A. Create a security policy to allow traffic through ISP 1 only.
    B. Create routing instances that include routes to ISP 1 and ISP 2.
    C. Configure filter-based forwarding to provide load balancing.
    D. Create an interface-specific firewall filter to forward the traffic to ISP 1.

    Answer: AB

    NEW QUESTION 44
    You are asked to update the IDP signature database. After you issue the request security IDP security-package download command, you need to monitor the process. Which command would you use to accomplish this task?

    A. request security idp security-package download status
    B. request security idp security-package download full-update
    C. request security idp security-package install
    D. request security idp security-package install status

    Answer: A
    Explanation:
    Use the following command: root# run request security idp security-package download status
    kb.juniper.net/InfoCenter/index?page=content&id=KB28004&actp=search

    NEW QUESTION 45
    You are requested to verify that the UTM service is running on the SRX Series device. Which command will accomplish this task?

    A. show security utm status
    B. run show security utm web-filtering statistics
    C. run show security utm status
    D. show security utm session

    Answer: A
    Explanation:
    To verify the UTM service status, from operational mode, enter the show security utm status command.
    juniper.net/documentation/en_US/junos12.1×47/topics/example/security-utm-enhanced-webfiltering-site-reputation-action-configuring.html

    NEW QUESTION 46
    Click the Exhibit button. You are reviewing the status of a high-end SRX Series chassis cluster and notice that some interfaces have error messages.
    IMAGE URL: examgod.com/plimages/d2ef7e726601_E9DD/461_thumb.jpg
    Referring to the exhibit, which two steps would you use to troubleshoot the problem? (Choose two.)

    A. Verify the security policies for incoming traffic.
    B. Verify if there are Layer 1 or Layer 2 issues between the node devices.
    C. Recognize the control link port to a different Services Processing Card (SPC), move the cable, and rebootboth nodes.
    D. Reconfigure the firewall filters to allow traffic.

    Answer: BC
    Explanation:
    B: If the Control Link is SFP-type port, change the transceiver on both ends. Ensure that the transceivers are same type (LX, SX, etc.) and that they are Juniper-branded parts.
    C: Change the cable that you are using for control link. Is the interface link light GREEN now?
    Yes – Previous link cable was faulty. Recommend to now reboot both the nodes simultaneously.
    kb.juniper.net/InfoCenter/index?page=content&id=kb20698&actp=search

    NEW QUESTION 47
    ……

    P.S. These New JN0-696 Exam Questions Were Just Updated From The Real JN0-696 Exam, You Can Get The Newest JN0-696 Dumps In PDF And VCE From — http://bitly.com/jn0-696-exam-dumps (75q)

    Good Luck !!!




    0



    0

Leave a Reply