Somebody has inadvertently configured several security policies with application firewall rule sets
on an SRX device. These security policies are now dropping traffic that should be allowed. You
must find and remove the application firewall rule sets that are associated with these policies.
Which two commands allow you to view these associations? (Choose two.)
A.
show security policies
B.
show services application-identification application-system-cache
C.
show security application-firewall rule-set all
D.
show security policies application-firewall
Explanation:
Reference:http://www.juniper.net/techpubs/en_US/junos12.1/topics/example/application-firewallconfiguring.html
It’s actually A & C here; application-firewall is not a sub-hierarchy of security policies.
0
0
Josh, get an srx and type run show security policies application firewall.
0
0
show security application-firewall rule-set all >> is just for verifing all the application firewall rule sets configured on the device
0
0