You have configured three logical tunnel interfaces in a tenant system on an SRX1500 device.
When committing the configuration, the commit fails.
In this scenario, what would cause this problem?

Click the Exhibit button.
user @host> show bgp summary logical-system LSYS1
Groups : 11 Peers : 10 Down peers: 1
Table Tot. Paths Act Paths Suppressed History Damp State
Pending
inet.0 141 129 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn
State|#Active/Received/Accepted/Damped...
192.168.64.12 65008 11153 11459 0 26 3d
3:10:43 9/10/10/0 0/0/0/0
192.168.72.12 65009 11171 11457 0 26 3d
3:10:39 11/12/12/0 0/0/0/0
192.168.80.12 65010 9480 9729 0 27 3d
3:10:42 11/12/12/0 0/0/0/0
192.168.88.12 65011 11171 11457 0 25 3d
3:10:31 12/13/13/0 0/0/0/0
192.168.96.12 65012 9479 9729 0 26 3d
3:10:34 12/13/13/0 0/0/0/0
192.168.10.12 65013 111689 11460 0 27 3d
3:10:46 9/10/10/0 0/0/0/0
192.168.11.12 65014 111688 11458 0 25 3d
3:10:42 9/10/10/0 0/0/0/0
192.168.12.12 65015 111687 11457 0 25 3d
3:10:38 9/10/10/0 0/0/0/0
192.68.11.12 650168 9478 9729 0 25 3d
3:10:42 9/10/10/0 0/0/0/0
192.168.13.12 65017 111687 11457 0 27 3d
3:10:30 9/10/10/0 0/0/0/0
192.168.16.12 65017 111687 11457 0 27 1w3d2h
Connect
user@host> show interfaces ge-0/0/7.0 extensive
Logical interface ge-0/0/7.0 (Index 76) (SNMP ifIndex 548) (Generation
141)
...
Security: Zone: log
Allowed host-inbound traffic : bootp dns dhcp finger ftp tftp ident-
reset http https ike netconf
ping reverse-telnet reverse-ssh rloqin rpm rsh snmp
snmp-trap ssh telnet traceroute xnm-clear-text xnm-ssl lsping ntp sip
r2cp
Flow Statistics:
Flow Input statistics:
Self packets: 0
ICMP packets: 0
VPN packets: 0
Multicast packets: 0
Bytes permitted by policy: 0
Connections established: 0
Flow Output statistics:
Multicast packets: 0
Bytes permitted by policy: 0
Flow error statistics (Packets dropped due to):
Address spoofing: 0
Authentication failed: 0
Incoming NAT errors: 0
Invalid zone received packet: 0
Multiple user authentications: 0
Multiple incoming NAT: 0
No parent for a gate: 0
No one interested in self pakets: 0
No minor session: 0
No more sessions: 589723
No NAT gate: 0
No route present: 0
No SA for incoming SPI: 0
No tunnel found: 0
No session for a gate: 0
No zone or NULL zone binding 0
Policy denied: 0
Security association not active: 0
TCP sequence number out of window: 0
Syn-attack protection: 0
User authentication errors: 0
Protocol inet, MTU: 1500, Generation: 1685, Route table: 0
Flags: Sendbcast-pkt-to-re
Addresses, F1ags: Is-Preferred Is-Primary
Destination: 10.5.123/24, Local: 10.5.123.3, Broadcast:
10.5.123.255, Generation: 156
Protocol multiservice, MTU: Unlimited, Generation: 1686, Route table: 0 Policer: Input: __default_arp_policer__
...
An SRX Series device has been configured with a logical system LSYS1.
One of the BGP peers is down.
Referring to the exhibit, which statement explains this problem?

Which IDP rule configuration will send an RST to any new session that meets the action criteria?

Click the Exhibit button.

Your company has purchased a competitor and now must connect the new network to the existing one. The competitor's gateway device is receiving its ISP address using DHCP. Communication between the two sites must be secured; however, obtaining a static public IP address for the new site gateway is not an option at this time. The company has several requirements for this solution:
* A site-to-site IPsec VPN must be used to secure traffic between the two sites;
* The IKE identity on the new site gateway device must use the hostname option; and
* Internet traffic from each site should exit through its local Internet connection.
The configuration shown in the exhibit has been applied to the new site's SRX, but the secure tunnel is not working.
In this scenario, what configuration change is needed for the tunnel to come up?

You are connecting two remote sites to your corporate headquarters site; you must ensure that all traffic is secured and only uses a single Phase 2 SA for both sites.
In this scenario, which VPN should be used?