JNCIP-SEC: Juniper Networks Certified Professional – Security (2024) — Question 61
You want to bypass IDP for traffic destined to social media sites using APBR, but it is not working and IDP is dropping the session.
What are two reasons for this problem? (Choose two.)
Answer options
- A. The session did not properly reclassify midstream to the correct APBR rule.
- B. The APBR rule does a match on the first packet.
- C. The application services bypass is not configured on the APBR rule.
- D. IDP disable is not configured on the APBR rule.
Correct answer: C, D
Explanation
The correct answers are C and D because if the application services bypass is not set up on the APBR rule, it won't bypass IDP. Additionally, if IDP disable is not configured, IDP will continue to inspect and potentially drop the traffic, leading to the observed issue.