Juniper JNCIA JN0-541 Questions & Answers

• Question 211:

  Exhibit:

  

  You work as an administrator at Certkiller .com. Study the exhibit carefully. In the exhibit, which SYN protector mode is the IDP using?

  A. passive

  B. handshake

  C. relay

  D. protective

  Correct Answer: A

• Question 212:

  You update your attack object database on Security Manager. What must you do before the new attack objects become active on the IDP sensors?

  A. You install the updated security policy on the IDP sensor.

  B. No changes are required.

  C. You must restart the IDP sensor.

  D. You must restart the IDP processes on the IDP sensors.

  Correct Answer: A

• Question 213:

  What is one use of an IP action?

  A. It blocks subsequent connections from specific IP addresses.

  B. It modifies the IP header to redirect the attack.

  C. It modifies the IP header to prevent the attack.

  D. It permits or denies the traffic, based on the IP header.

  Correct Answer: A

• Question 214:

  Which statement about the Enterprise Security Profiler (ESP) is true?

  A. The ESP must be configured and started using the IDP sensor CLI before it is used.

  B. The administrator must manually initiate Security Manager to sensor polling to retrieve ESP data.

  C. The ESP must be configured and started on each IDP sensor manually, using the Security Manager GUI.

  D. The ESP is started by default in IDP version 4.0 or newer.

  Correct Answer: C

• Question 215:

  Which statement is true about packet capture in the IDP sensor?

  A. The Log Viewer has no indication of whether a log message has associated packet captures.

  B. You can only log packets after an attack packet.

  C. You can configure a particular number of packets to capture before and after an attack.

  D. Packet capture records all packets flowing through the sensor.

  Correct Answer: C

• Question 216:

  Which command on the IDP sensor CLI can be used to display the sensor statistics, which policy is installed, and mode of sensor deployment?

  A. sctop "s" option

  B. sensor statistics can only be displayed from Security Manager GUI

  C. scio list s0 sensor stat

  D. scio sensor stat

  Correct Answer: A

• Question 217:

  Which TCP port is used for communication between Security Manager and an IDP sensor?

  A. 7801

  B. 7800

  C. 7803

  D. 443

  Correct Answer: C

• Question 218:

  Which statement is true regarding IDP rule matching on a sensor?

  A. Each rule in the IDP rule base that matches on the source IP, destination IP, and service will be processed further.

  B. Each rule in the IDP rule base that matches on the source IP, destination IP, and service will be processed further, unless the particular rule is terminal.

  C. Each rule in the IDP rule base that matches on the source IP, destination IP, service, and attack object will be processed further.

  D. Each rule in the IDP rule base that matches on the source IP, destination IP, service, and attack object will be processed further, unless the particular rule is terminal.

  Correct Answer: B

• Question 219:

  Which type of cable do you use for a console connection to an IDP sensor?

  A. CAT 5 cable

  B. Juniper proprietary cable

  C. straight-through serial cable

  D. null-modem cable

  Correct Answer: D

• Question 220:

  Which rule base would detect the use of nmap on a network?

  A. SYN protector

  B. traffic anomalies

  C. backdoor

  D. exempt

  Correct Answer: B