ExamGecko
Search Search Login
Home Home / Juniper / JN0-335
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which two statements are correct about the Junos IPS feature? (Choose two.)
Which solution enables you to create security policies that include user and group information?
Which two sources are used by Juniper Identity Management Service (JIMS) for collecting username and device IP addresses? (Choose two.)
You want to manually failover the primary Routing Engine in an SRX Series high availability cluster pair. Which step is necessary to accomplish this task?
You want to show tabular data for operational mode commands. In this scenario, which logging parameter will provide this function?
Which two devices would you use for DDoS protection with Policy Enforcer? (Choose two.)
What are three capabilities of AppQoS? (Choose three.)
Exhibit You just finished setting up your command-and-control (C&C) category with Juniper ATP Cloud. You notice that all of the feeds have zero objects in them. Which statement is correct in this scenario?
You are asked to implement IPS on your SRX Series device. In this scenario, which two tasks must be completed before a configuration will work? (Choose two.)
Which two features are configurable on Juniper Secure Analytics (JSA) to ensure that alerts are triggered when matching certain criteria? (Choose two.)

Question 77 - JN0-335 discussion

Report
Export

Which sequence does an SRX Series device use when implementing stateful session security policies using Layer 3 routes?

A.
An SRX Series device will perform a security policy search before conducting a longest-match Layer 3 route table lookup.
Answers
A.
An SRX Series device will perform a security policy search before conducting a longest-match Layer 3 route table lookup.
B.
An SRX Series device performs a security policy search before implementing an ALG security check on the longest-match Layer 3 route.
Answers
B.
An SRX Series device performs a security policy search before implementing an ALG security check on the longest-match Layer 3 route.
C.
An SRX Series device will conduct a longest-match Layer 3 route table lookup before performing a security policy search.
Answers
C.
An SRX Series device will conduct a longest-match Layer 3 route table lookup before performing a security policy search.
D.
An SRX Series device conducts an ALG security check on the longest-match route before performing a security policy search.
Answers
D.
An SRX Series device conducts an ALG security check on the longest-match route before performing a security policy search.
Suggested answer: C

Explanation:

The sequence that an SRX Series device uses when implementing stateful session security policies using Layer 3 routes is:

An SRX Series device will conduct a longest-match Layer 3 route table lookup before performing a security policy search: When an SRX Series device receives a packet, it first looks up the destination IP address in the routing table and finds the longest matching route to forward the packet. Then, it performs a security policy search based on the source zone, destination zone, source address, destination address, protocol, and application of the packet. If there is a matching policy that allows the packet, it creates or updates a session entry for the packet and applies any security services configured in the policy.

Show Answer
asked 18/09/2024
DOMINIC FERNANDEZ
40 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms