How would you accomplish this goal?

You want to verify that all application traffic traversing your SRX device uses standard ports.
For example, you need to verify that only DNS traffic runs through port 53, and no other
protocols. How would you accomplish this goal?

You want to verify that all application traffic traversing your SRX device uses standard ports.
For example, you need to verify that only DNS traffic runs through port 53, and no other
protocols. How would you accomplish this goal?

A.
Use an IDP policy to identify the application regardless of the port used.

B.
Use a custom ALG to detect the application regardless of the port used.

C.
Use AppTrack to detect the application regardless of the port used.

D.
Use AppID to detect the application regardless of the port used.

Explanation:

← Previous question

Next question →

Leave a Reply 4

Anderson Carpejane

Correct answear is D (Use AppID to detect the application regardless of the port used).

Reply

Mike

you can’t use AppID independently, so D is not correct.

AppTrack is showing you only statistics of # of created sessions

ALG is out of topic

From the offered options only IDP can detect the violation and block the malicious traffic.

Reply

bhaskar

D

Reply

infojami

Correct answer is “A”.

Application identification is enabled by default and is automatically turned on when you configure Intrusion Detection and Prevention (IDP), AppFW, AppQoS, or AppTrack. Reference: https://www.juniper.net/documentation/en_US/junos12.1×44/topics/concept/services-application-identification-understanding.html

Reply