[Free] Download New Latest (November) Juniper JN0-400 Actual Tests Topic 0 part 04

Ensurepass

QUESTION 31  (Topic 0)

 

Which sensor command can be used to determine if profiler data is being sent to Security Manager?

 

A.

sctop “s” option

B.

scio getsystem

C.

scio agentconfig list

D.

scio agentstats display

 

Answer: D

 

 

QUESTION 32  (Topic 0)

 

When the action “close client” is performed by an IDP sensor on an FTP session, which message will be displayed to the client when using FTP on the command line?

 

A.

packet dropped

B.

connection closed by foreign host

C.

no message is seen, the connection is unresponsive

D.

no message is seen, the connection continues as normal

 

Answer: B

 

 

QUESTION 33  (Topic 0)

 

 

Juniper JN0-541 : Practice Test

Which sensor utility is used to decode the contexts of a sequence of packets?

 

A.

netstat

B.

scio pcap

C.

tcpreplay

D.

scio ccap

 

Answer: D

 

 

QUESTION 34  (Topic 0)

 

Given the following:

 

A.

Identify and eliminate false positives.

B.

Configure other IDP-related rulebases to detect attacks.

C.

Identify and configure responses to real attacks.

D.

Identify machines and protocols to monitor.

 

What is the proper order when fine tuning a policy?

 

 

A.b, d, a, c

 

B.d, a, c, b

 

C.d, c, a, b

 

D.d, a, b, c

 

Answer: B

 

 

QUESTION 35  (Topic 0)

 

Which sctop option will display current TCP flows through the sensor?

 

A.

t

B.

u

C.

k

D.

f

 

Answer: A

Juniper JN0-541 : Practice Test

 

 

QUESTION 36  (Topic 0)

 

Which three actions should be taken on a rule in the IDP rule base when the sensor is in transparent mode? (Choose three.)

 

A.

Drop stream.

B.

Drop packet.

C.

Drop connection.

D.

Close client and server.

 

Answer: BCD

 

 

QUESTION 37  (Topic 0)

 

In order to obtain attack information so that you can create a new attack object definition, you must follow certain steps. Given the following steps, assume you have acquired the attack source code.

 

A.

On target machine, start capturing packets with a protocol analyzer.

B.

On sensor, examine scio ccap output.

C.

Compile attack code on attacker machine.

D.

On sensor, run scio ccap all.

E.

On attacker machine, run attack code against target.

 

What is the correct order for these steps?

 

 

A.e, c, d, b, a

 

B.c, d, a, e, b

 

C.c, e, b, d, a

 

D.c, d, e, a, b

 

Answer: B

 

 

QUESTION 38  (Topic 0)

 

You want Enterprise Security Profiler (ESP) to capture layer 7 data of packets traversing the network. Which two steps must you perform? (Choose two.)

 

 

 

Juniper JN0-541 : Practice Test

 

A.

Start or restart the profiler process.

B.

Create a filter in the ESP to show only tracked hosts.

C.

Configure ESP to enable application profiling, and select the contexts to profile.

D.

Under the Violation Viewer tab, create a permitted object, select that object, and then click Apply.

 

Answer: AC

 

 

QUESTION 39  (Topic 0)

 

What is “the location of an attack pattern protocol stream”?

 

A.

context

B.

attack signature

C.

protocol anomaly

D.

dynamic attack object group

 

Answer: A

 

 

QUESTION 40  (Topic 0)

 

What is the function of a dynamic attack object group?

 

A.

To allow Juniper engineers to specify a particular group of attack objects.

B.

To allow an administrator to group together user-defined attack objects only.

C.

To create a custom grouping of attack objects that will not be modified during an attack object database update.

D.

To create a custom grouping of attack objects which will be automatically updated during an attack database update.

 

Answer: D

 

Free VCE & PDF File for Juniper JN0-400 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-400 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.