JNCIP-SEC: Juniper Networks Certified Professional – Security (2021) — Question 12

Your network includes SRX Series devices at the headquarters location. The SRX Series devices at this location are part of a high available chassis cluster and are configured for IPS. There has been a node failover.
In this scenario, which two statements are true? (Choose two.)

Answer options

• A. The IP action table is synchronized between the chassis cluster nodes.
• B. Cached SSL session ID information for existing sessions is not synchronized between nodes.
• C. The IP action table is not synchronized between the chassis cluster nodes.
• D. Cached SSL session ID information for existing session is synchronized between nodes.

Correct answer: C, D

Explanation

The correct answers are C and D. The IP action table is not synchronized between the chassis cluster nodes, meaning each node maintains its own version. However, cached SSL session ID information for existing sessions is synchronized, allowing seamless continuation of active sessions during failover.