[Free] Download New Latest (November) Juniper JN0-400 Actual Tests Topic 1 part 04

Ensurepass

QUESTION 91  (Topic 1)

 

When you have two IDP sensors in a cluster, and the sensors are using external HA, which three devices will be performing the failure detection and failover execution? (Choose three.)

 

A.

IDP sensors

B.

load balancers

C.

routers running a redundancy protocol

D.

firewalls running a redundancy protocol

E.

bypass units connected to the sensors

 

Answer: BCD

 

 

QUESTION 92  (Topic 1)

 

Which account do you use to login when connecting to a sensor using SSL?

 

A.

root

B.

super

C.

admin

D.

netscreen

 

Answer: A

 

 

 

QUESTION 93  (Topic 1)

 

Which three actions should be taken on a rule in the IDP rule base when the sensor is in transparent mode? (Choose three.)

 

A.

Drop stream.

B.

Drop packet.

C.

Drop connection.

D.

Close client and server.

 

Answer:
BCD

 

 

QUESTION 94  (Topic 1)

 

When creating a new signature-based attack object, which four components must be specified? (Choose four.)

 

A.

context

B.

time binding

C.

attack pattern

D.

target platform

E.

service binding

F.

IP header values

 

Answer: ACDE

 

 

QUESTION 95  (Topic 1)

 

Given the following steps:

 

A.

Attach the sensor to the management network.

B.

Place the sensor inline in network.

C.

Create and install a policy on the sensor.

D.

Establish communication between Security Manager and the IDP sensor.

E.

Configure the sensor deployment mode and management interface IP.

F.

Test connectivity through the sensor.

 

 

 

 

 

Which order is correct when initially deploying a sensor in a network?

 

 

A.a, e, d, c, f, b

 

B.e, a, d, b, f, c

 

C.e, a, d, c, b, f

 

D.b, f, e, a, d, c

 

Answer: B

 

 

QUESTION 96  (Topic 1)

 

What is “a signature or protocol anomaly combined with context information”?

 

A.

context

B.

attack object

C.

attack signature

D.

protocol anomaly

 

Answer: B

 

 

QUESTION 97  (Topic 1)

 

If an IDP sensor finds that a packet matchesa particular IDP rule, and then finds a matching exempt rule, what does the sensor do?

 

A.

Does not create a log entry, does not perform the action in the matching rule, and then examines the next IDP rule in the list.

B.

Creates a log entry for the matching rule, performs the action in the IDP rule, and then examines the next IDP rule in the list.

C.

Creates a log entry for the matching rule, does not perform the action in the IDP rule, and then examines the next IDP rule in the list.

D.

Does not create a log entry or perform the action in the matching rule, and then stops examining the remainder of the IDP rules for that particular packe
t.

 

Answer: A

 

 

QUESTION 98  (Topic 1)

 

Within the SYN protector rule base, what is the function of relay action?

 

 

 

 

 

A.

It will not monitor incoming SYN requests.

B.

It will relay all SYN connections to a fake IP.

C.

It will monitor new connections to a protected server, but not prevent them.

D.

It will create a session with the server only if the client completes the three-step TCP handshake with the sensor.

 

Answer: D

 

 

QUESTION 99  (Topic 1)

 

What is one use of an IP action?

 

A.

It modifies the IP header to prevent the attack.

B.

It modifies the IP header to redirect the attack.

C.

It permits or denies the traffic, based on the IP header.

D.

It blocks subsequent connections from specific IP addresses.

 

Answer: D

 

 

QUESTION 100  (Topic 1)

 

Which sensor command will unload the current policy?

 

A.

sctop “u” option

B.

scio policy unload

C.

scio policy unload s0

D.

scio agentconfig policy unload

 

Answer: C

 

Free VCE & PDF File for Juniper JN0-400 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-400 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.