Juniper Exam JN0-335 Topic 4 Question 49 Discussion

Actual exam question for Juniper's JN0-335 exam

Question #: 49
Topic #: 4

Which two statements are correct about security policy changes when using the policy rematch feature? (Choose two.)

AWhen a policy change includes changing the policy's action from permit to deny, all existing sessions are maintained

BWhen a policy change includes changing the policy's source or destination address match condition, all existing sessions are dropped.

CWhen a policy change includes changing the policy's action from permit to deny, all existing sessions are dropped.

DWhen a policy change includes changing the policy's source or destination address match condition, all existing sessions are reevaluated.

Show Suggested Answer

Suggested Answer: C, D

policy rematch is a feature that enables the device to reevaluate an active session when its associated security policy is modified. The session remains open if it still matches the policy that allowed the session initially.The session is closed if its associated policy is renamed, deactivated, or deleted1.

by Sabra at Apr 07, 2025, 12:50 AM

Limited Time Offer

25%

Off

Get Premium JN0-335 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Solange

24 hours ago

I agree with Shaun on this one. The policy rematch feature is meant to ensure the network is secured, so it makes sense that changes to the policy would impact existing sessions. B and D sound like the logical choices.

upvoted 0 times

...

Shaun

5 days ago

Hmm, I think B and D are the correct answers here. When you change the policy's source or destination address, it makes sense that all existing sessions would be dropped. And if you change the action from permit to deny, I'd expect the sessions to be reevaluated.

upvoted 0 times

...

Graciela

14 days ago

I think the correct statements are A and D.

upvoted 0 times

...