JN0-541 Online Practice Questions and Answers

Which statement is true about the attack object database update process?

A. Each sensor updates its own attack object database automatically; however they must be able to access the Juniper site on TCP port 443.

B. The attack object database update must be manually performed by the administrator, and the administrator must manually install it on each sensor.

C. The attack object database update can be initiated manually or automatically.

D. The attack object database update can be automatically scheduled to occur using the Security Manager GUI.

Which statement is true regarding IDP rule matching on a sensor?

A. Each rule in the IDP rule base that matches on the source IP, destination IP, and service will be processed further.

B. Each rule in the IDP rule base that matches on the source IP, destination IP, and service will be processed further, unless the particular rule is terminal.

C. Each rule in the IDP rule base that matches on the source IP, destination IP, service, and attack object will be processed further.

D. Each rule in the IDP rule base that matches on the source IP, destination IP, service, and attack object will be processed further, unless the particular rule is terminal.

What is one use of an IP action?

A. It blocks subsequent connections from specific IP addresses.

B. It modifies the IP header to redirect the attack.

C. It modifies the IP header to prevent the attack.

D. It permits or denies the traffic, based on the IP header.

You update your attack object database on Security Manager. What must you do before the new attack objects become active on the IDP sensors?

A. You install the updated security policy on the IDP sensor.

B. No changes are required.

C. You must restart the IDP sensor.

D. You must restart the IDP processes on the IDP sensors.

Which three statements are true as they relate to a transparent mode IDP deployment? (Choose three.)

A. Can actively prevent attacks on all traffic.

B. Can be installed in the network without changing IP addresses or routes.

C. Uses paired ports, such that packets arriving on one port go out the other associated port.

D. An IP address must be defined on each forwarding interface.

Which three fields in a packet must match an IDP rule before that packet is examined for an attack? (Choose three.)

A. destination address

B. service

C. terminate match

D. source address

E. attack object

Which three are assigned as a result of running EasyConfig? (Choose three.)

A. sensor eth1 IP address

B. sensor default gateway

C. sensor HA configuration

D. sensor eth0 IP address

E. sensor deployment mode

What is the default admin account password on the sensor?

A. juniper01

B. password

C. admin

D. abc123

Which two statements about disk management on the IDP Sensor are true?

A. IDP Management Server can be configured to send disk space alerts.

B. If the IDP Sensor disk is full, the IDP Sensor will not store any additional logs or packet captures.

C. If the IDP Sensor disk is full IDPSensore starts oldest log entries first, and packet captures second.

D. If the IDP Management Server disk is full, the oldest packet captures are purged first, and the log messages are purged second.

What are two ways to verify that your rules in the Security Policies are not being shadowed? (Choose two.)

A. You can verify your security policy from the CLI of the Sensor.

B. You can verify your security policy from the IDP User Interface.

C. IDP Management Server can verify your Security policy automatically from the CLI of the Management Server.

D. You must manually verify your rules by hand to ensure they do not shadow each other.

Which command from the IDP Sensor CLI can be used to display the sensor statistics, the policy information, and mode of s ensor deployment?

A. sctop -s option

B. scio list s0 sensor stat

C. scio sensor stat

D. sensor statistics can be displayed only from the UI

What should you do to build effective security policies?

A. create specific rules for critical servers first, which look for attacks that are relevant to those servers (such as HTTP attacks onWebservers); DO NOT make these rules Terminate Match

B. create specific rules for critical servers first, which look for attacks that are relevant to those servers (such as HTTP attacks onWebservers); make these rules Terminate Match

C. create an Any/Any rule to look for all attacks and make this rule#1; DO NOT select Terminate Match

D. create an Any/Any rule to look for all attacks and make this rule#1; select Terminate Match

Which three statements are true about ESP? (Choose three.)

A. ESP indicates when new hosts or protocols are being used.

B. ESP provides a summary of protocols and contexts on each host.

C. ESP indicates when a specific machine has been attacked.

D. ESP indicates which hosts are talking with each other, and which protocols are being used.

How can you monitor real-time IP flows through the IDP Sensor?

A. use the IDP UI Dashboard

B. use the CLI utilitysctop

C. use the IDP UI Traffic Logs

D. enable "debug flow basic" on the IDP Sensor

What are three configuration options for ESP? (Choose three.)

A. Network Interfaces

B. Profiles

C. Tracked Hosts

D. Exclusions