In my experience C and D are correct. You need to re-evauate the existing sessions in case you adjust policies and to drop sessions when you change the action from Allow to Drop. please comment.
The correct answer is B & C.
Here's why:
B. When a policy change includes changing the policy's source or destination address match condition, all existing sessions are dropped.
Correct – Changing the source or destination address affects how traffic is matched, so all existing sessions are dropped because they may no longer match the modified policy.
C. When a policy change includes changing the policy's action from permit to deny, all existing sessions are dropped.
Correct – If a policy action is changed from permit to deny, the existing sessions are immediately dropped because they are no longer allowed under the new rule.
Why D is incorrect:
D states that sessions are "reevaluated" when source or destination addresses are changed.
However, in most firewalls with a policy rematch feature, such changes result in sessions being dropped, not just reevaluated. The system does not keep the session and just check it again—it removes it because the session may no longer be valid.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.JN0-335 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ardi
1 week, 4 days agogreeklover84
2 months agoNikhil541993
4 months, 1 week ago