[Free] Download New Latest (November) Juniper JN0-541 Actual Tests Topic 0 part 03

Ensurepass

QUESTION 21  (Topic 0)

 

Which two statements are true about the Enterprise Security Profiler (ESP)? (Choose two.)

 

A.

The ESP indicates when a specific machine has been attacked.

B.

The ESP indicates when existing hosts or protocols are being used.

C.

The ESP provides a summary of protocols and contexts on each host.

D.

The ESP indicates which hosts are talking with each other, and which protocols are being used.

 

Answer: CD

 

 

QUESTION 22  (Topic 0)

 

Which three statements are true as they relate to a transparent mode IDP deployment? (Choose three.)

 

A.

Can actively prevent attacks on all traffic.

B.

An IP address must be defined on each forwarding interface.

C.

Can be installed in the network without changing IP addresses or routes.

D.

Uses paired ports, such that packets arriving on one port go out the other associated port.

 

Answer: ACD

 

 

QUESTION 23  (Topic 0)

 

What two statements are true about the attack object database update process? (Choose two.)

 

A.

The administrator is given the choice of which static groups to update.

B.

Attack object database update can be scheduled using the commands guiSvrCli.sh and cron.

C.

Attack object database update can be scheduled using the two commands idpSvrCli.sh

 

 

 

 

and cron.

D.

Attack objects are downloaded from the Juniper web site over TCP port 443 and are stored on Security Manager.< /font>

 

Answer: BD

 

 

QUESTION 24  (Topic 0)

 

Which sensor process handles policy installation?

 

A.

idp

B.

sciod

C.

agent

D.

profiler

E.

idpLogReader

 

Answer: B

 

 

QUESTION 25  (Topic 0)

 

Which three columns can be seen in the Network View of the Enterprise Security Profiler? (Choose three.)

 

A.

Service

B.

Src OS Name

C.

Packet Capture

D.

Src and Dest IPs

E.

Context and Context Data

 

Answer: ABD

 

 

QUESTION 26  (Topic 0)

 

Which two tasks can be performed using the ACM? (Choose two.)

 

A.

Install a policy on the IDP sensor.

B.

Upgrade the firmware on the IDP sensor.

C.

Change the mode in which the sensor is operating.

D.

Change the management IP address for the IDP sensor.

 

 

 

 

 

Answer: CD

 

 

QUESTION 27  (Topic 0)

 

If an IDP sensor finds that a packet matchesa particular IDP rule, and then finds a matching exempt rule, what does the sensor do?

 

A.

Does not create a log entry, does not perform the action in the matching rule, and then examines the next IDP rule in the list.

B.

Creates a log entry for the matching rule, performs the action in the IDP rule, and then examines the next IDP rule in the list.

C.

Creates a log entry for the matching rule, does not perform the action in the IDP rule, and then examines the next IDP rule in the list.

D.

Does not create a log entry or perform the action in the matching rule, and then stops examining the remainder of the IDP rules for that particular packet.

 

Answer: A

 

 

QUESTION 28  (Topic 0)

 

You update your attack object database on Security Manager. What must you do before the new attack objects become active on the IDP sensors?

 

A.

No changes are required.

B.

You must restart the IDP sensor.

C.

You must restart the IDP processes on the IDP sensors.

D.

You install the updated security policy on the IDP sensor.

 

Answer: D

 

 

QUESTION 29  (Topic 0)

 

Which OSI layer(s) of a packet does the IDP sensor examine?

 

A.

layers 2-4

B.

layers 2-7

C.

layers 4-7

D.

layer 7 only

 

 

 

 

 

Answer: B

 

 

QUESTION 30  (Topic 0)

 

Which rule base would detect the use of nmap on a network?

 

A.

exempt

B.

backdoor

C.

SYN protector

D.

traffic anomalies

 

Answer: D

 

Free VCE & PDF File for Juniper JN0-541 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in JN0-541 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.