An SRX Series device is configured for inline tap mode. What will occur if Drop Packet is
selected?
A.
The SRX Series device drops a matching packet associated with the connection,
preventing traffic for the connection from reaching its destination.
B.
The SRX Series device drops a matching packet before it can reach its destination but
does not close the connection.
C.
The SRX Series device will ignore the action Drop Packet.
D.
The SRX Series device closes the connection and sends an RST packet to both the
client and the server.
C
http://chimera.labs.oreilly.com/books/1234000001633/ch13.html#ips_policy_components
Drop-Packet
Drop-Packet will drop an individual offending packet, but not the rest of the session. Typically, you want to use the Drop-Connection action when malicious activity is detected on a flow, but in some cases, you might just want to prevent a particular activity that might be contained within a session (e.g., a file transfer) without dropping the entire session. Of course, this is highly dependent on the application’s architecture, so when in doubt, either research the application or just use Drop-Connection. Drop-Packet might be useful for attacks that consist of only a single packet (e.g., SQL Slammer), but this isn’t very common. Note that Drop-Packet will not have any impact in inline tap mode, as the original packet (not the copied one to the IPS engine) has already made it through the SRX and will be recorded as action DISMISS in the logs.
Passed JN0-633 exam recently!
65 multiple choice questions, a little difficult to pass.
Pay close attention to questions on AppQoS, Routing (OSPF, BGP) in VPN (group, auto and hub-and-spoke), AppSecure, troubleshoot of IPSec, etc.
I learned valid JN0-633 dumps here:
http://www.passleader.com/jn0-633.html (209Q VCE and PDF)
Recommend to you!
P.S.
You can download that 209Q dumps for free, here:
https://doc.co/Tek7cT
Good Luck!
Do you happen to have the one for JNCIS-SEC Exam (Exam: JN0-332)?
Thank you!
Hi Tomoaki, the link got 156 questions not 209. Is this correct?
Cleared the exam yesterday. Got only 50 to 60 % of questions from this dumps. Other questions were mainly from IPS and NAT side. Good Luck 🙂
For those studying this dump, you had better correct many answers. I used this dump, made some corrections to it, and made a whopping 69 on the exam. Granted I passed as you only need 63 to pass, but to miss about 20 questions….OMG. So out of the 175 questions out here, I’m pretty sure almost 1/3rd of them are wrong. So again, I squeaked by, but for others using this dump, be forewarned….check your answers before studying or you’ll be studying wrong answers.
Correct answer is C as it works in passive mode so IDP module will bypasss the packets..
B
http://www.juniper.net/techpubs/en_US/junos/topics/reference/configuration-statement/security-edit-action.html
Answer is C.
Understanding IDP Inline Tap Mode reference:
In Inline Tap Mode “the action drop packet is ignored”.
https://www.juniper.net/documentation/en_US/junos/topics/concept/idp-inline-tap-mode-understanding.html
Exam Updated!!! Attention!!!
The Juniper JN0-633 exam End of Life (EOL) on July 1, 2017, now the new exam is JN0-634.
The newest JN0-634 dumps are available here FYI:
http://www.juniperbraindumps.com/category/juniper-junos-security-certification/jn0-634-dumps
Best Regards!!!