ExamTopics Logo
Mail Us[email protected]
Menu
Juniper Discussions
exam questions

Exam JN0-696 All Questions

View all questions & answers for the JN0-696 exam
Go to Exam

Exam JN0-696 topic 1 question 65 discussion

Actual exam question from Juniper's JN0-696
Question #: 65
Topic #: 1
[All JN0-696 Questions]

You are deploying AppFW in an SRX Series device and implemented the application signature shown below: junos:FACEBOOK-ACCESS
Traffic is going through the correct policy zone and the license for appid-sig is active. The signature package is current, and the application firewall is applied to the correct zone. However, you can still access FaceBook.
What is the problem?

  • A. An SSL HTTP connection is being used to access https://www.facebook.com.
  • B. You need to add junos:FACEBOOK-ACCESS to a black-list.
  • C. There is no available cache in the browser, therefore it is not hitting the firewall.
  • D. New sessions are bypassing the policy rule.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
AppFW works by creating an application rulebase. This works on a whitelist/blacklist approach. We either allow a few things with a default action of deny or deny a few things with a default action of permit.
References:
http://packetpushers.net/welcome-to-the-dark-side-configuring-juniper-srx-appfw/
by lugiricy at April 4, 2025, 8:45 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel