Default assignment:All logical interfaces are placed in thenull zone by defaultuntil explicitly assigned to a user-defined security zone (Option A is correct).
Removal from null zone:Once an interface is assigned to a security zone, it is removed from the null zone (Option D is correct).
No traffic acceptance:The null zone is a discard zone; it cannot be configured to accept any traffic (Option C is incorrect).
Policy behavior:Traffic rejected by a security policy is dropped according to the policy action. It is not forwarded to the null zone for logging (Option B is incorrect).
Correct Statements:A and D
[Reference:Juniper Networks –Security Zones and the Null Zone, Junos OS Security Fundamentals., , ]
Submit