Which configuration would accomplish your objective?

You are attempting to configure source IP enforcement from the TRUST zone to the DATABASE
zone on an SRX Series device. You would like to create a policy allowing the administrators to
reach the database servers.
Which configuration would accomplish your objective?

You are attempting to configure source IP enforcement from the TRUST zone to the DATABASE
zone on an SRX Series device. You would like to create a policy allowing the administrators to
reach the database servers.
Which configuration would accomplish your objective?

A.
security {
policies {
from-zone TRUST to-zone DATABASE {
policy admins {
match {
source-address any;
destination-address any;
application any;
}
then {
permit {
application-services;
}
}
}
}
}
}

B.
security {
policies {
from-zone TRUST to-zone DATABASE {
policy admins {
then {
permit {
application-services {
uac-policy;
}
}
}
}
}
}
}

C.
security {
policies {
from-zone TRUST to-zone DATABASE {
policy admins {
match {
source-address any;
destination-address any;
application any;
}
then {
permit {
application-services {
uac-policy;
}
}
}
}
}
}
}

D.
security {
policies {
from-zone TRUST to-zone DATABASE {
policy admins {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
}

Explanation:



Leave a Reply 0

Your email address will not be published. Required fields are marked *