JNCIA-SEC: Juniper Networks Certified Associate – Security — Question 17

What is the behavior of an SRX Series device when UDP and TCP traffic is rejected by a security policy action? (Choose two.)

Answer options

• A. The reject action drops UDP packets and sends an ICMP message to the source.
• B. The reject action drops TCP packets and sends an RST message to the source.
• C. The reject action drops TCP packets and sends an ICMP message to the source.
• D. The reject action drops UDP packets and does not send any message to the source.

Correct answer: A, B

Explanation

Answer A is correct because when UDP packets are rejected, the SRX device sends an ICMP message to inform the sender. Answer B is also correct as TCP packets are rejected with a RST message sent to the source. Options C and D are incorrect because they incorrectly describe the behavior for TCP and UDP packets respectively.