JNCIS-ENT: Juniper Networks Certified Specialist – Enterprise Routing and Switching (2021) — Question 92

Which sequence does an SRX Series device use when implementing stateful session security policies using Layer 3 routes?

Answer options

• A. An SRX Series device will perform a security policy search before conducting a longest-match Layer 3 route table lookup.
• B. An SRX Series device performs a security policy search before implementing an ALG security check on the longest-match Layer 3 route.
• C. An SRX Series device will conduct a longest-match Layer 3 route table lookup before performing a security policy search.
• D. An SRX Series device conducts an ALG security check on the longest-match route before performing a security policy search.

Correct answer: C

Explanation

The correct answer, C, is right because an SRX Series device first looks up the longest-match Layer 3 route before checking the security policy. Options A and B incorrectly state that the security policy search occurs first. Option D also misplaces the order by suggesting an ALG check happens before the security policy search, which is not accurate.