PrepAway - Latest Free Exam Questions & Answers

Which Junos Screen option would protect against these denial-of-service (DoS) attacks?

While reviewing the logs on your SRX240 device, you notice SYN floods coming from multiple hosts out on the
Internet.
Which Junos Screen option would protect against these denial-of-service (DoS) attacks?

PrepAway - Latest Free Exam Questions & Answers

A.
[edit security screen]
user@host# show
ids-option no-flood {
limit-session {
destination-ip-based 150;
}
}

B.
[edit security screen]
user@host# show
ids-option no-flood {
tcp {
syn-fin;
}
}

C.
[edit security screen]
user@host# show
ids-option no-flood {
limit-session {
source-ip-based 150;
}
}

D.
[edit security screen]
user@host# show
ids-option no-flood {
icmp {
flood threshold 10;
}
}

One Comment on “Which Junos Screen option would protect against these denial-of-service (DoS) attacks?

  1. 3abdontha3if says:

    I think no one is valid:
    to protect from syn-flood we should implement this:
    user@host# show security screen
    ids-option zone-syn-flood {
    tcp {
    syn-flood {
    source-threshold 10000;
    destination-threshold 10000;
    timeout 20;
    }
    }
    }
    May be the question is wrong




    0



    0

Leave a Reply