[Free] Download New Latest (November) Juniper JN0-400 Actual Tests Topic 1 part 02

Ensurepass

QUESTION 71  (Topic 1)

 

Which two statements are true as they relate to a sniffer mode IDP sensor deployment? (Choose two.)

 

A.

An IP address must be assigned to the sniffer interface.

B.

It does not affect the performance or availability of the network.

C.

It provides passive monitoring only with limited attack prevention.

D.

IDP sensor cannot be managed by Security Manager in sniffer mode.IDP sensor cannot be managed by Security Manager in sniffer mode.

 

Answer: BC

 

 

QUESTION 72  (Topic 1)

 

Assume that Enterprise Security Profiler (ESP) has already captured data for your network. You want to view traffic that does not match the following protocols: HTTP, HTTPS, DNS.

Which steps must you perform?

 

 

 

 

 

A.

Under the Violation Viewer tab, create a filter to show only tracked hosts.

B.

Under the Violation Viewer tab, create a violation object, select that object, and then click Apply.

C.

Under the Violation Viewer tab, create a permitted object, select that object, and then click Apply.

D.

Under the Application View tab, create a permitted object, select that object, and then click Apply.

 

Answer: C

 

 

QUESTION 73  (Topic 1)

 

Which three actions must be taken prior to deploying an IDP sensor (in transparent mode) in a network?

 

A.

Configure the sensor mode.

B.

Assign an IP to all forwarding interfaces.

C.

Assign an IP to the management interface IP.

D.

Establish communication between Security manager and the sensor.

 

Answer: ACD

 

 

QUESTION 74  (Topic 1)

 

Click the Exhibit button.

 

In the exhibit, which SYN protector mode is the IDP using?

 

clip_image002

 

A.

relay

B.

passive

 

 

 

 

C.

protective

D.

handshake

 

Answer: B

 

 

QUESTION 75  (Topic 1)

 

Which three columns can be seen in the Application View of the Enterprise Security Profiler? (Choose three.)

 

A.

Service

B.

Context

C.

Access Type

D.

Src OS Name

E.

Src and Dest IPs

 

Answer: BDE

 

 

QUESTION 76  (Topic 1)

 

Which OSI layer(s) of a packet does the IDP sensor examine?

 

A.

layers 2-4

B.

layers 2-7

C.

layers 4-7

D.

layer 7 only

 

Answer: B

 

 

QUESTION 77  (Topic 1)

 

Which two statements are true regarding static and dynamic attack object groups? (Choose two.)

 

A.

The critical attack object group is a static group.

B.

Attack objects in a dynamic group can be added or updated during the attack object database update process.

C.

Dynamic groups require that an administrator manually add new attack objects after an attack database update.

 

 

 

 

D.

You create a dynamic attack object group by specifying particular filters to apply to the attack object database, such as severity, product, and service.

 

Answer: BD

 

 

QUESTION 78  (Topic 1)

 

What is the function of a compound attack object?

 

A.

Combines multiple attacks in a single rule base.

B.

Looks for multiple occurrences of the same attack.

C.

Allows the sensor to perform custom actions based on combinations of attacks.

D.

Combines multiple signature based attack objects, or anomaly-based attack objects, into a single attack object.

 

Answer: D

 

 

QUESTION 79  (Topic 1)

 

Which statement is true about the attack object database update process?

 

A.

The attack object database update can be initiated manually or automatically.

B.

The attack object database update can be automatically scheduled to occur using the Security Manager GUI.

C.

Each sensor updates its own attack object database automatically; however they must be able to access the Juniper site on TCP port 443.

D.

The attack object database update must be manually performed by the administrator, and the administrator must manually install it on each sensor.

 

Answer: A

 

 

QUESTION 80  (Topic 1)

 

Which command on the IDP sensor CLI can be used to display the sensor statistics, which policy is installed, and mode of sensor deployment?

 

A.

sctop “s” option

B.

scio sensor stat

C.

scio list s0 sensor stat

 

 

 

 

D.

sensor statistics can only be displayed from Security Manager GUI

 

Answer: A

 

Free VCE & PDF File for Juniper JN0-400 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-400 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.