You are asked to change the configuration of your company’s SRX device so that you can block

nested traffic from certain Web sites, but the main pages of these Web sites must remain available
to users. Which two methods will accomplish this goal? (Choose two.)

A.
Enable the HTTP ALG.

B.
Implement a firewall filter for Web traffic.

C.
Use an IDP policy to inspect the Web traffic.

D.
Configure an application firewall rule set.

Explanation:

Reference: An application layer gateway (ALG) is a feature on ScreenOS gateways that enables
the gateway to parse application layer payloads and take decisions on them.ALGs are typically
employedto support applications that use the application layer payload to communicate the
dynamic Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) ports on which
the applications open data connections
(http://kb.juniper.net/InfoCenter/index?page=content&id=KB13530)
IDP policy defines the rule for defining the type of traffic permittedon
network(http://www.juniper.net/techpubs/software/junos-security/junos-security95/junos-securityswconfig-security/enable-idp-security-policy-section.html)