[Free] Download New Latest (November) Juniper JN0-400 Actual Tests Topic 1 part 01

Ensurepass

QUESTION 61  (Topic 1)

 

You want Enterprise Security Profiler (ESP) to generate a message when a new host is detected on a network. Which two steps must you perform? (Choose two.)

 

A.

Start or restart the profiler process.

B.

Configure ESP to enable alerts for new host detected.

C.

Configure ESP to enable application profiling, and select the contexts to profile.

D.

Under the Violation Viewer tab, create a permitted object, select that object, and then click Apply.

 

Answer: AB

 

 

QUESTION 62  (Topic 1)

 

What is the function of Terminate Match?

 

A.

terminates the connection if a rule is matched

B.

terminates all connections from a source if the rule is matched

C.

makes a rule terminal when the source IP, destination IP, and service match

D.

makes a rule terminal when the source IP, destination IP, service, and attack object match

 

Answer: C

 

 

 

QUESTION 63  (Topic 1)

 

Which interface does IDP use to communicate with Security Manager?

 

A.

eth0

B.

eth1

C.

HA port

D.

console port

 

Answer: A

 

 

QUESTION 64  (Topic 1)

 

What is “a deviation from a protocol’s expected behavior or packet format”?

 

A.

context

B.

attack signature

C.

protocol anomaly

D.

compound attack object

 

Answer: C

 

 

QUESTION 65  (Topic 1)

 

In the Enterprise Security Profiler, what would you define under Permitted Objects?

 

A.

Define valid, permitted activity on the network.

B.

Define traffic that violates your security policy.

C.

Define any attacks that violate your security policy.

D.

Define violations of permitted activity on the network.

 

Answer: A

 

 

QUESTION 66  (Topic 1)

 

Which statement about the Enterprise Security Profiler (ESP) is true?

 

 

 

 

 

A.

The ESP is started by default in IDP version 4.0 or newer.

B.

The ESP must be configured and started using the IDP sensor CLI before it is used.

C.

The administrator must manually initiate Security Manager to sensor polling to retrieve ESP data.

D.

The ESP must be configured and started on each IDP sensor manually, using the Security Manager GUI.

 

Answer: D

 

 

QUESTION 67  (Topic 1)

 

You want Enterprise Security Profiler (ESP) to capture layer 7 data of packets traversing the network. Which two steps must you perform? (Choose two.)

 

A.

Start or restart the profiler process.

B.

Create a filter in the ESP to show only tracked hosts.

C.

Configure ESP to enable application profiling, and select the contexts to profile.

D.

Under the Violation Viewer tab, create a permitted object, select that object, and then click Apply.

 

Answer: AC

 

 

QUESTION 68  (Topic 1)

 

Which TCP port is used for communication between Security Manager and an IDP sensor?

 

A.

443

B.

7800

C.

7801

D.

7803

 

Answer: D

 

 

QUESTION 69  (Topic 1)

 

Which statement is true about packet capture in the IDP sensor?

 

A.

You can only log packets after an attack packet.

B.

Packet capture records all packets flowing through the sensor.

 

 

 

 

C.

You can configure a particular number of packets to capture before and after an attack.

D.

The Log Viewer has no indication of whether a log message has associated packet captures.

 

Answer: C

 

 

QUESTION 70  (Topic 1)

 

Which two statements describe action versus IP action? (Choose two.)

 

A.

Action responds to matching traffic by dropping or closing current attacking packets or connection.

B.

IP action responds to matching traffic by dropping or closing current attack packets or connection.

C.

Action responds to future traffic based on a previous match by blocking or dropping future connections.

D.

IP Action responds to future traffic based on a previous match by blocking or dropping future connections.

 

Answer: AD

 

Free VCE & PDF File for Juniper JN0-400 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-400 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.