JNCIS-ENT: Juniper Networks Certified Specialist – Enterprise Routing and Switching (2021) — Question 20

You are deploying a new SRX Series device and you need to log denied traffic.
In this scenario, which two policy parameters are required to accomplish this task? (Choose two.)

Answer options

• A. session-init
• B. session-close
• C. deny
• D. count

Correct answer: A, C

Explanation

The correct parameters for logging denied traffic on an SRX Series device are 'session-init' and 'deny'. 'session-init' is needed to begin tracking the session, while 'deny' specifies that the traffic is to be blocked and logged. 'session-close' and 'count' do not specifically address the logging of denied traffic.