Juniper Networks Certified Associate Junos Exam JN0-102: Firewall Filter Processing Example

A

The firewall filter shown in the exhibit has three terms which are evaluated sequentially. Each term contains matching conditions and an action. The Telnet session initiated from host 10.1.1.1 will be processed by this firewall filter as follows:

Term 1: The first term matches on source address 10.0.0.0/8, but it only logs the packet and does not take any further action. Therefore, this term does not affect the Telnet session initiated from host 10.1.1.1.

Term 2: The second term matches on the TCP protocol and Telnet port, and then takes the following actions:

1. syslog - generates a syslog message about the packet
2. reject - discards the packet and sends a TCP RST (reset) message to the source IP address.

Since the Telnet session initiated from host 10.1.1.1 matches the conditions of term 2, the packet will be discarded, and a syslog message will be generated. Therefore, the correct answer is B. The packet will be discarded and logged.

Term 3: The third term matches on source address 10.1.1.1/32, TCP protocol, and Telnet port. It takes the following actions:

1. sample - captures a sample of the packet for analysis purposes
2. accept - allows the packet to continue processing through the firewall.

Since the Telnet session initiated from host 10.1.1.1 matches the conditions of term 3, the packet will be accepted, and a sample will be captured. However, this term will not affect the Telnet session since term 2 matches first and discards the packet.

In summary, the firewall filter will discard the Telnet session initiated from host 10.1.1.1 and generate a syslog message, making option B the correct answer.