nerdexam
Juniper

JN0-634 · Question #51

JN0-634 Question #51: Real Exam Question with Answer & Explanation

The correct answer is B. Existing sessions are no longer processed by IPS and become firewall sessions.. IPS with Chassis Clustering Limitations: IPS is supported in both active/passive and active/active chassis cluster modes on SRX Series devices with the following limitations: No inspection is performed on sessions that fail over or fail back. Only new sessions after a failover ar

Question

Your network includes SRX Series devices at the headquarters location. The SRX Series devices at this location are part of a high availability chassis cluster and are configured for IPS. There has been a node failover. In this scenario, which statement is true?

Options

  • AExisting sessions continue to be processed by IPS because of table synchronization.
  • BExisting sessions are no longer processed by IPS and become firewall sessions.
  • CExisting session continue to be processed by IPS as long as GRES is configured.
  • DExisting sessions are dropped and must be reestablished so IPS processing can occur.

Explanation

IPS with Chassis Clustering Limitations: IPS is supported in both active/passive and active/active chassis cluster modes on SRX Series devices with the following limitations: No inspection is performed on sessions that fail over or fail back. Only new sessions after a failover are inspected by IPS, and older sessions become firewall session

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full JN0-634 Practice