The screen options you reference do not overlap, as they are designed to protect against two different types of attacks. Let me start with the syn-ack-ack proxy.
This is designed to protect a server from having its resources exhausted. Lets say an authentication user initiates a telnet connection to a server protected by the SRX, the user sends a SYN segment to the telnet server. The SRX intercepts(proxy between the user and the server) the SYN segment, creates an entry in its session table, and proxies a SYN-ACK segment to the user. The user then replies with an ACK segment. At this point, the initial three-way handshake is complete. The SRX then sends a login prompt to the user. A legit user will log in, however the attacker with malicious intent, does not log in, but instead continues initiating SYN-ACK-ACK sessions, the firewall session table can fill up to the point where the device begins rejecting legitimate connection requests. To prevent such an attack, you can enable the SYN-ACK-ACK PROXY Screen option. After the number of connections from the same IP address reaches the SYN-ACK-ACK proxy threshold, the SRX rejects further connection requests from that IP address. By default, the threshold is 512 connections from any single IP address. So a session is never established betweem the user and the server and the SRX holds the connection so only valid sessions can be established.
SYN, SYN-ACK, ACK are three messages transmitted by TCP to negotiate and establish parameters to start a TCP session between two netwoek devices.
Limiting sessions screen option allows the session to established and you then define the maximum number of sessions either from the same source IP address, or to the same destination IP address. Now that the communication is passing through the SRX, it will keep a track of the sessions in the session table and count them based on src/dst address option that you define.
If all the connection attempts originate from the same source IP address e.g Nimda, a source-based session limit would be a great option to protect against this type of attack.
Limit the number of concurrent sessions to the same destination IP address useful for DDoS attacks where the source of the attack can be from multiple source IP addresses e.g. botnets where an attacker in control of hundreds of thousands of compromised computers can launch an attack on a server/router/firewall. The SRX allows only an acceptable number of concurrent connection requests—no matter what the source IP address is.