jn0-541 Free Braindumps.

Juniper Networks jn0-541 Braindumps Introduction: Ultimate resource for jn0-541 Braindumps
Juniper Networks jn0-541 Braindumps
jn0-541 Exam Intro:
Juniper Networks IDP, Associate(JNCIA-IDP) (JNCIA
) Passing Score: Marks range from 300-1000 (last known passing score 849/1000)
Number of Questions: 45-80 Questions in 90 minutes

Juniper Networks IDP, Associate(JNCIA-IDP) (JNCIA
)

　
　
Exam : Juniper JN0-541
Title : Juniper IDP, Associate(JNCIA-IDP)

1. Which OSI layer(s) of a packet does the IDP sensor examine?
A. layers 2-4
B. layers 2-7
C. layers 4-7
D. layer 7 only
Answer: B

2. Which interface does IDP use to communicate with Security Manager?
A. eth0
B. eth1
C. HA port
D. console port
Answer: A

3. Click the Exhibit button.
In the exhibit, which sensor command would have produced this display?
A. sctop "t" option
B. sctop "s" option
C. scio policy list s0
D. scio subs qmodules s0
Answer: A

4. If the power is lost to an IDP sensor, which feature allows the traffic to continue to flow through the device?
A. NIC bypass
B. stateful inspection
C. peer port modulation
D. protocol anomaly detection
Answer: A

5. Which TCP port is used for communication between ACM and an IDP sensor?
A. 80
B. 443
C. 7800
D. 7801
Answer: B

6. In which three situations would you create a compound attack object? (Choose three.)
A. When attack objects must occur in a particular order.
B. When one of the attack objects is a protocol anomaly.
C. You have at least two attack objects that define a single attack.
D. When the pattern needs to be defined using a stream 256 context.
E. When the pattern "@@@@@@@@" and context "ftp-get-filename" completely define the attack.
Answer: ABC

7. You implement Traffic Anomaly detection and you find numerous alerts of port scans from your security auditing team that you want to ignore. You create an address book entry for the security audit team specifying the IP addresses of those machines.
What should you do next?
A. Create a rule at the top of the Traffic Anomaly rulebase to ignore traffic from security audit team.
B. Create an exempt rule for the security audit team in the Exempt rulebase to ignore Traffic Anomalies.
C. Create a rule at the top of the IDP rulebase to ignore traffic from security audit team, and make this a terminal rule.
D. Create a rule at the top of the Traffic Anomaly rule base to ignore traffic from security audit team, and make this a terminal rule.
Answer: A

8. Which three functions does the IDP sensor perform? (Choose three.)
A. detects new hosts on the network
B. displays logs in Security Manager GUI
C. performs attack detection and prevention
D. forwards logs and status messages to Security Manager server
Answer: ACD

9. Which TCP port is used for communication between Security Manager and an IDP sensor?
A. 443
B. 7800
C. 7801
D. 7803
Answer: D

10. You want Enterprise Security Profiler (ESP) to generate a message when a new host is detected on a network.
Which two steps must you perform? (Choose two.)
A. Start or restart the profiler process.
B. Configure ESP to enable alerts for new host detected.
C. Configure ESP to enable application profiling, and select the contexts to profile.
D. Under the Violation Viewer tab, create a permitted object, select that object, and then click Apply.
Answer: AB

11. Which three statements are true as they relate to a transparent mode IDP deployment? (Choose three.)
A. Can actively prevent attacks on all traffic.
B. An IP address must be defined on each forwarding interface.
C. Can be installed in the network without changing IP addresses or routes.
D. Uses paired ports, such that packets arriving on one port go out the other associated port.
Answer: ACD

12. What is "a deviation from a protocol’s expected behavior or packet format"?
A. context
B. attack signature
C. protocol anomaly
D. compound attack object
Answer: C