JNCIP-SEC: Juniper Networks Certified Professional – Security (2024) — Question 29

A user reports that a specific application Is not working properly. This application makes multiple connections to the server and must have the same address every time. Your firewall assigns multiple different source addresses from a pool and this behavior needs to be changed.

What would solve this problem?

Answer options

• A. Use the persistent-nat parameter.
• B. Use STUN.
• C. Use the address-persistent parameter.
• D. Use DNS doctoring.

Correct answer: C

Explanation

The correct answer is C because the address-persistent parameter ensures that the same source address is used for connections, which is essential for the application's functionality. Option A, persistent-nat, does not guarantee the same source address, while B, STUN, is primarily for NAT traversal and does not address this specific issue. Option D, DNS doctoring, is related to modifying DNS responses, which is not relevant to the requirement for consistent source addresses.