JNCIS-ENT: Juniper Networks Certified Specialist – Enterprise Routing and Switching (2021) — Question 98

You are currently using a third-party threat analyzer. You want your SRX Series device to send decrypted SSL traffic to this analyzer.

In this scenario, which feature should you configure on the SRX device?

Answer options

• A. Phase 2 proxy ID
• B. SSL decryption mirroring
• C. JSA vulnerability assessment
• D. IPS IP-notify action

Correct answer: B

Explanation

The correct answer is B, SSL decryption mirroring, as it allows the SRX device to send decrypted SSL traffic to a third-party analyzer. The other options do not pertain to SSL decryption or traffic mirroring; they serve different purposes such as proxy ID configurations, vulnerability assessments, and IPS actions.