You are using the AppDoS feature to control against malicious bot client attacks. The bot
clients are using file downloads to attack your server farm. You have configured a context
value rate of 10,000 hits in 60 seconds. At which threshold will the bot clients no longer be
classified as malicious?
A.
9999 hits in 60 seconds
B.
7500 hits in 60 seconds
C.
5000 hits in 60 seconds
D.
8000 hits in 60 seconds
9999
Answer correct is D
can you explain?
the question is about the botnet already specified as malicious and they want to know, when again he wont be considered malicious again…
then it depends on specified IDP action and/or IP-action. isn’t it?
correct is D
http://www.juniper.net/techpubs/software/junos-security/junos-security10.0/junos-securityswconfig-
security/appddos-protection-overview.html
“IDP also uses hysteresis for state transitions to avoid thrashing between the states. A default of 20% lower limit will be used from the configured connection and context thresholds for falling behind in state. For example. if you configure a context value-hit-rate-threshold of 10,000, IDP transitions from protocol analysis to bot client classification after 10000 hits in 60 seconds for identical context values, and falls behind in state only when such hits are smaller than 8000 in 60 seconds.”
Smaller, so B and C seem to be correct.
dude, questions asks for THRESHOLD value
D
Passed JN0-633 exam recently!
65 multiple choice questions, a little difficult to pass.
Pay close attention to questions on AppQoS, Routing (OSPF, BGP) in VPN (group, auto and hub-and-spoke), AppSecure, troubleshoot of IPSec, etc.
I learned valid JN0-633 dumps here:
http://www.passleader.com/jn0-633.html (209Q VCE and PDF)
Recommend to you!
P.S.
You can download that 209Q dumps for free, here:
https://doc.co/Tek7cT
Good Luck!