Which two statements are true in this scenario?

You are asked to configure your SRX Series device to support IDP SSL inspections for up
to 6,000 concurrent HTTP sessions to a server within your network. Which two statements
are true in this scenario? (Choose two.)

A.
You must add at least one PKI certificate.

B.
Junos does not support more than 5000 sessions in this scenario.

C.
You must enable SSL decoding.

D.
You must enable SSL inspection.

Show Hint

← Previous question

Next question →

Leave a Reply 6

ac89live

Not true !
answer must be A & D !!
https://kb.juniper.net/InfoCenter/index?page=content&id=KB24803

jesus

PKI is public key not private key.

kees

A and D:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB24803&actp=search

Jeet

It’s C & D. Option in A is PKI (Public). And we need a private key.

traffikator

AD! decoding enabled by default and 10000 sessions per SPU (max 100000) > 5000

infojami

Answer is A and D.

A. Add the PKI key file; in this case this is the private key.
SRX>request security idp ssl-inspection key add test-key file /var/tmp/private.pem server 10.10.10.1 password test-case

D. Enable SSL Inspection on the IDP Sensor.
SRX#set security idp sensor-configuration ssl-inspection sessions 10000

SSL inspection decrypt SSL encrypted traffic by default. This feature is not supported on branch srx devices.

Reference:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB24803&actp=search