On an SRX device, you want to regulate traffic base on network segments. In this scenario, what do you configure to accomplish this task?
A. Screens
B. Zones
C. ALGs
D. NAT
Users on the network are restricted from accessing Facebook, however, a recent examination of the logs
show that users are accessing Facebook.
Referring to the exhibit,
Why is this problem happening?
A. Global rules are honored before zone-based rules.
B. The internet-Access rule has a higher precedence value
C. The internet-Access rule is listed first
D. Zone-based rules are honored before global rules
Which statement is correct about IKE?
A. IKE phase 1 is used to establish the data path
B. IKE phase 1 only support aggressive mode.
C. IKE phase 1 negotiates a secure channel between gateways.
D. IKE phase 1 establishes the tunnel between devices
What are the valid actions for a source NAT rule in J-Web? (choose three.)
A. On
B. Off
C. Pool
D. Source
E. interface
The Sky ATP premium or basic-Threat Feed license is needed fort which two features? (Choose two.)
A. Outbound protection
B. CandC feeds
C. Executable inspection
D. Custom feeds
What is the purpose of the Shadow Policies workspace in J-Web?
A. The Shadow Policies workspace shows unused security policies due to policy overlap.
B. The Shadow Policies workspace shows unused IPS policies due to policy overlap.
C. The Shadow Policies workspace shows used security policies due to policy overlap
D. The Shadow Policies workspace shows used IPS policies due to policy overlap
Which statements about NAT are correct? (Choose two.)
A. When multiple NAT rules have overlapping match conditions, the rule listed first is chosen.
B. Source NAT translates the source port and destination IP address.
C. Source NAT translates the source IP address of packet.
D. When multiple NAT rules have overlapping match conditions, the most specific rule is chosen.
You have configured antispam to allow e-mail from example.com, however the logs you see that [email protected] is blocked Referring to the exhibit.
What are two ways to solve this problem?
A. Verify connectivity with the SBL server.
B. Add [email protected] to the profile antispam address whitelist.
C. Delete [email protected] from the profile antispam address blacklist
D. Delete [email protected] from the profile antispam address whitelist
Which two actions are performed on an incoming packet matching an existing session? (Choose two.)
A. Zone processing
B. Security policy evolution
C. Service ALG processing
D. Screens processing
Which source NAT rule set would be used when a packet matches the conditions in multiple rule sets?.
A. The most specific rule set will be used
B. The least specific rule set will be used
C. The first rule set matched will be used
D. The last rule set matched will be used