JN0-541 Online Practice Questions and Answers

You can remotely administer the IDP sensor using which two methods? (Choose two.)

A. theWebUI ACM over HTTPS

B. theWebUI ACM over HTTP

C. an SSH connection

D. a telnet connection

Which account do you use to login when connecting to a sensor using SSL?

A. super

B. netscreen

C. admin

D. root

In which two ways can you view the IP address of a sensor's eth0 interface? (Choose two.)

A. ipconfig

B. ACM

C. the Security Manager GUI

D. tcpdump

What is "a signature or protocol anomaly combined with context information"?

A. attack object

B. context

C. attack signature

D. protocol anomaly

Exhibit: In order to obtain attack information so that you can create a new attack object definition, you must follow certain steps. Given the steps displayed in the exhibit, assume you have acquired a packet capture of the attack. What is the correct order for these steps?

A. e, c, d, b, a

B. e, c, a, d, b

C. d, e, c, a, b

D. e, c, d, a, b

Which method of detection does IDP Sensor use to detect a network scan or portscan?

A. DOS Detection

B. Traffic Anomaly

C. Protocol Anomaly

D. Backdoor Detection

What is the advantage of defining the Service field in a rule for a specific server?

A. it allows you to permit and deny specific services.

B. It allows you to drop traffic that does not match the service.

C. There is no advantage to defining the Service field in any rule.

D. It makes the rule more efficient, allowing IDP to only match attacks against services that would actually affect that server.

How can you create a quick report?

A. right-click on an entry in the Log Investigator

B. right-click on a predefined report

C. right-click on an entry in the Log Viewer

D. Quick reports are available in the Dashboard only.

What three statements about logging are true? (Choose three.)

A. When the communication is restored between the IDP Sensor and IDP Management Server, the IDP Sensor automatically reports any cached log messages to the Management Server.

B. If the communication between the IDP Sensor and IDP Management Server is down, the IDP Sensor will cache logs locally.

C. When the communication is restored between the IDP Sensor and IDP Management Server, the administrator must manually download the logs.

D. Log messages are forwarded from IDP Sensor to IDP Management Server in real time.

Which IDP Sensors support High-Availability? (Choose three.)

A. NetScreen IDP-500

B. IDP-10

C. NetScreen IDP-100

D. NetScreen IDP-1000