You are asked to change the configuration of your company’s SRX device so that you can block nested traffic
from certain Web sites, but the main pages of these Web sites must remain available to users. Which two
methods will accomplish this goal? (Choose two.)
A.
Enable the HTTP ALG.
B.
Implement a firewall filter for Web traffic.
C.
Use an IDP policy to inspect the Web traffic.
D.
Configure an application firewall rule set.
Explanation:
An application layer gateway (ALG) is a feature on ScreenOS gateways that enables the gateway to
parse application layer payloads and take decisions on them. ALGs are typically employed to support
applications that use the application layer payload to communicate the dynamic Transmission Control Protocol
(TCP) or User Datagram Protocol (UDP) ports on which the applications open data connections (http://
kb.juniper.net/InfoCenter/index?page=content&id=KB13530)
IDP policy defines the rule for defining the type of traffic permitted on network (http://www.juniper.net/techpubs/
software/junos-security/junos-security95/junos-security-swconfig- security/enable-idp-security-policysection.html)