Which two commands should you use?

seenagapeFebruary 20, 2014

Refer to the Exhibit.

— Exhibit —
[edit security idp]
user@srx# show | no-more
idp-policy basic {
rulebase-ips {
rule 1 {
match {
from-zone untrust;
source-address any;
to-zone trust;
destination-address any;
application default;
attacks {
custom-attacks data-inject;
}
}
then {
action {
recommended;
}
notification {
log-attacks;

}
}
}
}
}
active-policy basic;
custom-attack data-inject {
recommended-action close;
severity critical;
attack-type {
signature {
context mssql-query;
pattern “SELECT * FROM accounts”;
direction client-to-server;
}
}
}

— Exhibit —
You have configured the custom attack signature shown in the exhibit. This configuration is valid,
but you want to improve the efficiency and performance of your IDP.
Which two commands should you use? (Choose two.)

PrepAway - Latest Free Exam Questions & Answers

A.
set custom attack data-inject recommended-action drop

B.
set custom-attack data-inject attack-type signature protocol-binding tcp

C.
set idp-policy basic rulebase-ips rule 1 match destination-address webserver

D.
set idp-policy basic rulebase-ips rule 1 match application any

Explanation:

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Juniper Exam Questions

Free Juniper Study Guide

Which two commands should you use?

One Comment on “Which two commands should you use?”

Leave a Reply Cancel reply