Which three actions must be taken prior to deploying an IDP Sensor in a network? (Choose three.)
A. An IP address must be defined on all forwarding interfaces.
B. IDP Sensor must be configured with the ACM and assigned a Management IP address.
C. A Security Policy must be configured for this IDP Sensor.
D. The IDP Sensor object must be configured in the IDP Management Server.
What is the function of a Compound Attack Object?
A. looks for multiple occurrences of the same attack
B. combines multiple attacks in a singlerulebase
C. combines multiple attack signatures objects or anomalies objects into a single attack object
D. allows you to take custom actions based on combinations of attacks
You implement all HTTP Signatures for your Web Server and notice an alert is generated each time a web user accesses the SQL database with the default passwords. Your webmaster does not want to reprogram the page to use valid SQL passwords. How do you disable alerting on this False Positive?
A. create an Exempt rule for any traffic destined to your Web Server, include all HTTP:LOW level attacks; make this a Terminal rule
B. create an Exempt rule for any traffic destined to your Web Server, include only the specific HTTP SQL default password signature
C. create an Exempt rule for any traffic destined to your Web Server, include all HTTP:LOW level attacks
D. create an Exempt rule for any traffic generated by your Webserver, include only the specific HTTP SQL default password signature
Which command from the IDP Sensor CLI can be used to display the sensor statistics, the policy information, and mode of s ensor deployment?
A. sctop -s option
B. scio list s0 sensor stat
C. scio sensor stat
D. sensor statistics can be displayed only from the UI
Which three statements are true about Compound Attack Objects? (Choose three.)
A. The maximum number of objects is limited to 32.
B. All entries must use the same protocol for service binding.
C. You can create custom signatures within the Compound Attack Object.
D. For a Compound Attack Object to match, only one Attack Object must match.
What is the advantage of defining the Service field in a rule for a specific server?
A. it allows you to permit and deny specific services.
B. It allows you to drop traffic that does not match the service.
C. There is no advantage to defining the Service field in any rule.
D. It makes the rule more efficient, allowing IDP to only match attacks against services that would actually affect that server.
What are two differences between Action and IP Action? (Choose two.)
A. Action responds to matching traffic by dropping, or closing current attacking packets or connection.
B. IP Action responds to matching traffic by dropping, or closing current attacking packets or connection.
C. Action responds to future traffic based on a previous match by blocking or dropping future connections.
D. IP Action responds to future traffic based on a previous match by blocking or closing future connections.
What are two ways to verify that your rules in the Security Policies are not being shadowed? (Choose two.)
A. You can verify your security policy from the CLI of the Sensor.
B. You can verify your security policy from the IDP User Interface.
C. IDP Management Server can verify your Security policy automatically from the CLI of the Management Server.
D. You must manually verify your rules by hand to ensure they do not shadow each other.
What is the function of a Dynamic Attack Object Group?
A. groups together only user-defined Attack Objects
B. a group of Predefined Attack Groups created automatically by Juniper IDP
C. creates a custom grouping of Attack Objects that are not changed during Signature Update
D. creates a custom grouping of attacks, which are automatically updated during Signature Update
What is the function of an IP action?
A. modifies the IP Header to prevent the attack
B. modifies the IP Header to redirect the attack
C. permits or denies the traffic, based on the IP Header
D. blocks subsequent connections from specific IP addresses
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-541 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.