QUESTION: 1

Which two criteria should a zone-based security policy include? (Choose two.)

a source port
a destination port
zone context
an action

Answer(s): A,B

Explanation:

A security policy is a set of statements that controls traffic from a specified source to a specified destination using a specified service. A policy permits, denies, or tunnels specified types of traffic unidirectionally between two points.

Each policy consists of:

A unique name for the policy.
A from-zone and a to-zone, for example: user@host# set security policies from-zone untrust to-zone untrust
A set of match criteria defining the conditions that must be satisfied to apply the policy rule. The match criteria are based on a source IP address, destination IP address, and applications. The user identity firewall provides greater granularity by including an additional tuple, source-identity, as part of the policy statement.
A set of actions to be performed in case of a match--permit, deny, or reject.

Accounting and auditing elements--counting, logging, or structured system logging.

https://www.juniper.net/documentation/us/en/software/junos/security-policies/topics/topic- map/security-policy-configuration.html

Reveal Solution Next Question

QUESTION: 2

You are assigned a project to configure SRX Series devices to allow connections to your webservers. The webservers have a private IP address, and the packets must use NAT to be accessible from the

Internet. You do not want the webservers to initiate connections with external update servers on the Internet using the same IP address as customers use to access them.
Which two NAT types must be used to complete this project? (Choose two.)

static NAT
hairpin NAT
destination NAT
source NAT

Answer(s): C,D

Reveal Solution Next Question

QUESTION: 3

You are asked to verify that a license for AppSecure is installed on an SRX Series device. In this scenario, which command will provide you with the required information?